Coverage for ivatar/settings.py: 89%
38 statements
« prev ^ index » next coverage.py v7.6.12, created at 2025-02-22 00:11 +0000
1# -*- coding: utf-8 -*-
2"""
3Django settings for ivatar project.
4"""
6import os
7import logging
9log_level = logging.DEBUG # pylint: disable=invalid-name
10logger = logging.getLogger("ivatar") # pylint: disable=invalid-name
11logger.setLevel(log_level)
13PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__))
14BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
17# SECURITY WARNING: keep the secret key used in production secret!
18SECRET_KEY = "=v(+-^t#ahv^a&&e)uf36g8algj$d1@6ou^w(r0@%)#8mlc*zk"
20# SECURITY WARNING: don't run with debug turned on in production!
21DEBUG = True
23ALLOWED_HOSTS = []
26# Application definition
28INSTALLED_APPS = [
29 "django.contrib.admin",
30 "django.contrib.auth",
31 "django.contrib.contenttypes",
32 "django.contrib.sessions",
33 "django.contrib.messages",
34 "django.contrib.staticfiles",
35]
37MIDDLEWARE = [
38 "django.middleware.security.SecurityMiddleware",
39 "django.contrib.sessions.middleware.SessionMiddleware",
40 "django.middleware.common.CommonMiddleware",
41 "django.middleware.csrf.CsrfViewMiddleware",
42 "django.contrib.auth.middleware.AuthenticationMiddleware",
43 "django.contrib.messages.middleware.MessageMiddleware",
44 "django.middleware.clickjacking.XFrameOptionsMiddleware",
45 "django.middleware.locale.LocaleMiddleware",
46]
48ROOT_URLCONF = "ivatar.urls"
50TEMPLATES = [
51 {
52 "BACKEND": "django.template.backends.django.DjangoTemplates",
53 "DIRS": [os.path.join(BASE_DIR, "templates")],
54 "APP_DIRS": True,
55 "OPTIONS": {
56 "context_processors": [
57 "django.template.context_processors.debug",
58 "django.template.context_processors.request",
59 "django.contrib.auth.context_processors.auth",
60 "django.contrib.messages.context_processors.messages",
61 "django.template.context_processors.i18n",
62 ],
63 "debug": DEBUG,
64 },
65 },
66]
68WSGI_APPLICATION = "ivatar.wsgi.application"
71# Database
72# https://docs.djangoproject.com/en/2.0/ref/settings/#databases
74DATABASES = {
75 "default": {
76 "ENGINE": "django.db.backends.sqlite3",
77 "NAME": os.path.join(BASE_DIR, "db.sqlite3"),
78 "ATOMIC_REQUESTS": True,
79 }
80}
83# Password validation
84# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators
86AUTH_PASSWORD_VALIDATORS = [
87 {
88 "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", # noqa
89 },
90 {
91 "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", # noqa
92 "OPTIONS": {
93 "min_length": 6,
94 },
95 },
96 {
97 "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", # noqa
98 },
99 {
100 "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", # noqa
101 },
102]
104# Password Hashing (more secure)
105PASSWORD_HASHERS = [
106 # This isn't working in older Python environments
107 # "django.contrib.auth.hashers.Argon2PasswordHasher",
108 "django.contrib.auth.hashers.PBKDF2PasswordHasher",
109 "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher",
110]
112# Security Settings
113SECURE_BROWSER_XSS_FILTER = True
114SECURE_CONTENT_TYPE_NOSNIFF = True
115X_FRAME_OPTIONS = "DENY"
116CSRF_COOKIE_SECURE = not DEBUG
117SESSION_COOKIE_SECURE = not DEBUG
119if not DEBUG:
120 SECURE_SSL_REDIRECT = True
121 SECURE_HSTS_SECONDS = 31536000 # 1 year
122 SECURE_HSTS_INCLUDE_SUBDOMAINS = True
123 SECURE_HSTS_PRELOAD = True
125# Internationalization
126# https://docs.djangoproject.com/en/2.0/topics/i18n/
128LANGUAGE_CODE = "en-us"
130TIME_ZONE = "UTC"
132USE_I18N = True
134USE_L10N = True
136USE_TZ = True
139# Static files configuration (esp. req. during dev.)
140PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir))
141STATIC_URL = "/static/"
142STATIC_ROOT = os.path.join(BASE_DIR, "static")
144DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
146from config import * # pylint: disable=wildcard-import,wrong-import-position,unused-wildcard-import # noqa