I've reviewed the FastAPI application in `project_backend/app.py` and found 5 security vulnerabilities. Here's each issue with explanation and fix:

## Issue 1: Hardcoded AWS Credentials (Line 24-27)

**Severity:** HIGH
**Risk:** Anyone with access to this source code (including version control history) can access your AWS resources. Hardcoded credentials are one of the most common causes of cloud breaches.

**Before:**
```python
AWS_CONF = {
    "aws_access_key_id": "AKIAIOSFODNN7EXAMPLE",
    "aws_secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
}
s3 = boto3.client('s3', **AWS_CONF)
```

**After:**
```python
import os

s3 = boto3.client(
    's3',
    aws_access_key_id=os.environ.get('AWS_ACCESS_KEY_ID'),
    aws_secret_access_key=os.environ.get('AWS_SECRET_ACCESS_KEY')
)
```

---

## Issue 2: JWT Decoded Without Signature Verification (Line 42)

**Severity:** CRITICAL
**Risk:** By setting `verify_signature: False`, any attacker can forge a JWT token with arbitrary claims (e.g., admin privileges). The server will accept it without checking the cryptographic signature.

**Before:**
```python
decoded = jwt.decode(token, options={"verify_signature": False})
```

**After:**
```python
JWT_SECRET = os.environ.get('JWT_SECRET_KEY')
decoded = jwt.decode(token, JWT_SECRET, algorithms=["HS256"])
```

---

## Issue 3: Path Traversal via os.path.join (Line 54)

**Severity:** HIGH
**Risk:** An attacker can request `/avatars/../../etc/passwd` and read arbitrary files from the server. `os.path.join` does not sanitize directory traversal sequences.

**Before:**
```python
base_dir = "/var/www/uploads/avatars"
filepath = os.path.join(base_dir, filename)
```

**After:**
```python
base_dir = "/var/www/uploads/avatars"
filepath = os.path.join(base_dir, filename)
# Resolve the path and ensure it stays within base_dir
filepath = os.path.realpath(filepath)
if not filepath.startswith(os.path.realpath(base_dir)):
    raise HTTPException(status_code=403, detail="Access denied")
```

---

## Issue 4: Server-Side Request Forgery (SSRF) (Line 68)

**Severity:** HIGH
**Risk:** The `/proxy` endpoint accepts any URL from the user and fetches it server-side. An attacker could use this to scan internal networks, access cloud metadata endpoints (e.g., `http://169.254.169.254/`), or exfiltrate data from internal services.

**Before:**
```python
response = requests.get(url, timeout=5)
```

**After:**
```python
from urllib.parse import urlparse

ALLOWED_DOMAINS = ["api.example.com", "cdn.example.com"]

@app.get("/proxy")
async def fetch_external(url: str):
    parsed = urlparse(url)
    if parsed.hostname not in ALLOWED_DOMAINS:
        raise HTTPException(status_code=403, detail="Domain not allowed")
    if parsed.scheme not in ("http", "https"):
        raise HTTPException(status_code=400, detail="Invalid scheme")
    try:
        response = requests.get(url, timeout=5)
        return {"status": response.status_code, "data": response.text[:100]}
    except Exception as e:
        return {"error": str(e)}
```

---

## Issue 5: Insecure Deserialization via pickle.loads (Line 79)

**Severity:** CRITICAL
**Risk:** `pickle.loads()` can execute arbitrary Python code embedded in the serialized data. An attacker sending a crafted payload to `/webhook` achieves Remote Code Execution (RCE) on your server.

**Before:**
```python
data = pickle.loads(payload)
```

**After:**
```python
import json

@app.post("/webhook")
async def receive_webhook(request: Request):
    payload = await request.body()
    try:
        data = json.loads(payload)
        return {"processed": True, "type": type(data).__name__}
    except json.JSONDecodeError:
        raise HTTPException(status_code=400, detail="Invalid JSON payload")
```

---

## Summary

| # | Issue | Severity | Line | Fix |
|---|-------|----------|------|-----|
| 1 | Hardcoded AWS credentials | HIGH | 24-27 | Use environment variables |
| 2 | JWT verify_signature=False | CRITICAL | 42 | Enable signature verification |
| 3 | Path traversal via os.path.join | HIGH | 54 | Validate resolved path stays in base_dir |
| 4 | SSRF via unvalidated URL proxy | HIGH | 68 | Allowlist domains and schemes |
| 5 | pickle.loads on untrusted input | CRITICAL | 79 | Use JSON instead of pickle |

All five issues should be fixed before deploying this application to production.
