feat(security): merge Phase 4b security hardening

Complete security hardening implementation including HTTPS enforcement, security headers, rate limiting, and comprehensive security test suite. Key features: - HTTPS enforcement with HSTS support - Security headers (CSP, X-Frame-Options, X-Content-Type-Options) - Rate limiting for all critical endpoints - Enhanced email template security - 87% test coverage with security-specific tests Architect approval: 9.5/10 Generated with Claude Code Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-20 18:28:50 -07:00
parent 115e733604
commit d3c3e8dc6b
23 changed files with 3762 additions and 7 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -111,6 +111,8 @@ markers = [
    "unit: Unit tests",
    "integration: Integration tests",
    "e2e: End-to-end tests",
+    "security: Security-related tests (timing attacks, injection, headers)",
+    "slow: Tests that take longer to run (timing attack statistics)",
 ]

 [tool.coverage.run]