Session state fully in English (following STRICT ENGLISH POLICY for production docs).
Added comprehensive Production Deployment section to README with:
- Environment variables table (JWT_SECRET_KEY, ALLOWED_ORIGINS)
- Critical deployment checklist
- Docker production setup example
- Reference to SECURITY_REPORT.md
Addresses:
1. Documentation in English for production files ✓
2. Details on JWT_SECRET_KEY and ALLOWED_ORIGINS for production users ✓
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Audit de securitate: 12 vulnerabilități identificate, 12/12 remediate
JWT backend: complet cu auth pe toți routers
JWT frontend: token handling + 401 redirect
Rate limiting: 10/min pe /items/extract-label
CORS: ALLOWED_ORIGINS configurable via env
Docker: environment vars pentru dev+prod
Status: PRODUCTION-READY (cu caveate env setup)
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Backend-ul are autentificație JWT completa pe toți routers-ii.
Frontend-ul trebuie actualizat pentru a trimite token în header.
Rate limiting (H-02) și CORS final rămân pending.
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>