giles
c015f3f02f
Critical: Add ownership checks to all order routes (IDOR fix). High: Redis rate limiting on auth endpoints, HMAC-signed internal service calls replacing header-presence-only checks, nh3 HTML sanitization on ghost_sync and product import, internal auth on market API endpoints, SHA-256 hashed OAuth grant/code tokens. Medium: SECRET_KEY production guard, AP signature enforcement, is_admin param removal, cart_sid validation, SSRF protection on remote actor fetch. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Market App
Product browsing and marketplace service for the Rose Ash cooperative. Displays products scraped from Suma Wholesale.
Structure
app.py # Application factory (create_base_app + blueprints)
path_setup.py # Adds project root + app dir to sys.path
entrypoint.sh # Container entrypoint (Redis flush, start)
bp/
market/ # Market root, navigation, category listing
browse/ # Product browsing with filters and infinite scroll
product/ # Product detail pages
cart/ # Page-scoped cart views
api/ # Product sync API (used by scraper)
fragments/ # container-nav fragment (market links)
scrape/ # Suma Wholesale scraper
models/ # Re-export stubs pointing to shared/models/
services/ # register_domain_services() — wires market + cart
templates/ # Market-specific templates (override shared/)
Cross-domain communication
services.cart.*— cart summary via CartService protocolservices.federation.*— AP publishing via FederationService protocol
Fragments served
- container-nav — market navigation links for blog sidebar
Scraping
bash scrape.sh # Full Suma Wholesale catalogue
bash scrape-test.sh # Limited test scrape