- Remove
fieldsparam from certain API endpoints, e.g. PUTreviews/{id}/planand change logic to check forif not missing - Standardize and clean up logging throughout app
- Enable admin access throughout app
- Delete full-text PDFs upon review deletion
- Re-organize colandr_data directory to have review-specific sub-directories
Longer term:
- Better handle uploaded fulltext file naming; maybe just store file format in db?
- enable https everywhere (via let's encrypt?)
- Add extra fields in users table, e.g. affiliation
- Consider using something like Flask-Security for more comprehensive and less home-rolled user login and management
- Watch for flask-restplus to integrate webargs validation, which would probably make auto-docs much easier and less redundant
- API rate-limiting
- Confirm that password reset actually works o_O