Coverage for ivatar/settings.py: 90%

40 statements  

« prev     ^ index     » next       coverage.py v7.10.6, created at 2025-09-14 23:13 +0000

1# -*- coding: utf-8 -*- 

2""" 

3Django settings for ivatar project. 

4""" 

5 

6import os 

7import logging 

8 

9log_level = logging.DEBUG # pylint: disable=invalid-name 

10logger = logging.getLogger("ivatar") # pylint: disable=invalid-name 

11logger.setLevel(log_level) 

12 

13PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__)) 

14BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) 

15 

16 

17# SECURITY WARNING: keep the secret key used in production secret! 

18SECRET_KEY = "=v(+-^t#ahv^a&&e)uf36g8algj$d1@6ou^w(r0@%)#8mlc*zk" 

19 

20# SECURITY WARNING: don't run with debug turned on in production! 

21DEBUG = True 

22 

23ALLOWED_HOSTS = [] 

24 

25 

26# Application definition 

27 

28INSTALLED_APPS = [ 

29 "django.contrib.admin", 

30 "django.contrib.auth", 

31 "django.contrib.contenttypes", 

32 "django.contrib.sessions", 

33 "django.contrib.messages", 

34 "django.contrib.staticfiles", 

35 "social_django", 

36] 

37 

38MIDDLEWARE = [ 

39 "django.middleware.security.SecurityMiddleware", 

40 "django.contrib.sessions.middleware.SessionMiddleware", 

41 "django.middleware.common.CommonMiddleware", 

42 "django.middleware.csrf.CsrfViewMiddleware", 

43 "django.contrib.auth.middleware.AuthenticationMiddleware", 

44 "django.contrib.messages.middleware.MessageMiddleware", 

45 "django.middleware.clickjacking.XFrameOptionsMiddleware", 

46] 

47 

48ROOT_URLCONF = "ivatar.urls" 

49 

50TEMPLATES = [ 

51 { 

52 "BACKEND": "django.template.backends.django.DjangoTemplates", 

53 "DIRS": [os.path.join(BASE_DIR, "templates")], 

54 "APP_DIRS": True, 

55 "OPTIONS": { 

56 "context_processors": [ 

57 "django.template.context_processors.debug", 

58 "django.template.context_processors.request", 

59 "django.contrib.auth.context_processors.auth", 

60 "django.contrib.messages.context_processors.messages", 

61 "django.template.context_processors.i18n", 

62 "social_django.context_processors.login_redirect", 

63 ], 

64 "debug": DEBUG, 

65 }, 

66 }, 

67] 

68 

69WSGI_APPLICATION = "ivatar.wsgi.application" 

70 

71 

72# Database 

73# https://docs.djangoproject.com/en/2.0/ref/settings/#databases 

74 

75DATABASES = { 

76 "default": { 

77 "ENGINE": "django.db.backends.sqlite3", 

78 "NAME": os.path.join(BASE_DIR, "db.sqlite3"), 

79 "ATOMIC_REQUESTS": True, 

80 } 

81} 

82 

83 

84# Password validation 

85# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators 

86 

87AUTH_PASSWORD_VALIDATORS = [ 

88 { 

89 "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", # noqa 

90 }, 

91 { 

92 "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", # noqa 

93 "OPTIONS": { 

94 "min_length": 6, 

95 }, 

96 }, 

97 { 

98 "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", # noqa 

99 }, 

100 { 

101 "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", # noqa 

102 }, 

103] 

104 

105# Password Hashing (more secure) 

106PASSWORD_HASHERS = [ 

107 # This isn't working in older Python environments 

108 # "django.contrib.auth.hashers.Argon2PasswordHasher", 

109 "django.contrib.auth.hashers.PBKDF2PasswordHasher", 

110 "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher", 

111] 

112 

113# Security Settings 

114SECURE_BROWSER_XSS_FILTER = True 

115SECURE_CONTENT_TYPE_NOSNIFF = True 

116X_FRAME_OPTIONS = "DENY" 

117CSRF_COOKIE_SECURE = not DEBUG 

118SESSION_COOKIE_SECURE = not DEBUG 

119 

120if not DEBUG: 

121 SECURE_SSL_REDIRECT = True 

122 SECURE_HSTS_SECONDS = 31536000 # 1 year 

123 SECURE_HSTS_INCLUDE_SUBDOMAINS = True 

124 SECURE_HSTS_PRELOAD = True 

125 

126 

127# Social authentication 

128TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS = ["fedora"] 

129SOCIAL_AUTH_PIPELINE = ( 

130 # Get the information we can about the user and return it in a simple 

131 # format to create the user instance later. In some cases the details are 

132 # already part of the auth response from the provider, but sometimes this 

133 # could hit a provider API. 

134 "social_core.pipeline.social_auth.social_details", 

135 # Get the social uid from whichever service we're authing thru. The uid is 

136 # the unique identifier of the given user in the provider. 

137 "social_core.pipeline.social_auth.social_uid", 

138 # Verifies that the current auth process is valid within the current 

139 # project, this is where emails and domains whitelists are applied (if 

140 # defined). 

141 "social_core.pipeline.social_auth.auth_allowed", 

142 # Checks if the current social-account is already associated in the site. 

143 "social_core.pipeline.social_auth.social_user", 

144 # Make up a username for this person, appends a random string at the end if 

145 # there's any collision. 

146 "social_core.pipeline.user.get_username", 

147 # Send a validation email to the user to verify its email address. 

148 # Disabled by default. 

149 # 'social_core.pipeline.mail.mail_validation', 

150 # Associates the current social details with another user account with 

151 # a similar email address. Disabled by default. 

152 "social_core.pipeline.social_auth.associate_by_email", 

153 # Associates the current social details with an existing user account with 

154 # a matching ConfirmedEmail. 

155 "ivatar.ivataraccount.auth.associate_by_confirmed_email", 

156 # Create a user account if we haven't found one yet. 

157 "social_core.pipeline.user.create_user", 

158 # Create the record that associates the social account with the user. 

159 "social_core.pipeline.social_auth.associate_user", 

160 # Populate the extra_data field in the social record with the values 

161 # specified by settings (and the default ones like access_token, etc). 

162 "social_core.pipeline.social_auth.load_extra_data", 

163 # Update the user record with any changed info from the auth service. 

164 "social_core.pipeline.user.user_details", 

165 # Create the ConfirmedEmail if appropriate. 

166 "ivatar.ivataraccount.auth.add_confirmed_email", 

167) 

168 

169 

170# Internationalization 

171# https://docs.djangoproject.com/en/2.0/topics/i18n/ 

172 

173LANGUAGE_CODE = "en-us" 

174 

175TIME_ZONE = "UTC" 

176 

177USE_I18N = True 

178 

179USE_L10N = True 

180 

181USE_TZ = True 

182 

183 

184# Static files configuration (esp. req. during dev.) 

185PROJECT_ROOT = os.path.abspath(os.path.join(os.path.dirname(__file__), os.pardir)) 

186STATIC_URL = "/static/" 

187STATIC_ROOT = os.path.join(BASE_DIR, "static") 

188 

189DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" 

190 

191from config import * # pylint: disable=wildcard-import,wrong-import-position,unused-wildcard-import # noqa