rene/banyaro
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
banyaro/backend/routes
History
rene 1ff66a7083 Sicherheit + Tests + A11y, SW by-v1118 
PYDANTIC max_length (38 Routen, ~400 Field-Constraints):
Schützt vor DoS durch Riesen-Payloads (10MB Thread-Titel etc.).
Pragmatische Limits:
- Titel/Name: 200 · Beschreibung/Body: 10000 · Notiz: 5000
- Email: 254 (RFC 5321) · URL: 500 · Slug/Kategorie: 100
- Hund-Name/Rasse: 80 · Hund-Bio: 2000

Top-betroffen: forum.py, diary.py, health.py, dogs.py, expenses.py,
notes.py, auth.py, profile.py. Manuelle len()-Checks in profile,
chat, ki entfernt (jetzt durch Field abgedeckt).

PYTEST COVERAGE (+19 Tests, 37 grün + 1 xfail):
- test_security.py: require_owner (Places GET/PATCH/DELETE mit
  Fremduser → 403), JWT-Blacklist (Logout invalidiert Token),
  Login-Lockout (5 Fehlversuche → 429 + Retry-After Header)
- test_race.py: Invoice-Counter (20 parallele Threads, alle unique),
  Founder-Number (atomare Vergabe, voll bei 100)
- test_validation.py: Forum-Titel 30k Zeichen → 422, Diary-Text
  50k → 422 (verifiziert Pydantic max_length-Sweep)

A11Y (Tap-Targets ≥44×44 + Dark-Mode-Kontrast):
- #header-user-btn 36→44px, .header-back 40→44, .header-menu-btn 40→44
- dog-profile Wrapped-Slider Prev/Next 40→44
- forum-Lightbox Close 40→44
- --c-text-muted Light: #B0A090 (2.37:1 FAIL) → #7F6B58 (4.74:1 PASS)
- --c-text-muted Dark:  #806A58 (3.58:1 FAIL) → #A08878 (5.46:1 PASS)
- Branding-Farben unangetastet
2026-05-27 13:40:30 +02:00
..
__init__.py Sprint 0: Backend, Docker, KI-Layer mit Free/Premium-Trennung 2026-04-12 16:39:34 +02:00
achievements.py Feature: Hilfe/FAQ, Übungen-Content, Navigation-Fixes (SW by-v727) 2026-05-05 21:46:16 +02:00
admin.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
adoption.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
alerts.py Bündel 2: Zentrale Helper für DRY-Cleanup, SW by-v1114 2026-05-27 11:19:06 +02:00
auth.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
breeder.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
breeder_export.py Feature: Tierschutz-Check, KI-Züchter-Features, Export, SEO-Update 2026-04-28 19:49:54 +02:00
breeder_photos.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
challenges.py Feature: 3 Community-Features — Foto-Challenge, Stamm-Gassis, Rassen-Chip (SW by-v700) 2026-05-04 21:09:35 +02:00
chat.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
contact.py Feat: Kontaktformular im Impressum + /api/contact Endpoint ohne Auth (SW by-v986) 2026-05-15 16:46:37 +02:00
diary.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
dogs.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
ernaehrung.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
events.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
expenses.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
feedback.py Feature: User-Feedback, Regen-Uhrzeit im Wetter-Chip, Admin-Karten klickbar (SW by-v833) 2026-05-10 12:52:55 +02:00
forum.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
friends.py Feature+Fix: Referral-Admin, Pro-Gates, Karten-Layer, onDogChange, Staging-Media (SW by-v855) 2026-05-11 17:23:29 +02:00
gassi_zeiten.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
health.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
health_docs.py Feature: Sprint31 — 9 Features merged (Streak, Ausgaben, KI-Tierarzt, Rückrufe, Adoption, Vet+Befunde, Hundepass, Playdate, Rassenerkennung) 2026-05-02 09:29:48 +02:00
help.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
import_data.py Sprint 12+13: Tagebuch Day-One-Redesign, Notiz-Feature, Icon-Fixes, SW by-v405 2026-04-25 20:44:46 +02:00
invoices.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
jobs.py Chore: Sprint32-36 Zwischenstand — alle Änderungen aus dieser Session committen 2026-05-03 11:09:39 +02:00
ki.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
knigge.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
laeufi.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
litters.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
lost.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
moderation.py Chore: Sprint32-36 Zwischenstand — alle Änderungen aus dieser Session committen 2026-05-03 11:09:39 +02:00
movies.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
notes.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
notifications.py Badge-System: personal/general Split, Punkte ohne Zahl, SW by-v328 2026-04-24 08:39:41 +02:00
osm.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
outreach.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
partner.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
passport.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
places.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
playdate.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
poison.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
praise.py Session 2026-04-21: SEO, Wiki-Anreicherung, Training, Lober 2026-04-21 19:38:20 +02:00
profile.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
push.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
ratings.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
recalls.py Feature: Sprint31 — 9 Features merged (Streak, Ausgaben, KI-Tierarzt, Rückrufe, Adoption, Vet+Befunde, Hundepass, Playdate, Rassenerkennung) 2026-05-02 09:29:48 +02:00
routen.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
services.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
sharing.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
sitting.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
sitting_access.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
social.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
stats.py Feature: Stats-Band + Tagebuch-Einträge, km alle Routen (public+privat) 2026-05-15 18:34:03 +02:00
streak.py Chore: Sprint32-36 Zwischenstand — alle Änderungen aus dieser Session committen 2026-05-03 11:09:39 +02:00
tieraerzte.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
training.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
walks.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
weather.py Feature+Fix: Referral-Admin, Pro-Gates, Karten-Layer, onDogChange, Staging-Media (SW by-v855) 2026-05-11 17:23:29 +02:00
webcal.py WebCal: Tierarzt-Termine, Medikamenten-Enddaten, Hunde-Geburtstage ergänzt 2026-04-17 09:41:14 +02:00
widget.py Feature: Welten-Onboarding, Wetter-Motivation, UX-Fixes (SW by-v715) 2026-05-05 17:32:03 +02:00
wiki.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
zucht_hunde.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00
zucht_ki.py Sicherheit + Tests + A11y, SW by-v1118 2026-05-27 13:40:30 +02:00