Adriano/TieMeasureFlow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
dd2ebf863ab86e0389ccec04d42451e5da851786
TieMeasureFlow/server/main.py
T
Adriano dd2ebf863a feat: FASE 7 - Polish & Testing (security, i18n, test suite, docs) 
Security hardening: CORS lockdown, rate limiting middleware con sliding
window e eviction IP stale, security headers (CSP, HSTS, X-Frame-Options),
session cookie hardening, filename sanitization upload.

i18n completion: internazionalizzati barcode.js e csv-export.js con bridge
window.BARCODE_I18N/CSV_I18N, aggiornati .po IT/EN con 27 nuove stringhe.

Tablet UX: touch target 44px per dispositivi coarse pointer.

Test suite: 101 test totali (76 server + 25 client), copertura completa
di tutti i router API, autenticazione, ruoli, CRUD, SPC, file upload,
security integration. Infrastruttura SQLite async in-memory con fixtures.

Fix critici: MissingGreenlet in recipe_service (selectinload eager),
route ordering tasks.py, auth_service bcrypt diretto, Measurement.id
Integer per SQLite.

Documentazione: API.md (riferimento completo 40+ endpoint),
DEPLOYMENT.md (guida produzione con Docker/Nginx/SSL),
USER_GUIDE.md (manuale utente per ruolo).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-07 17:10:24 +01:00

78 lines
2.4 KiB
Python
Raw Blame History

"""TieMeasureFlow Server - FastAPI Entry Point."""
from contextlib import asynccontextmanager
from collections.abc import AsyncGenerator
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
from config import settings
from database import init_db
from middleware.logging import AccessLogMiddleware
from middleware.rate_limit import RateLimitMiddleware
from middleware.security_headers import SecurityHeadersMiddleware
from routers.auth import router as auth_router
from routers.users import router as users_router
from routers.recipes import router as recipes_router
from routers.tasks import router as tasks_router
from routers.measurements import router as measurements_router
from routers.files import router as files_router
from routers.settings import router as settings_router
from routers.reports import router as reports_router
from routers.statistics import router as statistics_router
@asynccontextmanager
async def lifespan(app: FastAPI) -> AsyncGenerator[None, None]:
"""Application lifespan: startup and shutdown events."""
# Startup
# Ensure upload directories exist
for subdir in ["images", "pdfs", "logos", "reports"]:
(settings.upload_path / subdir).mkdir(parents=True, exist_ok=True)
yield
# Shutdown (cleanup if needed)
app = FastAPI(
title="TieMeasureFlow API",
description="API per gestione task misurazioni con calibro manuale",
version="0.1.0",
lifespan=lifespan,
)
# Rate limiting middleware (outermost - checked first)
app.add_middleware(RateLimitMiddleware)
# Security headers middleware
app.add_middleware(SecurityHeadersMiddleware)
# CORS middleware
app.add_middleware(
CORSMiddleware,
allow_origins=settings.cors_origins,
allow_credentials=True,
allow_methods=["GET", "POST", "PUT", "DELETE", "OPTIONS"],
allow_headers=["Content-Type", "X-API-Key", "Accept"],
)
# Access logging middleware
app.add_middleware(AccessLogMiddleware)
# Register routers
app.include_router(auth_router)
app.include_router(users_router)
app.include_router(recipes_router)
app.include_router(tasks_router)
app.include_router(measurements_router)
app.include_router(files_router)
app.include_router(settings_router)
app.include_router(statistics_router)
app.include_router(reports_router)
@app.get("/api/health")
async def health_check() -> dict:
"""Health check endpoint."""
return {"status": "ok", "service": "TieMeasureFlow API", "version": "0.1.0"}
Reference in New Issue View Git Blame Copy Permalink