Add test user seed, password validation, and pre-commit security hook
- backend/scripts/seed.py: creates test@example.com on dev startup - backend/scripts/start_dev.sh: runs migrations + seed + uvicorn --reload - backend/app/schemas/user.py: password validator (length, case, digit, special char, forbidden words) - scripts/security_check.py: Docker-based scanner for secrets, dangerous patterns, weak crypto, bandit - .githooks/pre-commit: runs security_check.py in python:3.12-slim on every commit Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
curo1305
@@ -16,6 +16,9 @@ A fullstack SaaS web application built with FastAPI, React, and PostgreSQL.
|
||||
- Protected dashboard route
|
||||
- `/api/users/me` — authenticated user info
|
||||
- 3 separate Docker containers: `db` (PostgreSQL), `backend` (FastAPI), `frontend` (nginx)
|
||||
- Dev environment seeds a test user automatically on startup (`test@example.com` / `Test123!`)
|
||||
- Password policy: min 8 chars, upper + lowercase, digit, special character, no common words
|
||||
- Pre-commit security hook (`scripts/security_check.py`) runs inside Docker on every commit
|
||||
|
||||
## Containers
|
||||
|
||||
|
||||
Reference in New Issue
Block a user