security: SECRET_KEY from env, CORS restricted to localhost

- Replace hardcoded secret_key with os.environ.get('SECRET_KEY')
- RuntimeError if SECRET_KEY not set (fail fast)
- Restrict CORS to localhost:8765 origins (was allow all with credentials)
- Add .gitignore excluding db, env, __pycache__, backups

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-07-03 12:55:19 -04:00
commit 235a9abbfe
8 changed files with 7670 additions and 0 deletions
+1344
View File
File diff suppressed because it is too large Load Diff