""" Django settings for spejstore project. Generated by 'django-admin startproject' using Django 1.10.1. For more information on this file, see https://docs.djangoproject.com/en/1.10/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/1.10/ref/settings/ """ import os def env(name, default=None): return os.getenv("SPEJSTORE_" + name, default) # Build paths inside the project like this: os.path.join(BASE_DIR, ...) BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) STATIC_ROOT = os.path.join(BASE_DIR, "build_static") PROD = os.getenv("SPEJSTORE_ENV") == "prod" # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = env("SECRET_KEY", "#hjthi7_udsyt*9eeyb&nwgw5x=%pk_lnz3+u2tg9@=w3p1m*k") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = not PROD ALLOWED_HOSTS = env( "ALLOWED_HOSTS", "devinventory,inventory.waw.hackerspace.pl,inventory.hackerspace.pl,i,inventory" + (",127.0.0.1,locahost,*" if not PROD else ""), ).split(",") LOGIN_REDIRECT_URL = "/admin/" # Application definition INSTALLED_APPS = [ "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "django.contrib.postgres", "social_django", "tree", "django_select2", "rest_framework", "rest_framework.authtoken", "django_markdown2", "storage", "django_admin_hstore_widget", ] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.middleware.cache.UpdateCacheMiddleware", "storage.middleware.is_authorized_or_in_lan_middleware", "django.middleware.gzip.GZipMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "social_django.middleware.SocialAuthExceptionMiddleware", "django.middleware.cache.FetchFromCacheMiddleware", ] ROOT_URLCONF = "spejstore.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": ["templates/"], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", "social_django.context_processors.backends", "social_django.context_processors.login_redirect", ], }, }, ] WSGI_APPLICATION = "spejstore.wsgi.application" # Logging LOGGING = { "version": 1, "disable_existing_loggers": False, "handlers": { "console": { "class": "logging.StreamHandler", }, }, "root": { "handlers": ["console"], "level": "INFO", }, } # Database # https://docs.djangoproject.com/en/1.10/ref/settings/#databases DATABASES = { "default": { "ENGINE": env("DB_ENGINE", "django.db.backends.postgresql_psycopg2"), "NAME": env("DB_NAME", "postgres"), "USER": env("DB_USER", "postgres"), "PASSWORD": env("DB_PASSWORD", None), "HOST": env("DB_HOST", "127.0.0.1"), "PORT": env("DB_PORT", 5432), } } # Password validation # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", }, ] AUTHENTICATION_BACKENDS = ( "auth.backend.HSWawOAuth2", "django.contrib.auth.backends.ModelBackend", ) SOCIAL_AUTH_PIPELINE = ( "social_core.pipeline.social_auth.social_details", "social_core.pipeline.social_auth.social_uid", "social_core.pipeline.social_auth.social_user", "social_core.pipeline.user.get_username", "social_core.pipeline.social_auth.associate_by_email", "auth.pipeline.associate_by_personal_email", "social_core.pipeline.user.create_user", "social_core.pipeline.social_auth.associate_user", "social_core.pipeline.social_auth.load_extra_data", "social_core.pipeline.user.user_details", "auth.pipeline.staff_me_up", ) STORAGES = { "staticfiles": { "BACKEND": "whitenoise.storage.CompressedManifestStaticFilesStorage", }, } # Internationalization # https://docs.djangoproject.com/en/1.10/topics/i18n/ LANGUAGE_CODE = "en-us" TIME_ZONE = "UTC" USE_I18N = True USE_L10N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/1.10/howto/static-files/ STATIC_URL = "/static/" STATICFILES_DIRS = [os.path.join(BASE_DIR, "static")] MEDIA_URL = "/media/" MEDIA_ROOT = env("MEDIA_ROOT", os.path.join(BASE_DIR, "media")) REQUIRE_AUTH = env("REQUIRE_AUTH", "true") if REQUIRE_AUTH == "true": REQUIRE_AUTH = True elif REQUIRE_AUTH == "false": REQUIRE_AUTH = False # REST Framework REST_FRAMEWORK = { # Use Django's standard `django.contrib.auth` permissions, # or allow read-only access for unauthenticated users. "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.IsAuthenticatedOrReadOnly" if REQUIRE_AUTH else "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_AUTHENTICATION_CLASSES": [ "storage.authentication.LanAuthentication", "rest_framework.authentication.BasicAuthentication", "rest_framework.authentication.TokenAuthentication", ], } SOCIAL_AUTH_HSWAW_KEY = env("CLIENT_ID") SOCIAL_AUTH_HSWAW_SECRET = env("SECRET") SOCIAL_AUTH_REDIRECT_IS_HTTPS = env("OAUTH_REDIRECT_IS_HTTPS", "true") == "true" SOCIAL_AUTH_JSONFIELD_ENABLED = True LABEL_API = env("LABEL_API", "http://label.waw.hackerspace.pl:4567") LOGIN_URL = "/admin/login/" # HSWAW lan LAN_ALLOWED_ADDRESS_SPACE = env("LAN_ALLOWED_ADDRESS_SPACE", "10.8.0.0/16") LAN_ALLOWED_HEADER = env("LAN_ALLOWED_HEADER", "X-LAN-ALLOWED") PROXY_TRUSTED_IPS = env("PROXY_TRUSTED_IPS", "172.21.37.1").split(",")