Enhance user management, improve API structure, add database optimizations, and update Docker setup

- Introduced endpoints for user management, including CRUD operations, pagination, and password management.
- Added new schema validations for user updates, password strength, pagination, and standardized error responses.
- Integrated custom exception handling for a consistent API error experience.
- Refined CORS settings: restricted methods and allowed headers, added header exposure, and preflight caching.
- Optimized database: added indexes on `is_active` and `is_superuser` fields, updated column types, enforced constraints, and set defaults.
- Updated `Dockerfile` to improve security by using a non-root user and adding a health check for the application.
- Enhanced tests for database initialization, user operations, and exception handling to ensure better coverage.

backend/app/crud/user.py

@@ -1,10 +1,14 @@
 # app/crud/user.py
 from typing import Optional, Union, Dict, Any
 from sqlalchemy.orm import Session
+from sqlalchemy.exc import IntegrityError
 from app.crud.base import CRUDBase
 from app.models.user import User
 from app.schemas.users import UserCreate, UserUpdate
 from app.core.auth import get_password_hash
+import logging
+
+logger = logging.getLogger(__name__)
 
 
 class CRUDUser(CRUDBase[User, UserCreate, UserUpdate]):
@@ -12,19 +16,33 @@ class CRUDUser(CRUDBase[User, UserCreate, UserUpdate]):
         return db.query(User).filter(User.email == email).first()
 
     def create(self, db: Session, *, obj_in: UserCreate) -> User:
-        db_obj = User(
-            email=obj_in.email,
-            password_hash=get_password_hash(obj_in.password),
-            first_name=obj_in.first_name,
-            last_name=obj_in.last_name,
-            phone_number=obj_in.phone_number if hasattr(obj_in, 'phone_number') else None,
-            is_superuser=obj_in.is_superuser if hasattr(obj_in, 'is_superuser') else False,
-            preferences={}
-        )
-        db.add(db_obj)
-        db.commit()
-        db.refresh(db_obj)
-        return db_obj
+        """Create a new user with password hashing and error handling."""
+        try:
+            db_obj = User(
+                email=obj_in.email,
+                password_hash=get_password_hash(obj_in.password),
+                first_name=obj_in.first_name,
+                last_name=obj_in.last_name,
+                phone_number=obj_in.phone_number if hasattr(obj_in, 'phone_number') else None,
+                is_superuser=obj_in.is_superuser if hasattr(obj_in, 'is_superuser') else False,
+                preferences={}
+            )
+            db.add(db_obj)
+            db.commit()
+            db.refresh(db_obj)
+            return db_obj
+        except IntegrityError as e:
+            db.rollback()
+            error_msg = str(e.orig) if hasattr(e, 'orig') else str(e)
+            if "email" in error_msg.lower():
+                logger.warning(f"Duplicate email attempted: {obj_in.email}")
+                raise ValueError(f"User with email {obj_in.email} already exists")
+            logger.error(f"Integrity error creating user: {error_msg}")
+            raise ValueError(f"Database integrity error: {error_msg}")
+        except Exception as e:
+            db.rollback()
+            logger.error(f"Unexpected error creating user: {str(e)}", exc_info=True)
+            raise
 
     def update(
             self,