184 lines
4.5 KiB
Python
184 lines
4.5 KiB
Python
"""
|
|
Django settings for the DGSI project.
|
|
"""
|
|
|
|
import ssl
|
|
from pathlib import Path
|
|
|
|
import ldap3
|
|
from loadcredential import Credentials
|
|
|
|
credentials = Credentials(env_prefix="CE_")
|
|
|
|
# Build paths inside the project like this: BASE_DIR / "subdir".
|
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
|
|
|
# WARNING: keep the secret key used in production secret!
|
|
SECRET_KEY = credentials["SECRET_KEY"]
|
|
|
|
# WARNING: don't run with debug turned on in production!
|
|
DEBUG = credentials.get_json("DEBUG", False)
|
|
|
|
ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", [])
|
|
|
|
DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
|
|
|
|
###
|
|
# List the installed applications
|
|
|
|
INSTALLED_APPS = [
|
|
"django.contrib.admin",
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
"django.contrib.sessions",
|
|
"django.contrib.messages",
|
|
"django.contrib.staticfiles",
|
|
# "cas_eleves",
|
|
"cas_server",
|
|
]
|
|
|
|
###
|
|
# List the installed middlewares
|
|
|
|
MIDDLEWARE = [
|
|
"django.middleware.security.SecurityMiddleware",
|
|
"django.contrib.sessions.middleware.SessionMiddleware",
|
|
"django.middleware.common.CommonMiddleware",
|
|
"django.middleware.csrf.CsrfViewMiddleware",
|
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
|
"django.contrib.messages.middleware.MessageMiddleware",
|
|
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
|
"django.middleware.locale.LocaleMiddleware",
|
|
]
|
|
|
|
###
|
|
# The main url configuration
|
|
|
|
ROOT_URLCONF = "app.urls"
|
|
|
|
###
|
|
# Template configuration:
|
|
|
|
TEMPLATES = [
|
|
{
|
|
"BACKEND": "django.template.backends.django.DjangoTemplates",
|
|
"DIRS": [(BASE_DIR / "cas_eleves" / "templates")],
|
|
"APP_DIRS": True,
|
|
"OPTIONS": {
|
|
"context_processors": [
|
|
"django.template.context_processors.debug",
|
|
"django.template.context_processors.request",
|
|
"django.contrib.auth.context_processors.auth",
|
|
"django.contrib.messages.context_processors.messages",
|
|
],
|
|
},
|
|
},
|
|
]
|
|
|
|
CAS_LOGGED_TEMPLATE = "cas_eleves/logged.html"
|
|
CAS_LOGIN_TEMPLATE = "cas_eleves/login.html"
|
|
CAS_LOGOUT_TEMPLATE = "cas_eleves/logout.html"
|
|
CAS_WARN_TEMPLATE = "cas_eleves/warn.html"
|
|
|
|
###
|
|
# Static files (CSS, JavaScript, Images) configuration
|
|
# -> https://docs.djangoproject.com/en/4.2/howto/static-files/
|
|
|
|
STATIC_URL = "/static/"
|
|
STATICFILES_DIRS = [BASE_DIR / "cas_eleves" / "static"]
|
|
|
|
STATIC_ROOT = credentials["STATIC_ROOT"]
|
|
|
|
CAS_SHOW_SERVICE_MESSAGES = False
|
|
|
|
###
|
|
# WSGI application configuration
|
|
|
|
WSGI_APPLICATION = "app.wsgi.application"
|
|
|
|
###
|
|
# Authentication configuration
|
|
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
|
|
},
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
|
|
},
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
|
|
},
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
|
|
},
|
|
]
|
|
|
|
###
|
|
# Database configuration
|
|
# -> https://docs.djangoproject.com/en/4.2/ref/settings/#databases
|
|
|
|
DATABASES = {
|
|
"default": (
|
|
{
|
|
"ENGINE": "django.db.backends.sqlite3",
|
|
"NAME": BASE_DIR / "db.sqlite3",
|
|
}
|
|
if DEBUG
|
|
else {
|
|
"ENGINE": "django.db.backends.postgresql",
|
|
"NAME": "cas_server",
|
|
"USER": "cas_server",
|
|
"HOST": "/var/run/postgresql/",
|
|
}
|
|
)
|
|
}
|
|
|
|
###
|
|
# Internationalization configuration
|
|
# -> https://docs.djangoproject.com/en/4.2/topics/i18n/
|
|
|
|
LANGUAGE_CODE = "fr-fr"
|
|
TIME_ZONE = "Europe/Paris"
|
|
USE_I18N = True
|
|
USE_L10N = True
|
|
USE_TZ = True
|
|
|
|
LOCALE_PATHS = [(BASE_DIR / "cas_eleves" / "locale")]
|
|
|
|
###
|
|
# Logging configuration
|
|
|
|
LOGGING = {
|
|
"version": 1,
|
|
"disable_existing_loggers": False,
|
|
"handlers": {
|
|
"console": {
|
|
"class": "logging.StreamHandler",
|
|
},
|
|
},
|
|
"root": {
|
|
"handlers": ["console"],
|
|
"level": "DEBUG",
|
|
},
|
|
}
|
|
|
|
###
|
|
# CAS backend configuration
|
|
# -> https://github.com/nitmir/django-cas-server#settings
|
|
|
|
CAS_AUTH_CLASS = "cas_server.auth.LdapAuthUser"
|
|
CAS_LDAP_SERVER = ldap3.Server(
|
|
"ldaps://ldap.spi.ens.fr:6636",
|
|
get_info=ldap3.ALL,
|
|
tls=ldap3.Tls(
|
|
validate=ssl.CERT_REQUIRED,
|
|
version=ssl.PROTOCOL_TLSv1_1,
|
|
ciphers="AES256-SHA",
|
|
ssl_options=[ssl.OP_LEGACY_SERVER_CONNECT],
|
|
),
|
|
)
|
|
CAS_LDAP_BASE_DN = "dc=spi,dc=ens,dc=fr"
|
|
CAS_LDAP_USER_QUERY = "(uid=%s)"
|
|
CAS_LDAP_USERNAME_ATTR = "uid"
|
|
CAS_LDAP_PASSWORD_CHECK = "bind"
|