backend.main
FastAPI application entry point.
Creates the fastapi.FastAPI instance, registers all middleware
(CORS, GZip, rate limiting), mounts all API routers and defines the
core endpoints that do not belong to a specific sub-resource:
POST /login– password-based login, returns access + refresh tokensPOST /refresh– exchange a refresh token for a new access tokenPOST /logout– revoke tokens and clear cookiesGET /me– return the authenticated user’s profilePUT /update_user– update own user profilePUT /change_password– change own passwordGET /user_list– list all users (authenticated)GET /user_todo_list– personal to-do and feedback listGET /app_info– application metadataGET /db_health– database connectivity probe
- async backend.main.global_exception_handler(request, exc)[source]
Excepts all unhandled exceptions, logs them and returns a generic error message
- async backend.main.http_exception_handler(request, exc)[source]
Specific handler for HTTPExceptions with logging
- async backend.main.periodic_token_cleanup()[source]
Background Task für periodisches Token-Cleanup (alle 24h)
- backend.main.login(request, data, response, db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
- backend.main.refresh_token(request, response, refresh_data=None, db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
Refresh Token aus Cookie oder Request Body lesen und Access+Refresh rotieren.
Replay-Erkennung: Wird ein bereits widerrufener Refresh-Token erneut vorgelegt, werden alle aktiven Refresh-Tokens des Users widerrufen.
- backend.main.logout(request, response, logout_data=None, db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
Logout: Blacklist Access Token, revoke Refresh Token und lösche Auth-Cookies.
- backend.main.get_csrf_token(request, response, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None))[source]
Return a CSRF token for authenticated browser clients and refresh the CSRF cookie.
- backend.main.get_me(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
- backend.main.update_user(request, user, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
- backend.main.change_password(request, data, current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
- backend.main.get_users_list(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]
- backend.main.get_user_todo(current=Depends(dependency=<function get_current_user>, use_cache=True, scope=None), db=Depends(dependency=<function get_db>, use_cache=True, scope=None))[source]