backend.main

FastAPI application entry point.

Creates the fastapi.FastAPI instance, registers all middleware (CORS, GZip, rate limiting), mounts all API routers and defines the core endpoints that do not belong to a specific sub-resource:

  • POST /login – password-based login, returns access + refresh tokens

  • POST /refresh – exchange a refresh token for a new access token

  • POST /logout – revoke tokens and clear cookies

  • GET  /me – return the authenticated user’s profile

  • PUT  /update_user – update own user profile

  • PUT  /change_password – change own password

  • GET  /user_list – list all users (authenticated)

  • GET  /user_todo_list – personal to-do and feedback list

  • GET  /app_info – application metadata

  • GET  /db_health – database connectivity probe

async backend.main.validate_env()[source]
async backend.main.global_exception_handler(request, exc)[source]

Excepts all unhandled exceptions, logs them and returns a generic error message

async backend.main.http_exception_handler(request, exc)[source]

Specific handler for HTTPExceptions with logging

async backend.main.startup_event()[source]

Führe Token-Cleanup bei Startup aus

async backend.main.periodic_token_cleanup()[source]

Background Task für periodisches Token-Cleanup (alle 24h)

async backend.main.start_background_tasks()[source]

Starte Background Tasks

backend.main.get_todo_list(user_name, db)[source]
backend.main.login(request, data, response, db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.refresh_token(request, response, refresh_data=None, db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]

Refresh Token aus Cookie oder Request Body lesen und Access+Refresh rotieren.

Replay-Erkennung: Wird ein bereits widerrufener Refresh-Token erneut vorgelegt, werden alle aktiven Refresh-Tokens des Users widerrufen.

backend.main.logout(request, response, logout_data=None, db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]

Logout: Blacklist Access Token, revoke Refresh Token und lösche Auth-Cookies.

backend.main.get_csrf_token(request, response, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None))[source]

Return a CSRF token for authenticated browser clients and refresh the CSRF cookie.

backend.main.get_me(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.update_user(request, user, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.change_password(request, data, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.get_users_list(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.get_user_todo(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.set_user_todo_done(request, todo, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
backend.main.get_version_dict()[source]
backend.main.health_check(db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]

Überprüft ob API und DB erreichbar sind