# -*- coding: utf-8 -*- """ Django settings for ivatar project. """ import os import logging log_level = logging.DEBUG # pylint: disable=invalid-name logger = logging.getLogger("ivatar") # pylint: disable=invalid-name logger.setLevel(log_level) PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__)) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = "=v(+-^t#ahv^a&&e)uf36g8algj$d1@6ou^w(r0@%)#8mlc*zk" # SECURITY WARNING: don't run with debug turned on in production! DEBUG = True ALLOWED_HOSTS = [] # Application definition INSTALLED_APPS = [ "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "social_django", ] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", "django.middleware.locale.LocaleMiddleware", ] ROOT_URLCONF = "ivatar.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [os.path.join(BASE_DIR, "templates")], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", "django.template.context_processors.i18n", "social_django.context_processors.login_redirect", ], "debug": DEBUG, }, }, ] WSGI_APPLICATION = "ivatar.wsgi.application" # Database # https://docs.djangoproject.com/en/2.0/ref/settings/#databases DATABASES = { "default": { "ENGINE": "django.db.backends.sqlite3", "NAME": os.path.join(BASE_DIR, "db.sqlite3"), "ATOMIC_REQUESTS": True, } } # Password validation # https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", # noqa }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", # noqa "OPTIONS": { "min_length": 6, }, }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", # noqa }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", # noqa }, ] # Password Hashing (more secure) PASSWORD_HASHERS = [ # This isn't working in older Python environments # "django.contrib.auth.hashers.Argon2PasswordHasher", "django.contrib.auth.hashers.PBKDF2PasswordHasher", "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher", ] # Security Settings SECURE_BROWSER_XSS_FILTER = True SECURE_CONTENT_TYPE_NOSNIFF = True X_FRAME_OPTIONS = "DENY" CSRF_COOKIE_SECURE = not DEBUG SESSION_COOKIE_SECURE = not DEBUG if not DEBUG: SECURE_SSL_REDIRECT = True SECURE_HSTS_SECONDS = 31536000 # 1 year SECURE_HSTS_INCLUDE_SUBDOMAINS = True SECURE_HSTS_PRELOAD = True # Social authentication TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS = ["fedora"] SOCIAL_AUTH_PIPELINE = ( # Get the information we can about the user and return it in a simple # format to create the user instance later. In some cases the details are # already part of the auth response from the provider, but sometimes this # could hit a provider API. "social_core.pipeline.social_auth.social_details", # Get the social uid from whichever service we're authing thru. The uid is # the unique identifier of the given user in the provider. "social_core.pipeline.social_auth.social_uid", # Verifies that the current auth process is valid within the current # project, this is where emails and domains whitelists are applied (if # defined). "social_core.pipeline.social_auth.auth_allowed", # Checks if the current social-account is already associated in the site. "social_core.pipeline.social_auth.social_user", # Make up a username for this person, appends a random string at the end if # there's any collision. "social_core.pipeline.user.get_username", # Send a validation email to the user to verify its email address. # Disabled by default. # 'social_core.pipeline.mail.mail_validation', # Associates the current social details with another user account with # a similar email address. Disabled by default. "social_core.pipeline.social_auth.associate_by_email", # Associates the current social details with an existing user account with # a matching ConfirmedEmail. "ivatar.ivataraccount.auth.associate_by_confirmed_email", # Create a user account if we haven't found one yet. "social_core.pipeline.user.create_user", # Create the record that associates the social account with the user. "social_core.pipeline.social_auth.associate_user", # Populate the extra_data field in the social record with the values # specified by settings (and the default ones like access_token, etc). "social_core.pipeline.social_auth.load_extra_data", # Update the user record with any changed info from the auth service. "social_core.pipeline.user.user_details", # Create the ConfirmedEmail if appropriate. "ivatar.ivataraccount.auth.add_confirmed_email", ) # Internationalization # https://docs.djangoproject.com/en/2.0/topics/i18n/ LANGUAGE_CODE = "en-us" TIME_ZONE = "UTC" USE_I18N = True USE_L10N = True USE_TZ = True # Static files configuration (esp. req. during dev.) PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir)) STATIC_URL = "/static/" STATIC_ROOT = os.path.join(BASE_DIR, "static") DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" from config import * # pylint: disable=wildcard-import,wrong-import-position,unused-wildcard-import # noqa