Complete ircquotes application with all features

- Added copy quote functionality with clipboard integration - Implemented bulk moderation actions for admin - Created mobile responsive design with bash.org styling - Added API rate limiting per IP address - Implemented dark mode toggle with flash prevention - Enhanced error messages throughout application - Fixed all security vulnerabilities (SQL injection, XSS, CSRF) - Added comprehensive rate limiting on all endpoints - Implemented secure session configuration - Added input validation and length limits - Created centralized configuration system with config.json - Set up production deployment with Gunicorn - Added security headers and production hardening - Added password generation and config management tools
2025-09-20 19:41:23 +01:00
parent 0b1241714d
commit f409977257
21 changed files with 1936 additions and 304 deletions
--- a/config.json
+++ b/config.json
@@ -0,0 +1,67 @@
+{
+  "app": {
+    "name": "ircquotes",
+    "host": "0.0.0.0",
+    "port": 5050,
+    "debug": false
+  },
+  "database": {
+    "uri": "sqlite:///quotes.db?timeout=20",
+    "pool_timeout": 20,
+    "pool_recycle": -1,
+    "pool_pre_ping": true
+  },
+  "security": {
+    "csrf_enabled": true,
+    "csrf_time_limit": null,
+    "session_cookie_secure": false,
+    "session_cookie_httponly": true,
+    "session_cookie_samesite": "Lax",
+    "security_headers": {
+      "x_content_type_options": "nosniff",
+      "x_frame_options": "DENY",
+      "x_xss_protection": "1; mode=block",
+      "strict_transport_security": "max-age=31536000; includeSubDomains",
+      "content_security_policy": "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'"
+    }
+  },
+  "rate_limiting": {
+    "enabled": true,
+    "global_limit": "1000 per hour",
+    "endpoints": {
+      "login": "5 per minute",
+      "submit": "5 per minute",
+      "modapp": "20 per minute",
+      "bulk_actions": "10 per minute",
+      "approve": "30 per minute",
+      "reject": "30 per minute",
+      "delete": "20 per minute",
+      "vote": "60 per minute",
+      "flag": "10 per minute",
+      "search": "30 per minute"
+    }
+  },
+  "admin": {
+    "username": "admin",
+    "password_hash": "$argon2i$v=19$m=65536,t=4,p=1$cWZDc1pQaUJLTUJoaVI4cw$kn8XKz6AEZi8ebXfyyZuzommSypliVFrsGqzOyUEIHA"
+  },
+  "quotes": {
+    "min_length": 10,
+    "max_length": 5000,
+    "per_page": 25,
+    "auto_approve": false,
+    "allow_html": false
+  },
+  "features": {
+    "voting_enabled": true,
+    "flagging_enabled": true,
+    "copy_quotes_enabled": true,
+    "dark_mode_enabled": true,
+    "api_enabled": true,
+    "bulk_moderation_enabled": true
+  },
+  "logging": {
+    "level": "WARNING",
+    "format": "%(asctime)s [%(levelname)s] %(message)s"
+  }
+}