rene/banyaro
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
banyaro/backend
History
rene 15f854d96c Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 
Security (9 Fixes):
- JWT_SECRET Pflicht-Check beim Start (Production)
- Rate-Limit: Login (10/5min), Register (5/h), KI-Training (10/h), Giftköder (3/h)
- KI-Training-Endpoint: Auth-Pflicht hinzugefügt
- Private Profile aus Freunde-Suche gefiltert
- OG-Tags XSS mit html.escape() gesichert
- Globales File-Upload-Limit 20 MB (Middleware)
- E-Mail-Maskierung für Moderatoren im Admin-Panel
- IP-Blocklist in ratelimit.py

Content-Schutz (4 Schichten):
- robots.txt: /api/ komplett Disallow, SSR-Seiten Allow
- Rate-Limit auf /api/wiki/rassen (60/min) + Detail (30/min)
- Honeypot /api/wiki/trap + unsichtbarer Link in index.html
- Wasserzeichen in KI-Enricher-Prompt

Wiki Temperament-Migration:
- 60-Wort Übersetzungsmap EN→DE
- Datenmüll-Filter (hunderasse, dog breed etc.)
- translate_existing_temperaments() + Admin-Button
- SW by-v318, APP_VER 306
2026-04-23 18:34:05 +02:00
..
routes Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 2026-04-23 18:34:05 +02:00
scraper Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 2026-04-23 18:34:05 +02:00
static Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 2026-04-23 18:34:05 +02:00
auth.py Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 2026-04-23 18:34:05 +02:00
database.py Session 2026-04-21: SEO, Wiki-Anreicherung, Training, Lober 2026-04-21 19:38:20 +02:00
generate_thumbs.py Session 2026-04-20: Medien-Konvertierung, Umami Analytics, Username/Privacy 2026-04-20 18:36:58 +02:00
ki.py Session 2026-04-22: Training, Fixes, KI-Cloud, Dark-Mode 2026-04-22 19:41:22 +02:00
mailer.py Fix: Brevo Open-Tracking für transaktionale Mails deaktivieren 2026-04-17 09:29:09 +02:00
main.py Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 2026-04-23 18:34:05 +02:00
media_utils.py Session 2026-04-20: Medien-Konvertierung, Umami Analytics, Username/Privacy 2026-04-20 18:36:58 +02:00
migrate_media.py Session 2026-04-20: Medien-Konvertierung, Umami Analytics, Username/Privacy 2026-04-20 18:36:58 +02:00
ratelimit.py Session 2026-04-23: Security, Content-Schutz, Wiki-Temperament-Migration 2026-04-23 18:34:05 +02:00
requirements.txt Feat: APScheduler — täglich Push für Health-Erinnerungen 2026-04-13 20:49:49 +02:00
scheduler.py Session 2026-04-22: Training, Fixes, KI-Cloud, Dark-Mode 2026-04-22 19:41:22 +02:00
username_blocklist.py Session 2026-04-20: Medien-Konvertierung, Umami Analytics, Username/Privacy 2026-04-20 18:36:58 +02:00
weather.py Sprint 11: Freunde & Chat + Phosphor-Icon-Vollmigration 2026-04-15 21:33:53 +02:00