Coverage for ivatar/settings.py: 90%

40 statements  

« prev     ^ index     » next       coverage.py v7.10.6, created at 2025-09-04 23:12 +0000

1# -*- coding: utf-8 -*- 

2""" 

3Django settings for ivatar project. 

4""" 

5 

6import os 

7import logging 

8 

9log_level = logging.DEBUG # pylint: disable=invalid-name 

10logger = logging.getLogger("ivatar") # pylint: disable=invalid-name 

11logger.setLevel(log_level) 

12 

13PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__)) 

14BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 

15 

16 

17# SECURITY WARNING: keep the secret key used in production secret! 

18SECRET_KEY = "=v(+-^t#ahv^a&&e)uf36g8algj$d1@6ou^w(r0@%)#8mlc*zk" 

19 

20# SECURITY WARNING: don't run with debug turned on in production! 

21DEBUG = True 

22 

23ALLOWED_HOSTS = [] 

24 

25 

26# Application definition 

27 

28INSTALLED_APPS = [ 

29 "django.contrib.admin", 

30 "django.contrib.auth", 

31 "django.contrib.contenttypes", 

32 "django.contrib.sessions", 

33 "django.contrib.messages", 

34 "django.contrib.staticfiles", 

35 "social_django", 

36] 

37 

38MIDDLEWARE = [ 

39 "django.middleware.security.SecurityMiddleware", 

40 "django.contrib.sessions.middleware.SessionMiddleware", 

41 "django.middleware.common.CommonMiddleware", 

42 "django.middleware.csrf.CsrfViewMiddleware", 

43 "django.contrib.auth.middleware.AuthenticationMiddleware", 

44 "django.contrib.messages.middleware.MessageMiddleware", 

45 "django.middleware.clickjacking.XFrameOptionsMiddleware", 

46 "django.middleware.locale.LocaleMiddleware", 

47] 

48 

49ROOT_URLCONF = "ivatar.urls" 

50 

51TEMPLATES = [ 

52 { 

53 "BACKEND": "django.template.backends.django.DjangoTemplates", 

54 "DIRS": [os.path.join(BASE_DIR, "templates")], 

55 "APP_DIRS": True, 

56 "OPTIONS": { 

57 "context_processors": [ 

58 "django.template.context_processors.debug", 

59 "django.template.context_processors.request", 

60 "django.contrib.auth.context_processors.auth", 

61 "django.contrib.messages.context_processors.messages", 

62 "django.template.context_processors.i18n", 

63 "social_django.context_processors.login_redirect", 

64 ], 

65 "debug": DEBUG, 

66 }, 

67 }, 

68] 

69 

70WSGI_APPLICATION = "ivatar.wsgi.application" 

71 

72 

73# Database 

74# https://docs.djangoproject.com/en/2.0/ref/settings/#databases 

75 

76DATABASES = { 

77 "default": { 

78 "ENGINE": "django.db.backends.sqlite3", 

79 "NAME": os.path.join(BASE_DIR, "db.sqlite3"), 

80 "ATOMIC_REQUESTS": True, 

81 } 

82} 

83 

84 

85# Password validation 

86# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators 

87 

88AUTH_PASSWORD_VALIDATORS = [ 

89 { 

90 "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", # noqa 

91 }, 

92 { 

93 "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", # noqa 

94 "OPTIONS": { 

95 "min_length": 6, 

96 }, 

97 }, 

98 { 

99 "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", # noqa 

100 }, 

101 { 

102 "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", # noqa 

103 }, 

104] 

105 

106# Password Hashing (more secure) 

107PASSWORD_HASHERS = [ 

108 # This isn't working in older Python environments 

109 # "django.contrib.auth.hashers.Argon2PasswordHasher", 

110 "django.contrib.auth.hashers.PBKDF2PasswordHasher", 

111 "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher", 

112] 

113 

114# Security Settings 

115SECURE_BROWSER_XSS_FILTER = True 

116SECURE_CONTENT_TYPE_NOSNIFF = True 

117X_FRAME_OPTIONS = "DENY" 

118CSRF_COOKIE_SECURE = not DEBUG 

119SESSION_COOKIE_SECURE = not DEBUG 

120 

121if not DEBUG: 

122 SECURE_SSL_REDIRECT = True 

123 SECURE_HSTS_SECONDS = 31536000 # 1 year 

124 SECURE_HSTS_INCLUDE_SUBDOMAINS = True 

125 SECURE_HSTS_PRELOAD = True 

126 

127 

128# Social authentication 

129TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS = ["fedora"] 

130SOCIAL_AUTH_PIPELINE = ( 

131 # Get the information we can about the user and return it in a simple 

132 # format to create the user instance later. In some cases the details are 

133 # already part of the auth response from the provider, but sometimes this 

134 # could hit a provider API. 

135 "social_core.pipeline.social_auth.social_details", 

136 # Get the social uid from whichever service we're authing thru. The uid is 

137 # the unique identifier of the given user in the provider. 

138 "social_core.pipeline.social_auth.social_uid", 

139 # Verifies that the current auth process is valid within the current 

140 # project, this is where emails and domains whitelists are applied (if 

141 # defined). 

142 "social_core.pipeline.social_auth.auth_allowed", 

143 # Checks if the current social-account is already associated in the site. 

144 "social_core.pipeline.social_auth.social_user", 

145 # Make up a username for this person, appends a random string at the end if 

146 # there's any collision. 

147 "social_core.pipeline.user.get_username", 

148 # Send a validation email to the user to verify its email address. 

149 # Disabled by default. 

150 # 'social_core.pipeline.mail.mail_validation', 

151 # Associates the current social details with another user account with 

152 # a similar email address. Disabled by default. 

153 "social_core.pipeline.social_auth.associate_by_email", 

154 # Associates the current social details with an existing user account with 

155 # a matching ConfirmedEmail. 

156 "ivatar.ivataraccount.auth.associate_by_confirmed_email", 

157 # Create a user account if we haven't found one yet. 

158 "social_core.pipeline.user.create_user", 

159 # Create the record that associates the social account with the user. 

160 "social_core.pipeline.social_auth.associate_user", 

161 # Populate the extra_data field in the social record with the values 

162 # specified by settings (and the default ones like access_token, etc). 

163 "social_core.pipeline.social_auth.load_extra_data", 

164 # Update the user record with any changed info from the auth service. 

165 "social_core.pipeline.user.user_details", 

166 # Create the ConfirmedEmail if appropriate. 

167 "ivatar.ivataraccount.auth.add_confirmed_email", 

168) 

169 

170 

171# Internationalization 

172# https://docs.djangoproject.com/en/2.0/topics/i18n/ 

173 

174LANGUAGE_CODE = "en-us" 

175 

176TIME_ZONE = "UTC" 

177 

178USE_I18N = True 

179 

180USE_L10N = True 

181 

182USE_TZ = True 

183 

184 

185# Static files configuration (esp. req. during dev.) 

186PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir)) 

187STATIC_URL = "/static/" 

188STATIC_ROOT = os.path.join(BASE_DIR, "static") 

189 

190DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" 

191 

192from config import * # pylint: disable=wildcard-import,wrong-import-position,unused-wildcard-import # noqa