import os from pathlib import Path import environ env = environ.Env() # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = env("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False # CSRF Stuff CSRF_COOKIE_SECURE = True CSRF_TRUSTED_ORIGINS = ["https://fbf.nabu-jena.de"] # Cookies SESSION_COOKIE_SECURE = True # HTTPS SECURE_HSTS_SECONDS = 0 SECURE_HSTS_INCLUDE_SUBDOMAINS = True SECURE_HSTS_PRELOAD = True # Allowed Hosts ALLOWED_HOSTS = [env("ALLOWED_HOSTS")] # Application definition INSTALLED_APPS = [ # ----------------------------------- # Jazzmin # ----------------------------------- "jazzmin", # ----------------------------------- # Django default # ----------------------------------- "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", # ----------------------------------- # All auth # ----------------------------------- "allauth", "allauth.account", "allauth.socialaccount", # ----------------------------------- # Crispy forms, modals and bootstrap5 # ----------------------------------- "bootstrap_modal_forms", "crispy_bootstrap5", "crispy_forms", # ----------------------------------- # CKEditor # ----------------------------------- "ckeditor", "ckeditor_uploader", # ----------------------------------- # My Apps # ----------------------------------- "aviary", "bird", "costs", "rescuer", "sites", ] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", "csp.middleware.CSPMiddleware", ] # DJANGO Content Security Policy CSP_DEFAULT_SRC = ( "'self'", "https://cdn.datatables.net", ) CSP_STYLE_SRC = ( "'self'", "'unsafe-inline'", "https://bootswatch.com", "https://cdn.datatables.net", "https://cdnjs.cloudflare.com", "https://fonts.googleapis.com", ) CSP_SCRIPT_SRC = ( "'self'", "https://cdn.datatables.net", "https://cdn.jsdelivr.net", "https://code.jquery.com", ) CSP_INCLUDE_NONCE_IN = ["script-src"] CSP_IMG_SRC = ("'self'", "data:") CSP_FONT_SRC = ( "'self'", "https://fonts.gstatic.com", "https://cdnjs.cloudflare.com", ) ROOT_URLCONF = "core.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [os.path.join(BASE_DIR, "templates")], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], }, }, ] AUTHENTICATION_BACKENDS = [ # Needed to login by username in Django admin, regardless of `allauth` "django.contrib.auth.backends.ModelBackend", # Allauth specific authentication methods, such as login by e-mail "allauth.account.auth_backends.AuthenticationBackend", ] WSGI_APPLICATION = "core.wsgi.application" # Database # https://docs.djangoproject.com/en/4.2/ref/settings/#databases DATABASES = { "default": { "ENGINE": "django.db.backends.postgresql", "HOST": env("DB_HOST"), "NAME": env("DB_NAME"), "PASSWORD": env("DB_PASSWORD"), "PORT": env("DB_PORT"), "USER": env("DB_USER"), } } # Password validation # https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", }, ] # Internationalization # https://docs.djangoproject.com/en/4.2/topics/i18n/ LANGUAGE_CODE = "de-de" TIME_ZONE = "Europe/Berlin" USE_I18N = True USE_TZ = True # Default primary key field type # https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" # Crispy forms CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5" CRISPY_TEMPLATE_PACK = "bootstrap5" # Allauth SITE_ID = 1 ACCOUNT_AUTHENTICATION_METHOD = "username_email" ACCOUNT_EMAIL_REQUIRED = True ACCOUNT_EMAIL_VERIFICATION = "mandatory" ACCOUNT_LOGIN_ATTEMPTS_LIMIT = 5 ACCOUNT_LOGIN_ATTEMPTS_TIMEOUT = 900 # 15 Minutes ACCOUNT_LOGIN_ON_EMAIL_CONFIRMATION = True ACCOUNT_LOGOUT_REDIRECT_URL = "/" ACCOUNT_LOGOUT_ON_GET = True ACCOUNT_SESSION_REMEMBER = True ACCOUNT_USERNAME_BLACKLIST = ["admin", "god"] ACCOUNT_USERNAME_MIN_LENGTH = 3 ACCOUNT_UNIQUE_EMAIL = True LOGIN_REDIRECT_URL = "/bird/all" # CKEditor CKEDITOR_BASEPATH = "/static/ckeditor/ckeditor/" CKEDITOR_UPLOAD_PATH = "media" # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/4.2/howto/static-files/ STATIC_URL = "static/" STATICFILES_DIRS = [BASE_DIR / "static"] STATIC_ROOT = BASE_DIR / "staticfiles" # Jazzmin try: from .jazzmin import JAZZMIN_SETTINGS except ImportError: print("No Jazzmin Settings found!") # Email # Console Backend for Development Usage. # EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" # SMTP Backup for Production Usage. EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend" if EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend": DEFAULT_FROM_EMAIL = env("DEFAULT_FROM_EMAIL") EMAIL_HOST_PASSWORD = env("EMAIL_HOST_PASSWORD") EMAIL_HOST_USER = env("EMAIL_HOST_USER") EMAIL_HOST = env("EMAIL_HOST") EMAIL_PORT = env("EMAIL_PORT") EMAIL_USE_TLS = True