You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
| Security Headers Middleware | Required | Not Implemented | Add headers such as `X-Content-Type-Options`, `X-Frame-Options` or CSP `frame-ancestors`, `Referrer-Policy`, and production CSP. |
494
-
| CORS Configuration | Required |Partial| CORS middleware exists, but production origins, methods, and headers should be environment-driven. |
494
+
| CORS Configuration | Required |Implemented| CORS origins, methods, and headers are environment-driven through settings. |
495
495
| Request ID Middleware | Required | Not Implemented | Add request/correlation ID generation and response header propagation. |
496
496
| Audit Logging | Required | Not Implemented | Add audit events for sensitive auth, user, role, permission, and todo mutations. |
497
497
| Structured Logging | Required | Not Implemented | Add structured application logs with request ID, method, path, status, latency, and user context when available. |
498
-
| Global Exception Handling | Required |Partial|Exception handlers exist, but `Exception` is registered twice; verify domain and fallback handling behavior. |
498
+
| Global Exception Handling | Required |Implemented|Domain exceptions are registered explicitly and `Exception` is used only as the fallback handler. |
499
499
| Input Validation | Required | Implemented | Pydantic schemas and application validation functions are used across user and todo flows. |
500
500
| Password Hashing (Argon2 or bcrypt) | Required | Implemented | User auth service uses bcrypt hashing. |
501
501
| Account Lockout | Required | Not Implemented | Add failed-login tracking and temporary lockout or throttling by account. |
502
502
| Token Revocation | Required | Implemented | Refresh tokens are revoked on rotation/logout, and access tokens are denylisted in Redis until expiry. |
503
-
| OpenAPI Authentication | Required |Partial| Swagger OAuth2 auth is configured, but `/docs`, `/redoc`, and `/openapi.json`are public; disable them in production or protect them with authentication. |
503
+
| OpenAPI Authentication | Required |Implemented| Swagger OAuth2 auth is configured, and docs/OpenAPI endpoints are disabled when `APP_ENV=production`. |
504
504
| Health Check Endpoint | Required | Implemented |`/health` endpoint returns service health. |
505
505
| Readiness/Liveness Endpoints | Required | Not Implemented | Add separate readiness and liveness endpoints for deployment orchestration. |
| Idempotency Support (for applicable POST endpoints) | Optional but valuable | Not Implemented | Consider idempotency keys for retry-safe create/payment-like workflows. |
508
508
| Database Migrations | Required | Implemented | Alembic is configured with migration commands in the README and Makefile. |
| Configuration via Environment Variables | Required |Partial| Pydantic settings read `.env`, but production validation should reject unsafe defaults. |
510
+
| Configuration via Environment Variables | Required |Implemented| Pydantic settings read `.env` and reject the default secret key in production. |
511
511
512
512
### Next Implementation Checklist
513
513
514
-
-[] Fix and verify rate limit configuration wiring.
514
+
-[x] Fix and verify rate limit configuration wiring.
515
515
-[ ] Add security headers middleware.
516
516
-[ ] Add request ID middleware.
517
517
-[ ] Add structured request logging.
518
518
-[ ] Add audit logging for sensitive actions.
519
519
-[ ] Add account lockout or equivalent failed-login protection.
520
-
-[] Disable or authenticate `/docs`, `/redoc`, and `/openapi.json` in production.
520
+
-[x] Disable or authenticate `/docs`, `/redoc`, and `/openapi.json` in production.
521
521
-[ ] Add readiness and liveness endpoints.
522
-
-[] Add production config validation for secrets and unsafe defaults.
523
-
-[] Harden CORS through environment-driven allowed origins, methods, and headers.
522
+
-[x] Add production config validation for secrets and unsafe defaults.
523
+
-[x] Harden CORS through environment-driven allowed origins, methods, and headers.
524
524
-[ ] Review exception responses to avoid leaking token parsing details or internal exception messages.
0 commit comments