fix docker

backend/Dockerfile

@@ -6,6 +6,9 @@ ENV PYTHONUNBUFFERED=1 \
     PIP_NO_CACHE_DIR=1 \
     PIP_DISABLE_PIP_VERSION_CHECK=1
 
+# Create non-root user first
+RUN useradd --create-home --shell /bin/bash --uid 1000 app
+
 # Set work directory
 WORKDIR /app
 
@@ -13,26 +16,29 @@ WORKDIR /app
 RUN apt-get update && apt-get install -y \
     gcc \
     g++ \
+    curl \
     && rm -rf /var/lib/apt/lists/*
 
+# Change ownership of /app to app user
+RUN chown -R app:app /app
+
+# Switch to app user
+USER app
+
 # Install UV for faster Python package management
-RUN pip install uv
+RUN pip install --user uv
+
+# Add user's pip bin to PATH
+ENV PATH="/home/app/.local/bin:$PATH"
 
 # Copy pyproject.toml and uv.lock
-COPY pyproject.toml uv.lock ./
+COPY --chown=app:app pyproject.toml uv.lock ./
 
-# Install Python dependencies
+# Install Python dependencies as app user
 RUN uv sync --frozen --no-dev
 
 # Copy application code
-COPY . .
-
-# Create non-root user and fix permissions
-RUN useradd --create-home --shell /bin/bash app && \
-    chown -R app:app /app && \
-    chmod -R 755 /app
-
-USER app
+COPY --chown=app:app . .
 
 # Expose port
 EXPOSE 8000