Skip to content

07. Security & Safety

Current posture

This checkout is a local/demo-oriented platform for sensitive tribunal documents, but API security is largely scaffolding.

Control Status
Authentication on routers Absent — only Depends(get_db)
Authorization / RBAC Helpers exist (require_role); unused
OIDC Settings only (OIDC_ISSUER, OIDC_CLIENT_ID)
JWT JWT_SECRET default change-me; dev-token bypass in dependencies.py
CORS allow_origins=["*"] + allow_credentials=True
Audit logging AuditEvent model + helper; not called from routers
Object storage credentials Env-based; defaults are MinIO demo keys
Upload hardening Broad UploadFile acceptance; limited visible size/type enforcement

Tenant / user isolation

None. Any client that can reach the API can list, read, delete documents and factsheets.

Model and tool safety

  • LLM calls go through LiteLLM to configured endpoints (local or cloud)
  • sanitize.py strips large base64 image payloads before prompting (cost/context safety, not content moderation)
  • No explicit PII redaction layer before LLM or logs
  • OCR/extraction prompts assume trusted operator uploads

Secret management

  • Secrets expected in .env (not committed)
  • Example file still contains placeholder API keys and weak JWT secret
  • No rotation story in code

Known gaps (priority)

  1. Wire auth to every mutating and read API before any shared deployment
  2. Restrict CORS to known frontend origins
  3. Remove or gate dev-token
  4. Enforce upload content-type, size limits, and virus scanning if required by policy
  5. Emit audit events for upload, delete, factsheet generate, stage re-run
  6. Treat court documents as high-sensitivity: encrypt at rest, access logs, retention policy (Unknown whether ops layer exists outside repo)

Security interview Q&A

Q: Is this production-ready for DRT data?
A: Not as-is. The pipeline and factsheet logic are real, but auth, audit, and network controls are incomplete.

Q: What would you ship first?
A: OIDC/JWT on all /api/v1 routes, CORS lockdown, disable dev bypass, and audit events on document/factsheet lifecycle.