# Tasks: Add Input Validation and Security Enhancements

## 1. Schema Input Validation
- [x] 1.1 Add max_length validation to TaskBase schema (title: 500, description: 10000)
- [x] 1.2 Add max_length validation to ProjectBase schema
- [x] 1.3 Add max_length validation to SpaceBase schema
- [x] 1.4 Add max_length validation to CommentBase schema
- [x] 1.5 Add max_length validation to all other schema string fields
- [x] 1.6 Add numeric range validation (ge=0, le=max_value) for decimal fields

## 2. WebSocket Token Security
- [x] 2.1 Implement WebSocket authentication via first message instead of query parameter
- [x] 2.2 Update frontend WebSocket connection to send token in first message
- [x] 2.3 Add server log filtering to mask sensitive query parameters as fallback (N/A - token no longer in query params)

## 3. File Path Security
- [x] 3.1 Add explicit path traversal validation in file_storage_service.py
- [x] 3.2 Ensure resolved path is within base directory
- [x] 3.3 Add logging for path traversal attempts

## 4. Testing
- [x] 4.1 Add unit tests for input validation edge cases
- [x] 4.2 Add security tests for path traversal attempts
- [x] 4.3 Test WebSocket authentication flow