Pin versions, add resource limits, and harden config

- Pin all Docker image tags (mysql 8.0.40, python 3.12.13-slim, node 20.20.1-alpine, nginx 1.29.6-alpine) - Pin all frontend npm dependencies to exact versions (remove ^ ranges) - Add mem_limit and cpus resource limits to all three containers - Add non-root appuser to backend Dockerfile - Migrate JWT from python-jose to PyJWT - Remove default admin_password in config.py — must be explicitly set in .env - Add DOCS_ENABLED flag to config and .env.example (default false) - Add indexes on session_date, is_active, event_type in session models - Add limit/offset pagination to all log endpoints Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 00:01:32 -07:00
parent 3022bc328b
commit 663b506868
9 changed files with 45 additions and 21 deletions
--- a/backend/app/routers/logs.py
+++ b/backend/app/routers/logs.py
@@ -24,6 +24,8 @@ async def get_timeline(
    log_date: date | None = None,
    date_from: date | None = None,
    date_to: date | None = None,
+    limit: int = 500,
+    offset: int = 0,
    current_user: User = Depends(get_current_user),
    db: AsyncSession = Depends(get_db),
 ):
@@ -51,6 +53,7 @@ async def get_timeline(
    if date_to:
        query = query.where(DailySession.session_date <= date_to)

+    query = query.limit(limit).offset(offset)
    result = await db.execute(query)
    events = result.scalars().all()

@@ -133,6 +136,8 @@ async def get_strike_events(
    log_date: date | None = None,
    date_from: date | None = None,
    date_to: date | None = None,
+    limit: int = 500,
+    offset: int = 0,
    current_user: User = Depends(get_current_user),
    db: AsyncSession = Depends(get_db),
 ):
@@ -152,6 +157,7 @@ async def get_strike_events(
    if date_to:
        query = query.where(func.date(StrikeEvent.occurred_at) <= date_to)

+    query = query.limit(limit).offset(offset)
    result = await db.execute(query)
    events = result.scalars().all()
    return [
@@ -192,6 +198,8 @@ async def list_logs(
    log_date: date | None = None,
    date_from: date | None = None,
    date_to: date | None = None,
+    limit: int = 500,
+    offset: int = 0,
    current_user: User = Depends(get_current_user),
    db: AsyncSession = Depends(get_db),
 ):
@@ -210,7 +218,7 @@ async def list_logs(
    if date_to:
        query = query.where(ActivityLog.log_date <= date_to)

-    result = await db.execute(query)
+    result = await db.execute(query.limit(limit).offset(offset))
    return result.scalars().all()