Currently, the SQLAlchemy models use Integer as the primary key (id) for most tables, including sensitive user-facing ones like User, Playlist, Song, etc. This exposes internal sequence and can lead to security/privacy concerns when surfaced in public APIs (e.g., GET /users/17).
Replacing id: Integer with UUID:
- Changing primary keys to
UUID(as_uuid=True) using default=uuid.uuid4.
- Updating Alembic migrations, Pydantic schemas, and CRUD logic accordingly.
- Benefits: no ID guessing.
Currently, the SQLAlchemy models use
Integeras the primary key (id) for most tables, including sensitive user-facing ones likeUser,Playlist,Song, etc. This exposes internal sequence and can lead to security/privacy concerns when surfaced in public APIs (e.g.,GET /users/17).Replacing
id: IntegerwithUUID:UUID(as_uuid=True)usingdefault=uuid.uuid4.