Stuff
This commit is contained in:
Eric Gullickson
@@ -13,20 +13,21 @@
|
||||
- Stations endpoints (`/api/stations*`)
|
||||
|
||||
### Unauthenticated Endpoints
|
||||
- None
|
||||
- Health check: `/api/health` (Traefik readiness probe, no JWT required)
|
||||
- Health check: `/health` (internal Fastify health endpoint)
|
||||
|
||||
## Data Security
|
||||
|
||||
### VIN Handling
|
||||
- VIN validation using industry-standard check digit algorithm
|
||||
- VIN decoding via integrated MVP Platform service (FastAPI) with shared database and caching
|
||||
- VIN decoding via integrated VIN decode service (TypeScript/Node.js) with shared database and caching
|
||||
- No VIN storage in logs (mask as needed in logging)
|
||||
|
||||
### Database Security
|
||||
- User data isolation via userId foreign keys
|
||||
- Soft deletes for audit trail
|
||||
- No cascading deletes to prevent data loss
|
||||
- Encrypted connections to PostgreSQL
|
||||
- Cascading deletes configured where appropriate (CASCADE constraints enforced in migrations)
|
||||
- PostgreSQL connections run within internal Docker network (unencrypted, network-isolated)
|
||||
|
||||
## Infrastructure Security
|
||||
|
||||
|
||||
Reference in New Issue
Block a user