From 3f8f96097df91562941b2a6797fef7f4d89484df Mon Sep 17 00:00:00 2001
From: CCS Admin <martin.porwoll@complexcaresolutions.de>
Date: Tue, 24 Feb 2026 08:48:28 +0000
Subject: [PATCH] fix: URL-encode DB password in connection string

Passwords with special characters (@, &, etc.) broke the SQLAlchemy
connection URL parsing.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 backend/app/config.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/backend/app/config.py b/backend/app/config.py
index 46c080b..828f684 100644
--- a/backend/app/config.py
+++ b/backend/app/config.py
@@ -1,4 +1,6 @@
 # backend/app/config.py
+from urllib.parse import quote_plus
+
 from pydantic_settings import BaseSettings
 from functools import lru_cache
 
@@ -31,8 +33,9 @@ class Settings(BaseSettings):
 
     @property
     def database_url(self) -> str:
+        password = quote_plus(self.DB_PASSWORD)
         return (
-            f"mysql+pymysql://{self.DB_USER}:{self.DB_PASSWORD}"
+            f"mysql+pymysql://{self.DB_USER}:{password}"
             f"@{self.DB_HOST}:{self.DB_PORT}/{self.DB_NAME}?charset=utf8mb4"
         )