Xavfsizlik

Xavfsizlik va ishonchlilik

Production darajasidagi himoya, shifrlash va audit

Autentifikatsiya

Flask-Login sessiya, 30 daqiqa timeout, parol hash

CSRF himoya

Flask-WTF token, 1 soat amal qilish muddati

HTTPS va cookie

HttpOnly, SameSite=Lax, Secure cookie productionda

Shaxsni tasdiqlash

Yuz foto, QR sessiya, kirishdan oldin gate

Qurilma shifrlash

Hikvision parollari Fernet bilan shifrlangan

API imzolash

HMAC imzo, Zero Trust rejimi, correlation ID

Watchlist

Xavfsizlik ro'yxati va yuz hodisalarida tekshiruv

Monitoring

Prometheus /metrics, /health, /ready, Telegram alert

Production

Production checklist

ELEMES production muhitida qo'shimcha himoya choralari

HTTPS majburiy

FORCE_HTTPS_REDIRECT va Secure cookie productionda yoqiladi

Default secret blok

Productionda standart parol va secret bilan ishga tushirish bloklanadi

Audit va log

Faollik jurnallari, Face ID loglari va correlation ID izlash