07. Security & Safety¶
Current posture¶
This checkout is a local/demo-oriented platform for sensitive tribunal documents, but API security is largely scaffolding.
| Control | Status |
|---|---|
| Authentication on routers | Absent — only Depends(get_db) |
| Authorization / RBAC | Helpers exist (require_role); unused |
| OIDC | Settings only (OIDC_ISSUER, OIDC_CLIENT_ID) |
| JWT | JWT_SECRET default change-me; dev-token bypass in dependencies.py |
| CORS | allow_origins=["*"] + allow_credentials=True |
| Audit logging | AuditEvent model + helper; not called from routers |
| Object storage credentials | Env-based; defaults are MinIO demo keys |
| Upload hardening | Broad UploadFile acceptance; limited visible size/type enforcement |
Tenant / user isolation¶
None. Any client that can reach the API can list, read, delete documents and factsheets.
Model and tool safety¶
- LLM calls go through LiteLLM to configured endpoints (local or cloud)
sanitize.pystrips large base64 image payloads before prompting (cost/context safety, not content moderation)- No explicit PII redaction layer before LLM or logs
- OCR/extraction prompts assume trusted operator uploads
Secret management¶
- Secrets expected in
.env(not committed) - Example file still contains placeholder API keys and weak JWT secret
- No rotation story in code
Known gaps (priority)¶
- Wire auth to every mutating and read API before any shared deployment
- Restrict CORS to known frontend origins
- Remove or gate
dev-token - Enforce upload content-type, size limits, and virus scanning if required by policy
- Emit audit events for upload, delete, factsheet generate, stage re-run
- Treat court documents as high-sensitivity: encrypt at rest, access logs, retention policy (
Unknownwhether ops layer exists outside repo)
Security interview Q&A¶
Q: Is this production-ready for DRT data?
A: Not as-is. The pipeline and factsheet logic are real, but auth, audit, and network controls are incomplete.
Q: What would you ship first?
A: OIDC/JWT on all /api/v1 routes, CORS lockdown, disable dev bypass, and audit events on document/factsheet lifecycle.