Add test user seed, password validation, and pre-commit security hook

- backend/scripts/seed.py: creates test@example.com on dev startup - backend/scripts/start_dev.sh: runs migrations + seed + uvicorn --reload - backend/app/schemas/user.py: password validator (length, case, digit, special char, forbidden words) - scripts/security_check.py: Docker-based scanner for secrets, dangerous patterns, weak crypto, bandit - .githooks/pre-commit: runs security_check.py in python:3.12-slim on every commit Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-12 15:54:23 +02:00
parent 2351b489fe
commit 61cef2eacd
9 changed files with 323 additions and 2 deletions
@@ -0,0 +1,34 @@
+"""Create a test user for the dev environment if it doesn't exist yet."""
+
+import asyncio
+
+from sqlalchemy import select
+
+from app.core.security import hash_password
+from app.database import AsyncSessionLocal
+from app.models.user import User
+
+TEST_EMAIL = "test@example.com"
+TEST_PASSWORD = "Test123!"
+TEST_NAME = "Test User"
+
+
+async def seed() -> None:
+    async with AsyncSessionLocal() as db:
+        result = await db.execute(select(User).where(User.email == TEST_EMAIL))
+        if result.scalar_one_or_none():
+            print(f"[seed] test user already exists: {TEST_EMAIL}")
+            return
+
+        user = User(
+            email=TEST_EMAIL,
+            hashed_password=hash_password(TEST_PASSWORD),
+            full_name=TEST_NAME,
+        )
+        db.add(user)
+        await db.commit()
+        print(f"[seed] created test user — email: {TEST_EMAIL}  pwd: {TEST_PASSWORD}")
+
+
+if __name__ == "__main__":
+    asyncio.run(seed())