SmartUp Developer
ad16618406
- CORS: replace wildcard with explicit origin list from CORS_ORIGINS env - Auth: enforce strong defaults, JWT blacklist (RevokedToken model), login rate limiting - Auth: validate password length before bcrypt (72-byte limit) - Scheduler: single-threaded worker to mitigate SQLite write contention - Scheduler: graceful shutdown (wait=True) - Snapshots: add prune_snapshots() with configurable retention count - Storage: isolate localStorage keys via VITE_APP_KEY prefix - Config: add cors_origins, login_rate_limit, snapshot_retention_count settings
31 lines
1001 B
Python
31 lines
1001 B
Python
from pydantic_settings import BaseSettings
|
|
from functools import lru_cache
|
|
|
|
|
|
class Settings(BaseSettings):
|
|
admin_email: str = "admin@smartup.local"
|
|
admin_password: str = ""
|
|
jwt_secret: str = ""
|
|
jwt_expire_hours: int = 24
|
|
cors_origins: str = "http://localhost:8899,http://127.0.0.1:8899"
|
|
login_rate_limit_attempts: int = 5
|
|
login_rate_limit_window_seconds: int = 300
|
|
snapshot_retention_count: int = 500
|
|
database_url: str = "sqlite:////app/data/app.db"
|
|
tz: str = "Asia/Shanghai"
|
|
# consecutive failures before upstream goes unhealthy
|
|
unhealthy_threshold: int = 3
|
|
browser_profiles_dir: str = "/app/data/browser-profiles"
|
|
browser_headless: bool = True
|
|
|
|
@property
|
|
def cors_origin_list(self) -> list[str]:
|
|
return [item.strip() for item in self.cors_origins.split(",") if item.strip()]
|
|
|
|
model_config = {"env_file": ".env", "case_sensitive": False, "extra": "ignore"}
|
|
|
|
|
|
@lru_cache
|
|
def get_settings() -> Settings:
|
|
return Settings()
|