chrishdx/FullStackTemplate
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Enhance security and validation in backend

Browse Source 
- Added helmet for security headers and configured content security policy
- Implemented CORS with a whitelist for allowed origins
- Introduced express-validator for input validation in API endpoints
- Set request size limits to prevent DoS attacks
- Added global error handling and 404 response
- Updated TypeScript configuration to use node16 module resolution
- Improved Docker Compose configuration for security and resource limits
- Created a comprehensive .env.example for environment configuration
- Implemented automated security scans in CI/CD with Trivy
- Added cleanup script for debugging ports
- Established a detailed security policy document
This commit is contained in:
Christian Schindler
2025-12-01 08:37:35 +01:00
parent b13e7d1228
commit 4a6b4a0ae8
20 changed files with 1296 additions and 764 deletions
Download Patch File Download Diff File Expand all files Collapse all files

350
.vscode/tasks.json vendored
View File

@@ -2,320 +2,80 @@
"version": "2.0.0",
"tasks": [
{
"label": "Install Backend Dependencies",
"label": "Clean Debug Ports",
"type": "shell",
"command": "npm",
"args": ["install"],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
}
"command": "bash ${workspaceFolder}/.vscode/cleanup-ports.sh",
"problemMatcher": []
},
{
"label": "Install Frontend Dependencies",
"label": "Wait for Backend Ready",
"type": "shell",
"command": "npm",
"args": ["install"],
"options": {
"cwd": "${workspaceFolder}/frontend"
},
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
}
"command": "bash -lc 'for i in {1..120}; do if (echo > /dev/tcp/127.0.0.1/3001) >/dev/null 2>&1; then exit 0; fi; sleep 1; done; echo \"Backend not ready on :3001\"; exit 1'",
"problemMatcher": []
},
{
"label": "🖥️ Backend",
"label": "Start Backend (watch + inspect)",
"type": "shell",
"command": "npm",
"args": ["run", "dev"],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"group": "build",
"command": "npx tsx watch --inspect=9229 ./src/index.ts",
"isBackground": true,
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "dedicated",
"group": "dev",
"showReuseMessage": false
},
"problemMatcher": {
"pattern": {
"regexp": "^.*$",
"file": 1,
"location": 2,
"message": 3
},
"background": {
"activeOnStart": true,
"beginsPattern": "^.*ts-node-dev.*$",
"endsPattern": "^🚀 Backend Server läuft auf Port \\d+$"
}
}
},
{
"label": "🌐 Frontend",
"type": "shell",
"command": "npm",
"args": ["start"],
"options": {
"cwd": "${workspaceFolder}/frontend",
"cwd": "${workspaceFolder}/Server",
"env": {
"BROWSER": "none"
"PORT": "3001"
}
},
"group": "build",
"dependsOn": "Clean Debug Ports",
"problemMatcher": [
{
"owner": "backend-ready",
"fileLocation": ["absolute"],
"pattern": {
"regexp": "^(.*)$",
"message": 1
},
"background": {
"activeOnStart": true,
"beginsPattern": "Starte Datenbankinitialisierung|Server läuft unter http://localhost:3001",
"endsPattern": "NotificationScheduler erfolgreich initialisiert"
}
}
],
"presentation": {
"reveal": "always",
"panel": "dedicated",
"clear": false
}
},
{
"label": "Start Vite (after backend ready)",
"type": "npm",
"script": "frontend",
"isBackground": true,
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "dedicated",
"group": "dev",
"showReuseMessage": false
"options": {
"cwd": "${workspaceFolder}/Client"
},
"problemMatcher": {
"owner": "custom",
"pattern": {
"regexp": "^.*$",
"file": 1,
"location": 2,
"message": 3
},
"background": {
"activeOnStart": true,
"beginsPattern": "^.*Starting the development server.*$",
"endsPattern": "^.*webpack compiled.*$"
"dependsOn": "Wait for Backend Ready",
"dependsOrder": "sequence",
"problemMatcher": [
{
"owner": "vite",
"fileLocation": ["relative", "${workspaceFolder}"],
"pattern": {
"regexp": "^(.*)$",
"file": 1,
"message": 1
},
"background": {
"activeOnStart": true,
"beginsPattern": "VITE|ready in",
"endsPattern": "localhost:3000"
}
}
}
},
{
"label": "🛑 Kill Frontend Process",
"type": "shell",
"command": "pkill",
"args": ["-f", "npm start"],
"options": {
"cwd": "${workspaceFolder}/frontend"
},
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
},
"problemMatcher": []
},
{
"label": "🛑 Kill Backend Process",
"type": "shell",
"command": "pkill",
"args": ["-f", "ts-node-dev"],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
},
"problemMatcher": []
},
{
"label": "📊 Show Development Processes Status",
"type": "shell",
"command": "bash",
"args": [
"-c",
"echo '📊 Aktuelle Development-Prozesse:'; echo ''; ps aux | grep -E 'npm.*start|react-scripts|ts-node-dev' | grep -v grep | awk '{print \"PID: \" $2 \" - \" $11 \" \" $12 \" \" $13}' || echo 'Keine Development-Prozesse gefunden'"
],
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
},
"problemMatcher": []
},
{
"label": "🛑 Cleanup Development Processes",
"type": "shell",
"command": "bash",
"args": [
"-c",
"pkill -f 'ts-node-dev' > /dev/null 2>&1 || true; pkill -f 'npm.*start' > /dev/null 2>&1 || true; pkill -f 'react-scripts' > /dev/null 2>&1 || true"
],
"group": "build",
"presentation": {
"echo": false,
"reveal": "never",
"focus": false,
"panel": "shared",
"clear": false,
"showReuseMessage": false,
"close": true
},
"problemMatcher": [],
"isBackground": false,
"runOptions": {
"reevaluateOnRerun": true
}
},
{
"label": "🧹 Post Debug Cleanup",
"type": "shell",
"command": "bash",
"args": ["-c", "/workspace/scripts/post-debug-cleanup.sh"],
"group": "build",
"presentation": {
"echo": false,
"reveal": "never",
"focus": false,
"panel": "new",
"clear": false,
"showReuseMessage": false,
"close": true
},
"problemMatcher": [],
"isBackground": false,
"runOptions": {
"reevaluateOnRerun": true,
"runOn": "default"
}
},
{
"label": "🔄 Force Kill All Dev Processes",
"type": "shell",
"command": "bash",
"args": [
"-c",
"RANDOM_ID=$RANDOM; echo \"Cleanup ID: $RANDOM_ID\" > /dev/null; pkill -9 -f 'ts-node-dev' > /dev/null 2>&1 || true; pkill -9 -f 'npm.*start' > /dev/null 2>&1 || true; pkill -9 -f 'react-scripts' > /dev/null 2>&1 || true"
],
"group": "build",
"presentation": {
"echo": false,
"reveal": "never",
"focus": false,
"panel": "shared",
"clear": false,
"showReuseMessage": false,
"close": true
},
"problemMatcher": []
},
{
"label": "🛑 Terminate All Development Processes",
"type": "shell",
"command": "/workspace/scripts/kill-dev-processes.sh",
"args": [],
"group": "build",
"presentation": {
"echo": false,
"reveal": "never",
"focus": false,
"panel": "shared",
"clear": false,
"showReuseMessage": false,
"close": true
},
"problemMatcher": [],
"runOptions": {
"runOn": "default"
}
},
{
"label": "🛑 Terminate All Development Processes (Verbose)",
"type": "shell",
"command": "/workspace/scripts/kill-dev-processes.sh",
"args": [],
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "dedicated",
"clear": true,
"showReuseMessage": false
},
"problemMatcher": []
},
{
"label": "🚀 Start Full Stack (Split Terminal)",
"dependsOrder": "parallel",
"dependsOn": ["🖥️ Backend", "🌐 Frontend"],
"group": {
"kind": "build",
"isDefault": true
},
"presentation": {
"reveal": "always",
"panel": "new"
}
},
{
"label": "🔄 Restart Full Stack",
"type": "shell",
"command": "bash",
"args": [
"-c",
"/workspace/scripts/kill-dev-processes.sh && sleep 2 && echo '🚀 Starte Full Stack...' && code --command 'workbench.action.tasks.runTask' 'shell: 🚀 Start Full Stack (Split Terminal)'"
],
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared",
"clear": true
},
"problemMatcher": []
},
{
"label": "Build Backend",
"type": "shell",
"command": "npm",
"args": ["run", "build"],
"options": {
"cwd": "${workspaceFolder}/backend"
},
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
},
"problemMatcher": ["$tsc"]
},
{
"label": "Build Frontend",
"type": "shell",
"command": "npm",
"args": ["run", "build"],
"options": {
"cwd": "${workspaceFolder}/frontend"
},
"group": "build",
"presentation": {
"echo": true,
"reveal": "always",
"focus": false,
"panel": "shared"
"clear": false
}
}
]