diff --git a/app/settings.py b/app/settings.py new file mode 100644 index 0000000..729e7c2 --- /dev/null +++ b/app/settings.py @@ -0,0 +1,195 @@ +""" +Django settings for the bocal project +""" + +from pathlib import Path + +from django.contrib.messages import constants as messages +from django.urls import reverse_lazy +from django.utils.translation import gettext_lazy as _ +from loadcredential import Credentials + +credentials = Credentials(env_prefix="BOCAL_") + +# Build paths inside the project like this: BASE_DIR / 'subdir'. +BASE_DIR = Path(__file__).resolve().parent.parent + +# WARNING: keep the secret key used in production secret! +SECRET_KEY = credentials["SECRET_KEY"] + +# WARNING: don't run with debug turned on in production! +DEBUG = credentials.get_json("DEBUG", False) + +ALLOWED_HOSTS = credentials.get_json("ALLOWED_HOSTS", []) + +ADMINS = credentials.get_json("ADMINS", []) + +SITE_ID = 1 + + +### +# List the installed applications + +INSTALLED_APPS = [ + "django.contrib.admin", + "django.contrib.auth", + "django.contrib.contenttypes", + "django.contrib.sessions", + "django.contrib.messages", + "django.contrib.staticfiles", + "solo", + "markdownx", + "django_cas_ng", + "mainsite", + "api", + "bocal_auth", +] + + +### +# List the installed middlewares + +MIDDLEWARE = [ + "django.middleware.security.SecurityMiddleware", + "django.contrib.sessions.middleware.SessionMiddleware", + "django.middleware.common.CommonMiddleware", + "django.middleware.csrf.CsrfViewMiddleware", + "django.contrib.auth.middleware.AuthenticationMiddleware", + "django.contrib.messages.middleware.MessageMiddleware", + "django.middleware.clickjacking.XFrameOptionsMiddleware", + "django_cas_ng.middleware.CASMiddleware", +] + + +### +# The main url configuration + +ROOT_URLCONF = "app.urls" + + +### +# Template configuration: +# - Django Templating Language is used +# - Application directories can be used + + +TEMPLATES = [ + { + "BACKEND": "django.template.backends.django.DjangoTemplates", + "DIRS": [], + "APP_DIRS": True, + "OPTIONS": { + "context_processors": [ + "django.template.context_processors.debug", + "django.template.context_processors.request", + "django.contrib.auth.context_processors.auth", + "django.contrib.messages.context_processors.messages", + "mainsite.context_processors.sidebar_years", + ], + }, + }, +] + + +### +# Database configuration +# -> https://docs.djangoproject.com/en/4.2/ref/settings/#databases + +DEFAULT_AUTO_FIELD = "django.db.models.AutoField" + +DATABASES = credentials.get_json( + "DATABASES", + { + "default": { + "ENGINE": "django.db.backends.sqlite3", + "NAME": BASE_DIR / "db.sqlite3", + } + }, +) + +CACHES = credentials.get_json( + "CACHES", + default={ + "default": { + "BACKEND": "django.core.cache.backends.locmem.LocMemCache", + }, + }, +) + + +### +# WSGI application configuration + +WSGI_APPLICATION = "app.wsgi.application" + + +### +# Staticfiles configuration + +STATIC_ROOT = credentials["STATIC_ROOT"] +STATIC_URL = "/static/" + +MEDIA_ROOT = credentials.get("MEDIA_ROOT", BASE_DIR / "media") +MEDIA_URL = "/media/" + + +### +# Internationalization configuration +# -> https://docs.djangoproject.com/en/4.2/topics/i18n/ + +LANGUAGE_CODE = "fr-fr" +TIME_ZONE = "Europe/Paris" + +USE_I18N = True +USE_L10N = True +USE_TZ = True + +LANGUAGES = [ + ("fr", _("Français")), +] + + +### +# Authentication configuration + +AUTHENTICATION_BACKENDS = [ + "django.contrib.auth.backends.ModelBackend", + "bocal_auth.cas_backend.BOcalCASBackend", +] + +CAS_ADMIN_PREFIX = "/yaes5eiS" # we don't want CAS to take over /admin auth +CAS_EMAIL_FORMAT = "%s@clipper.ens.fr" +CAS_FORCE_CHANGE_USERNAME_CASE = "lower" +CAS_IGNORE_REFERER = True +CAS_LOGOUT_COMPLETELY = False +CAS_REDIRECT_URL = "/" +CAS_SERVER_URL = "https://cas.eleves.ens.fr/" +CAS_VERIFY_URL = "https://cas.eleves.ens.fr/" +CAS_VERSION = "CAS_2_SAML_1_0" + +LOGIN_URL = "/accounts/login" +LOGIN_REDIRECT_URL = "/" + + +AUTH_PASSWORD_VALIDATORS = [ + {"NAME": f"django.contrib.auth.password_validation.{v}"} + for v in [ + "UserAttributeSimilarityValidator", + "MinimumLengthValidator", + "CommonPasswordValidator", + "NumericPasswordValidator", + ] +] + +RHOSTS_PATH = credentials["RHOSTS_PATH"] + + +### +# MarkdownX configuration + +MARKDOWNX_EDITOR_RESIZABLE = False + + +# Development settings +if DEBUG: + EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend" diff --git a/app/settings_base.py b/app/settings_base.py deleted file mode 100644 index 0c5f35a..0000000 --- a/app/settings_base.py +++ /dev/null @@ -1,103 +0,0 @@ -""" -Django settings for bocal project. - -Generated by 'django-admin startproject' using Django 1.11.5. - -For more information on this file, see -https://docs.djangoproject.com/en/1.11/topics/settings/ - -For the full list of settings and their values, see -https://docs.djangoproject.com/en/1.11/ref/settings/ -""" - -import os - -# Build paths inside the project like this: os.path.join(BASE_DIR, ...) -BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) - -# Public dir: a good base path for MEDIA_ROOT and STATIC_ROOT -PUBLIC_DIR = os.path.join(BASE_DIR, "public") - -# Application definition - -INSTALLED_APPS = [ - "django.contrib.admin", - "django.contrib.auth", - "django.contrib.contenttypes", - "django.contrib.sessions", - "django.contrib.messages", - "django.contrib.staticfiles", - "solo", - "markdownx", - "django_cas_ng", - "mainsite", - "api", - "bocal_auth", -] - -MIDDLEWARE = [ - "django.middleware.security.SecurityMiddleware", - "django.contrib.sessions.middleware.SessionMiddleware", - "django.middleware.common.CommonMiddleware", - "django.middleware.csrf.CsrfViewMiddleware", - "django.contrib.auth.middleware.AuthenticationMiddleware", - "django.contrib.messages.middleware.MessageMiddleware", - "django.middleware.clickjacking.XFrameOptionsMiddleware", - "django_cas_ng.middleware.CASMiddleware", -] - -ROOT_URLCONF = "bocal.urls" - -TEMPLATES = [ - { - "BACKEND": "django.template.backends.django.DjangoTemplates", - "DIRS": [], - "APP_DIRS": True, - "OPTIONS": { - "context_processors": [ - "django.template.context_processors.debug", - "django.template.context_processors.request", - "django.contrib.auth.context_processors.auth", - "django.contrib.messages.context_processors.messages", - "mainsite.context_processors.sidebar_years", - ], - }, - }, -] - -WSGI_APPLICATION = "bocal.wsgi.application" - - -# Password validation -# https://docs.djangoproject.com/en/1.11/ref/settings/#auth-password-validators - -AUTH_PASSWORD_VALIDATORS = [ - { - "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", - }, - { - "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", - }, - { - "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", - }, - { - "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", - }, -] - -AUTHENTICATION_BACKENDS = [ - "django.contrib.auth.backends.ModelBackend", - "bocal_auth.cas_backend.BOcalCASBackend", -] - -CAS_ADMIN_PREFIX = "/yaes5eiS" # we don't want CAS to take over /admin auth - -LOGIN_URL = "/accounts/login" -LOGIN_REDIRECT_URL = "/" - -# Static files (CSS, JavaScript, Images) -# https://docs.djangoproject.com/en/1.11/howto/static-files/ - -STATIC_URL = "/static/" -MEDIA_URL = "/media/" diff --git a/app/settings_dev.py b/app/settings_dev.py deleted file mode 100644 index b4027e2..0000000 --- a/app/settings_dev.py +++ /dev/null @@ -1,49 +0,0 @@ -import os - -from .settings_base import * - -# SECURITY WARNING: keep the secret key used in production secret! -# For production, generate a fresh one, eg. with -# pwgen -sy 60 1 -SECRET_KEY = "k340m-_mw#i#up8ajv9$$=$tgpji3f3j!jafj2+ken*@wo9u0%" - -# SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True - -ALLOWED_HOSTS = [] - -# Database -# https://docs.djangoproject.com/en/1.11/ref/settings/#databases -DATABASES = { - "default": { - "ENGINE": "django.db.backends.sqlite3", - "NAME": os.path.join(BASE_DIR, "db.sqlite3"), - } -} - -# Internationalization -# https://docs.djangoproject.com/en/1.11/topics/i18n/ -LANGUAGE_CODE = "fr-fr" -TIME_ZONE = "Europe/Paris" - -USE_I18N = True -USE_L10N = True -USE_TZ = True - -# Paths - -STATIC_ROOT = os.path.join(PUBLIC_DIR, "static") -MEDIA_ROOT = os.path.join(PUBLIC_DIR, "media") - -# Cas -CAS_SERVER_URL = "https://cas.eleves.ens.fr/" -CAS_VERIFY_URL = "https://cas.eleves.ens.fr/" -CAS_VERSION = "CAS_2_SAML_1_0" -CAS_IGNORE_REFERER = True -CAS_FORCE_CHANGE_USERNAME_CASE = "lower" -CAS_REDIRECT_URL = "/" -CAS_EMAIL_FORMAT = "%s@clipper.ens.fr" -CAS_LOGOUT_COMPLETELY = False - -# Auth -RHOSTS_PATH = "rhosts_dev" diff --git a/app/settings_prod.py b/app/settings_prod.py deleted file mode 100644 index e84ea85..0000000 --- a/app/settings_prod.py +++ /dev/null @@ -1,60 +0,0 @@ -import os - -from .settings_base import * - -# SECURITY WARNING: keep the secret key used in production secret! -# For production, generate a fresh one, eg. with -# pwgen -sy 60 1 -SECRET_KEY = "CHANGEMEQUICKLY" # FIXME - -# SECURITY WARNING: don't run with debug turned on in production! -DEBUG = False - -ALLOWED_HOSTS = [ - "localhost", -] # FIXME: add your domain name(s) here. - -# Database -# https://docs.djangoproject.com/en/1.11/ref/settings/#databases -DATABASES = { - "default": { # FIXME add real settings - "ENGINE": "django.db.backends.postgresql", - "NAME": "", # DB name - "USER": "", # DB user - "PASSWORD": "", # user's password - "HOST": "localhost", # DB host -- change if DB is not local - "PORT": "5432", # DB port -- 5432 is the default port for postgres - }, - # Alternatively, use sqlite3 (if you don't really have a choice…) - # 'default': { - # 'ENGINE': 'django.db.backends.sqlite3', - # 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), - # } -} - -# Internationalization -# https://docs.djangoproject.com/en/1.11/topics/i18n/ -LANGUAGE_CODE = "fr-fr" -TIME_ZONE = "Europe/Paris" - -USE_I18N = True -USE_L10N = True -USE_TZ = True - -# Paths - -STATIC_ROOT = os.path.join(PUBLIC_DIR, "static") -MEDIA_ROOT = os.path.join(PUBLIC_DIR, "media") - -# Cas -CAS_SERVER_URL = "https://example.com/" # FIXME -CAS_VERIFY_URL = "https://example.com/" # FIXME -CAS_VERSION = "CAS_2_SAML_1_0" # FIXME -CAS_IGNORE_REFERER = True -CAS_FORCE_CHANGE_USERNAME_CASE = "lower" -CAS_REDIRECT_URL = "/" -CAS_EMAIL_FORMAT = "%s@clipper.ens.fr" # FIXME -CAS_LOGOUT_COMPLETELY = False - -# Auth -RHOSTS_PATH = "" # FIXME (path to BOcal's .rhosts)