feat(security): harden for production deployment

- auth: first registered user becomes superadmin (active immediately)
- entrypoint: no longer seeds demo data in prod (opt-in via RUN_SEED=1)
- config: refuse to boot in prod with weak/placeholder SECRET_KEY (<32 chars)
- main: restrict CORS to FRONTEND_URL only in prod (localhost dev-only)
- seed_db: block prod seeding, read passwords from env, stop printing them
- login: remove demo account credentials from UI

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
Claude Agent
2026-06-25 19:44:20 +00:00
parent 953f3121cf
commit 7ce430cc1d
7 changed files with 94 additions and 37 deletions

View File

@@ -35,9 +35,14 @@ Base.metadata.create_all(bind=engine)
app = FastAPI(title=settings.app_name)
# CORS middleware
# In production only the configured frontend is allowed; localhost is dev-only.
_allowed_origins = [settings.frontend_url]
if settings.debug:
_allowed_origins.append("http://localhost:5173")
app.add_middleware(
CORSMiddleware,
allow_origins=[settings.frontend_url, "http://localhost:5173"],
allow_origins=_allowed_origins,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],