"Feature: Add environment variables example and monitoring script"

2025-05-23 07:27:14 +02:00
parent 9f6219832c
commit 6751e4a54b
7 changed files with 803 additions and 37 deletions
--- a/backend/config.py
+++ b/backend/config.py
@@ -33,6 +33,18 @@ class Config:
    # Drucker-Konfiguration
    PRINTERS = os.environ.get('PRINTERS', '{}')
    
+    # API-Konfiguration
+    API_KEY = os.environ.get('API_KEY')
+    
+    # Rate Limiting
+    RATE_LIMIT_ENABLED = True
+    MAX_REQUESTS_PER_MINUTE = int(os.environ.get('MAX_REQUESTS_PER_MINUTE', '100'))
+    RATE_LIMIT_WINDOW_MINUTES = int(os.environ.get('RATE_LIMIT_WINDOW_MINUTES', '15'))
+    
+    # Security
+    SECURITY_ENABLED = True
+    MAX_CONTENT_LENGTH = 16 * 1024 * 1024  # 16MB
+    
    @staticmethod
    def init_app(app):
        """Initialisierung der Anwendung mit der Konfiguration."""
@@ -50,6 +62,10 @@ class DevelopmentConfig(Config):
    # Kürzere Job-Check-Intervalle für schnellere Entwicklung
    JOB_CHECK_INTERVAL = int(os.environ.get('JOB_CHECK_INTERVAL', '30'))
    
+    # Weniger strikte Sicherheit in Development
+    SECURITY_ENABLED = False
+    RATE_LIMIT_ENABLED = False
+    
    @staticmethod
    def init_app(app):
        Config.init_app(app)
@@ -76,6 +92,14 @@ class ProductionConfig(Config):
    # Längere Job-Check-Intervalle für bessere Performance
    JOB_CHECK_INTERVAL = int(os.environ.get('JOB_CHECK_INTERVAL', '60'))
    
+    # Produktions-Sicherheit
+    SECURITY_ENABLED = True
+    RATE_LIMIT_ENABLED = True
+    MAX_REQUESTS_PER_MINUTE = int(os.environ.get('MAX_REQUESTS_PER_MINUTE', '60'))
+    
+    # HTTPS-Enforcement (wenn verfügbar)
+    FORCE_HTTPS = os.environ.get('FORCE_HTTPS', 'False').lower() == 'true'
+    
    @staticmethod
    def init_app(app):
        Config.init_app(app)
@@ -111,8 +135,29 @@ class ProductionConfig(Config):
        error_handler.setLevel(logging.ERROR)
        app.logger.addHandler(error_handler)
        
+        # Security-Logging
+        security_handler = RotatingFileHandler(
+            'logs/security.log',
+            maxBytes=Config.LOG_MAX_BYTES,
+            backupCount=Config.LOG_BACKUP_COUNT
+        )
+        security_handler.setFormatter(logging.Formatter(
+            '%(asctime)s SECURITY %(levelname)s: %(message)s [%(name)s]'
+        ))
+        security_handler.setLevel(logging.WARNING)
+        
+        # Security-Logger
+        security_logger = logging.getLogger('security')
+        security_logger.addHandler(security_handler)
+        security_logger.setLevel(logging.WARNING)
+        
        app.logger.setLevel(logging.INFO)
        app.logger.info('MYP Backend starting in production mode')
+        
+        # Sicherheits-Middleware registrieren
+        if app.config.get('SECURITY_ENABLED', True):
+            from security import security_middleware
+            security_middleware.init_app(app)

 class TestingConfig(Config):
    """Konfiguration für die Testumgebung."""
@@ -132,6 +177,10 @@ class TestingConfig(Config):
    # Kürzere Job-Check-Intervalle für Tests
    JOB_CHECK_INTERVAL = 5
    
+    # Deaktiviere Sicherheit für Tests
+    SECURITY_ENABLED = False
+    RATE_LIMIT_ENABLED = False
+    
    @staticmethod
    def init_app(app):
        Config.init_app(app)