186 lines
5.0 KiB
Python
186 lines
5.0 KiB
Python
"""
|
||
Django settings for config project.
|
||
|
||
Generated by 'django-admin startproject' using Django 5.2.7.
|
||
|
||
For more information on this file, see
|
||
https://docs.djangoproject.com/en/5.2/topics/settings/
|
||
|
||
For the full list of settings and their values, see
|
||
https://docs.djangoproject.com/en/5.2/ref/settings/
|
||
"""
|
||
|
||
from pathlib import Path
|
||
import os
|
||
from dotenv import load_dotenv
|
||
|
||
BASE_DIR = Path(__file__).resolve().parent.parent
|
||
load_dotenv(BASE_DIR.parent / ".env")
|
||
|
||
SECRET_KEY = os.getenv("DJANGO_SECRET_KEY", "change-me")
|
||
DEBUG = os.getenv("DJANGO_DEBUG", "true").lower() == "true"
|
||
|
||
ALLOWED_HOSTS = [
|
||
"127.0.0.1",
|
||
"localhost",
|
||
os.getenv("HOST_FQDN", ""),
|
||
]
|
||
|
||
# Ensure Django knows it's behind a reverse proxy and using HTTPS
|
||
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||
USE_X_FORWARDED_HOST = True
|
||
USE_X_FORWARDED_PORT = True
|
||
SECURE_SSL_REDIRECT = True
|
||
|
||
CSRF_TRUSTED_ORIGINS = [
|
||
origin for origin in [
|
||
os.getenv("HOST_FQDN", ""),
|
||
os.getenv("CSRF_TRUSTED_ORIGIN", "")
|
||
] if origin
|
||
]
|
||
CSRF_TRUSTED_ORIGINS = [
|
||
f"https://{host}" if not host.startswith(("http://", "https://")) else host
|
||
for host in CSRF_TRUSTED_ORIGINS
|
||
]
|
||
|
||
# Cookies must always be HTTPS-only
|
||
SESSION_COOKIE_SECURE = True
|
||
CSRF_COOKIE_SECURE = True
|
||
SESSION_COOKIE_SAMESITE = "Lax"
|
||
CSRF_COOKIE_SAMESITE = "Lax"
|
||
CSRF_USE_SESSIONS = True
|
||
|
||
# Application definition
|
||
|
||
INSTALLED_APPS = [
|
||
'django.contrib.admin',
|
||
'django.contrib.auth',
|
||
'django.contrib.contenttypes',
|
||
'django.contrib.sessions',
|
||
'django.contrib.messages',
|
||
'django.contrib.staticfiles',
|
||
'core',
|
||
]
|
||
|
||
MIDDLEWARE = [
|
||
'django.middleware.security.SecurityMiddleware',
|
||
'django.contrib.sessions.middleware.SessionMiddleware',
|
||
'django.middleware.common.CommonMiddleware',
|
||
'django.middleware.csrf.CsrfViewMiddleware',
|
||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||
'django.contrib.messages.middleware.MessageMiddleware',
|
||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||
]
|
||
|
||
X_FRAME_OPTIONS = 'SAMEORIGIN'
|
||
|
||
ROOT_URLCONF = 'config.urls'
|
||
|
||
TEMPLATES = [
|
||
{
|
||
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||
'DIRS': [],
|
||
'APP_DIRS': True,
|
||
'OPTIONS': {
|
||
'context_processors': [
|
||
'django.template.context_processors.request',
|
||
'django.contrib.auth.context_processors.auth',
|
||
'django.contrib.messages.context_processors.messages',
|
||
# IMPORTANT: do not remove – injects PROJECT_DESCRIPTION/PROJECT_IMAGE_URL and cache-busting timestamp
|
||
'core.context_processors.project_context',
|
||
],
|
||
},
|
||
},
|
||
]
|
||
|
||
WSGI_APPLICATION = 'config.wsgi.application'
|
||
|
||
|
||
# Database
|
||
# https://docs.djangoproject.com/en/5.2/ref/settings/#databases
|
||
|
||
DATABASES = {
|
||
'default': {
|
||
'ENGINE': 'django.db.backends.mysql',
|
||
'NAME': os.getenv('DB_NAME', ''),
|
||
'USER': os.getenv('DB_USER', ''),
|
||
'PASSWORD': os.getenv('DB_PASS', ''),
|
||
'HOST': os.getenv('DB_HOST', '127.0.0.1'),
|
||
'PORT': os.getenv('DB_PORT', '3306'),
|
||
'OPTIONS': {
|
||
'charset': 'utf8mb4',
|
||
},
|
||
},
|
||
}
|
||
|
||
|
||
# Password validation
|
||
# https://docs.djangoproject.com/en/5.2/ref/settings/#auth-password-validators
|
||
|
||
AUTH_PASSWORD_VALIDATORS = [
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
|
||
},
|
||
]
|
||
|
||
|
||
# Internationalization
|
||
# https://docs.djangoproject.com/en/5.2/topics/i18n/
|
||
|
||
LANGUAGE_CODE = 'en-us'
|
||
|
||
TIME_ZONE = 'UTC'
|
||
|
||
USE_I18N = True
|
||
|
||
USE_TZ = True
|
||
|
||
|
||
# Static files (CSS, JavaScript, Images)
|
||
# https://docs.djangoproject.com/en/5.2/howto/static-files/
|
||
|
||
STATIC_URL = 'static/'
|
||
# Collect static into a separate folder; avoid overlapping with STATICFILES_DIRS.
|
||
STATIC_ROOT = BASE_DIR / 'staticfiles'
|
||
|
||
STATICFILES_DIRS = [
|
||
BASE_DIR / 'static',
|
||
]
|
||
|
||
# Email
|
||
EMAIL_BACKEND = os.getenv(
|
||
"EMAIL_BACKEND",
|
||
"django.core.mail.backends.smtp.EmailBackend"
|
||
)
|
||
EMAIL_HOST = os.getenv("EMAIL_HOST", "127.0.0.1")
|
||
EMAIL_PORT = int(os.getenv("EMAIL_PORT", "587"))
|
||
EMAIL_HOST_USER = os.getenv("EMAIL_HOST_USER", "")
|
||
EMAIL_HOST_PASSWORD = os.getenv("EMAIL_HOST_PASSWORD", "")
|
||
EMAIL_USE_TLS = os.getenv("EMAIL_USE_TLS", "true").lower() == "true"
|
||
EMAIL_USE_SSL = os.getenv("EMAIL_USE_SSL", "false").lower() == "true"
|
||
DEFAULT_FROM_EMAIL = os.getenv("DEFAULT_FROM_EMAIL", "no-reply@example.com")
|
||
CONTACT_EMAIL_TO = [
|
||
item.strip()
|
||
for item in os.getenv("CONTACT_EMAIL_TO", DEFAULT_FROM_EMAIL).split(",")
|
||
if item.strip()
|
||
]
|
||
|
||
# When both TLS and SSL flags are enabled, prefer SSL explicitly
|
||
if EMAIL_USE_SSL:
|
||
EMAIL_USE_TLS = False
|
||
# Default primary key field type
|
||
# https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field
|
||
|
||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
||
|
||
LOGIN_REDIRECT_URL = 'home'
|
||
LOGOUT_REDIRECT_URL = 'home' |