"Refactor frontend styling using Tailwind CSS"

2025-05-26 10:16:09 +02:00
parent e747ac945c
commit 02aeec4cf0
3 changed files with 58 additions and 12 deletions
--- a/backend/app/config/settings.py
+++ b/backend/app/config/settings.py
@@ -36,7 +36,7 @@ SESSION_LIFETIME = timedelta(days=7)
 SSL_ENABLED = True
 SSL_CERT_PATH = "instance/ssl/myp.crt"
 SSL_KEY_PATH = "instance/ssl/myp.key"
-SSL_HOSTNAME = "raspberrypi"
+SSL_HOSTNAME = "localhost"

 # Scheduler-Konfiguration
 SCHEDULER_INTERVAL = 60  # Sekunden
@@ -130,7 +130,7 @@ def create_simple_ssl_cert():
        # Generiere privaten Schlüssel
        private_key = rsa.generate_private_key(
            public_exponent=65537,
-            key_size=2048,
+            key_size=4096,  # Stärkere Schlüsselgröße
        )

        # Schreibe privaten Schlüssel
@@ -141,9 +141,18 @@ def create_simple_ssl_cert():
                encryption_algorithm=NoEncryption()
            ))

-        # Erstelle Zertifikat
+        # Aktuelles Datum und Ablaufdatum berechnen
+        now = datetime.datetime.now()
+        valid_until = now + datetime.timedelta(days=3650)  # 10 Jahre gültig
+
+        # Erstelle Zertifikat mit erweiterten Attributen
        subject = issuer = x509.Name([
            x509.NameAttribute(NameOID.COMMON_NAME, SSL_HOSTNAME),
+            x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Mercedes-Benz AG"),
+            x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, "Werk 040 Berlin"),
+            x509.NameAttribute(NameOID.COUNTRY_NAME, "DE"),
+            x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "Berlin"),
+            x509.NameAttribute(NameOID.LOCALITY_NAME, "Berlin")
        ])

        cert = x509.CertificateBuilder().subject_name(
@@ -155,19 +164,43 @@ def create_simple_ssl_cert():
        ).serial_number(
            x509.random_serial_number()
        ).not_valid_before(
-            datetime.datetime.utcnow()
+            now
        ).not_valid_after(
-            datetime.datetime.utcnow() + datetime.timedelta(days=365)
+            valid_until
        ).add_extension(
-            x509.SubjectAlternativeName([x509.DNSName(SSL_HOSTNAME)]),
+            x509.SubjectAlternativeName([
+                x509.DNSName(SSL_HOSTNAME), 
+                x509.DNSName("localhost"),
+                x509.IPAddress(socket.inet_aton("127.0.0.1"))
+            ]),
            critical=False,
+        ).add_extension(
+            x509.BasicConstraints(ca=True, path_length=None), critical=True
+        ).add_extension(
+            x509.KeyUsage(
+                digital_signature=True,
+                content_commitment=False,
+                key_encipherment=True,
+                data_encipherment=False,
+                key_agreement=False,
+                key_cert_sign=True,
+                crl_sign=True,
+                encipher_only=False,
+                decipher_only=False
+            ), critical=True
+        ).add_extension(
+            x509.ExtendedKeyUsage([
+                x509.oid.ExtendedKeyUsageOID.SERVER_AUTH,
+                x509.oid.ExtendedKeyUsageOID.CLIENT_AUTH
+            ]), critical=False
        ).sign(private_key, hashes.SHA256())

        # Schreibe Zertifikat
        with open(SSL_CERT_PATH, "wb") as f:
            f.write(cert.public_bytes(Encoding.PEM))
        
-        print(f"Einfaches selbstsigniertes Zertifikat erstellt: {SSL_CERT_PATH}")
+        print(f"Verbessertes selbstsigniertes Zertifikat erstellt: {SSL_CERT_PATH}")
+        print(f"Gültig bis: {valid_until.strftime('%d.%m.%Y')}")
        
    except ImportError:
        print("Konnte keine SSL-Zertifikate erstellen: cryptography-Paket nicht installiert")