manuels-scolaires/src/manuels_collection/settings.py

"""
Django settings for checkout project.

Generated by 'django-admin startproject' using Django 3.1.

For more information on this file, see
https://docs.djangoproject.com/en/3.1/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/3.1/ref/settings/
"""
import os
from pathlib import Path

import environ

# Build paths inside the project like this: BASE_DIR / 'subdir'.
from django.contrib import messages

BASE_DIR = Path(__file__).resolve(strict=True).parent.parent

env = environ.Env(
    DEBUG=(bool, False),
    SECRET_KEY=(str, "s#!83!8e$3s89m)r$1ghsgxbndf8=#^qt(_*o%xbq0j2t8#db5"),
    ADMINS=(list, []),
    MAILGUN_API_KEY=(str, ""),
    MAILGUN_SENDER_DOMAIN=(str, ""),
    SERVER_EMAIL=(str, ""),
    EMAIL_REPLY_TO=(list, []),
    AUTHORIZED_EMAILS=(list, []),
    LIBRARIAN_EMAILS=(list, []),
    HOSTS=(list, []),
    TIME_ZONE=(str, "Europe/Paris"),
    LANGUAGE_CODE=(str, "fr-fr"),
)

env_file = os.getenv("ENV_FILE", None)

if env_file:
    environ.Env.read_env(env_file)

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = env("SECRET_KEY")

admins = env("ADMINS")
if admins:
    ADMINS = list(map(lambda x: tuple(x.split("|")), admins))

DEFAULT_FROM_EMAIL = env("SERVER_EMAIL")
SERVER_EMAIL = env("SERVER_EMAIL")
EMAIL_SUBJECT_PREFIX = "[Manuels] "
EMAIL_TIMEOUT = 30

ANYMAIL = {
    "MAILGUN_API_KEY": env("MAILGUN_API_KEY"),
    "MAILGUN_SENDER_DOMAIN": env("MAILGUN_SENDER_DOMAIN"),
    "MAILGUN_API_URL": "https://api.mailgun.net/v3",
}
EMAIL_BACKEND = "anymail.backends.mailgun.EmailBackend"
AUTHORIZED_EMAILS = env("AUTHORIZED_EMAILS")
LIBRARIAN_EMAILS = env("LIBRARIAN_EMAILS")
EMAIL_REPLY_TO = env("EMAIL_REPLY_TO")

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = env("DEBUG")
ALLOWED_HOSTS = ["localhost"]  # Required for healthcheck
if DEBUG:
    ALLOWED_HOSTS.append("127.0.0.1")

ALLOWED_HOSTS.extend(env("HOSTS"))

SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
SESSION_COOKIE_SECURE = not DEBUG
CSRF_COOKIE_SECURE = not DEBUG


# Application definition

INSTALLED_APPS = [
    "whitenoise.runserver_nostatic",
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "anymail",
    "bootstrap4",
    "manuels",
    "import_export",
]

MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "whitenoise.middleware.WhiteNoiseMiddleware",
    "django.middleware.gzip.GZipMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
]

ROOT_URLCONF = "manuels_collection.urls"

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": [],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
            ],
        },
    },
]

WSGI_APPLICATION = "manuels_collection.wsgi.application"

CACHES = {
    "default": {
        "BACKEND": "django.core.cache.backends.db.DatabaseCache",
        "LOCATION": "manuels_cache",
    }
}

# Database
# https://docs.djangoproject.com/en/3.1/ref/settings/#databases

default_db_path = BASE_DIR / "db.sqlite3"
DATABASES = {
    "default": env.db(default=f"sqlite:///{default_db_path}"),
}

INTERNAL_IPS = [
    "127.0.0.1",
    "localhost",
]

# Password validation
# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"
    },
    {"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},
    {"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
    {"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
]


# Internationalization
# https://docs.djangoproject.com/en/3.1/topics/i18n/

LANGUAGE_CODE = env("LANGUAGE_CODE")

TIME_ZONE = env("TIME_ZONE")

USE_I18N = True

USE_TZ = True

# Logging
LOG_LEVEL = "DEBUG" if DEBUG else "INFO"
LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "formatters": {
        "verbose": {
            "format": "[%(asctime)s] [%(process)d] [%(levelname)s] %(module)s - %(message)s"
        },
    },
    "handlers": {
        "console": {"class": "logging.StreamHandler", "formatter": "verbose"},
    },
    "loggers": {
        "manuels": {"handlers": ["console"], "level": LOG_LEVEL},
    },
}

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.1/howto/static-files/

STATIC_URL = "static/"
STATIC_ROOT = BASE_DIR.parent / "staticfiles"
STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"

MEDIA_URL = "media/"
MEDIA_ROOT = BASE_DIR.parent / "media"

LOGIN_REDIRECT_URL = "rooms-list"

LOGIN_URL = "admin:login"

SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin"
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_HSTS_SECONDS = 63072000

SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")

# CSP
CSP_DEFAULT_SRC = ("'none'",)
CSP_IMG_SRC = ("'self'", "data:")
CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'")
CSP_CONNECT_SRC = ("'self'",)
CSP_STYLE_SRC = ("'self'", "'unsafe-inline'")
CSP_MANIFEST_SRC = ("'self'",)
CSP_FONT_SRC = ("'self'",)
CSP_BASE_URI = ("'none'",)
CSP_FORM_ACTION = ("'self'",)

DEFAULT_AUTO_FIELD = "django.db.models.AutoField"


MESSAGE_TAGS = {messages.ERROR: "danger"}
Add working django 2018-05-21 19:28:36 +02:00			`"""`
Rework project structure 2022-06-15 19:45:35 +02:00			`Django settings for checkout project.`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`Generated by 'django-admin startproject' using Django 3.1.`
Add working django 2018-05-21 19:28:36 +02:00
			`For more information on this file, see`
Rework project structure 2022-06-15 19:45:35 +02:00			`https://docs.djangoproject.com/en/3.1/topics/settings/`
Add working django 2018-05-21 19:28:36 +02:00
			`For the full list of settings and their values, see`
Rework project structure 2022-06-15 19:45:35 +02:00			`https://docs.djangoproject.com/en/3.1/ref/settings/`
Add working django 2018-05-21 19:28:36 +02:00			`"""`
			`import os`
Update env 2021-07-10 12:10:17 +02:00			`from pathlib import Path`
Add working django 2018-05-21 19:28:36 +02:00
Run pre-commit 2021-07-10 12:11:58 +02:00			`import environ`
Rework project structure 2022-06-15 19:45:35 +02:00
			`# Build paths inside the project like this: BASE_DIR / 'subdir'.`
			`from django.contrib import messages`
Add working django 2018-05-21 19:28:36 +02:00
Update env 2021-07-10 12:10:17 +02:00			`BASE_DIR = Path(__file__).resolve(strict=True).parent.parent`

			`env = environ.Env(`
Rework project structure 2022-06-15 19:45:35 +02:00			`DEBUG=(bool, False),`
			`SECRET_KEY=(str, "s#!83!8e$3s89m)r$1ghsgxbndf8=#^qt(_*o%xbq0j2t8#db5"),`
			`ADMINS=(list, []),`
			`MAILGUN_API_KEY=(str, ""),`
			`MAILGUN_SENDER_DOMAIN=(str, ""),`
			`SERVER_EMAIL=(str, ""),`
Fix reply to 2022-06-15 20:05:58 +02:00			`EMAIL_REPLY_TO=(list, []),`
Update env 2021-07-10 12:10:17 +02:00			`AUTHORIZED_EMAILS=(list, []),`
			`LIBRARIAN_EMAILS=(list, []),`
Rework project structure 2022-06-15 19:45:35 +02:00			`HOSTS=(list, []),`
			`TIME_ZONE=(str, "Europe/Paris"),`
			`LANGUAGE_CODE=(str, "fr-fr"),`
Update env 2021-07-10 12:10:17 +02:00			`)`
Rework project structure 2022-06-15 19:45:35 +02:00
Update env 2021-07-10 12:10:17 +02:00			`env_file = os.getenv("ENV_FILE", None)`
Rework project structure 2022-06-15 19:45:35 +02:00
Update env 2021-07-10 12:10:17 +02:00			`if env_file:`
			`environ.Env.read_env(env_file)`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`# Quick-start development settings - unsuitable for production`
			`# See https://docs.djangoproject.com/en/3.1/howto/deployment/checklist/`
Add working django 2018-05-21 19:28:36 +02:00
			`# SECURITY WARNING: keep the secret key used in production secret!`
Update env 2021-07-10 12:10:17 +02:00			`SECRET_KEY = env("SECRET_KEY")`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`admins = env("ADMINS")`
			`if admins:`
			`ADMINS = list(map(lambda x: tuple(x.split("\|")), admins))`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`DEFAULT_FROM_EMAIL = env("SERVER_EMAIL")`
Run pre-commit 2021-07-10 12:11:58 +02:00			`SERVER_EMAIL = env("SERVER_EMAIL")`
			`EMAIL_SUBJECT_PREFIX = "[Manuels] "`
Rework project structure 2022-06-15 19:45:35 +02:00			`EMAIL_TIMEOUT = 30`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`ANYMAIL = {`
			`"MAILGUN_API_KEY": env("MAILGUN_API_KEY"),`
			`"MAILGUN_SENDER_DOMAIN": env("MAILGUN_SENDER_DOMAIN"),`
			`"MAILGUN_API_URL": "https://api.mailgun.net/v3",`
			`}`
			`EMAIL_BACKEND = "anymail.backends.mailgun.EmailBackend"`
Run pre-commit 2021-07-10 12:11:58 +02:00			`AUTHORIZED_EMAILS = env("AUTHORIZED_EMAILS")`
			`LIBRARIAN_EMAILS = env("LIBRARIAN_EMAILS")`
Fix reply to 2022-06-15 20:05:58 +02:00			`EMAIL_REPLY_TO = env("EMAIL_REPLY_TO")`
Add mail send when confirming. Closes #19 2018-06-02 18:03:18 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`# SECURITY WARNING: don't run with debug turned on in production!`
			`DEBUG = env("DEBUG")`
			`ALLOWED_HOSTS = ["localhost"] # Required for healthcheck`
			`if DEBUG:`
			`ALLOWED_HOSTS.append("127.0.0.1")`

			`ALLOWED_HOSTS.extend(env("HOSTS"))`

			`SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")`
			`SESSION_COOKIE_SECURE = not DEBUG`
			`CSRF_COOKIE_SECURE = not DEBUG`


Add working django 2018-05-21 19:28:36 +02:00			`# Application definition`

			`INSTALLED_APPS = [`
Rework project structure 2022-06-15 19:45:35 +02:00			`"whitenoise.runserver_nostatic",`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"django.contrib.admin",`
			`"django.contrib.auth",`
			`"django.contrib.contenttypes",`
			`"django.contrib.sessions",`
			`"django.contrib.messages",`
			`"django.contrib.staticfiles",`
			`"anymail",`
			`"bootstrap4",`
			`"manuels",`
			`"import_export",`
Add working django 2018-05-21 19:28:36 +02:00			`]`

			`MIDDLEWARE = [`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"django.middleware.security.SecurityMiddleware",`
			`"whitenoise.middleware.WhiteNoiseMiddleware",`
Rework project structure 2022-06-15 19:45:35 +02:00			`"django.middleware.gzip.GZipMiddleware",`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"django.contrib.sessions.middleware.SessionMiddleware",`
			`"django.middleware.common.CommonMiddleware",`
			`"django.middleware.csrf.CsrfViewMiddleware",`
			`"django.contrib.auth.middleware.AuthenticationMiddleware",`
			`"django.contrib.messages.middleware.MessageMiddleware",`
			`"django.middleware.clickjacking.XFrameOptionsMiddleware",`
Add working django 2018-05-21 19:28:36 +02:00			`]`

Run pre-commit 2021-07-10 12:11:58 +02:00			`ROOT_URLCONF = "manuels_collection.urls"`
Add working django 2018-05-21 19:28:36 +02:00
			`TEMPLATES = [`
			`{`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"BACKEND": "django.template.backends.django.DjangoTemplates",`
			`"DIRS": [],`
			`"APP_DIRS": True,`
			`"OPTIONS": {`
			`"context_processors": [`
			`"django.template.context_processors.debug",`
			`"django.template.context_processors.request",`
			`"django.contrib.auth.context_processors.auth",`
			`"django.contrib.messages.context_processors.messages",`
Add working django 2018-05-21 19:28:36 +02:00			`],`
			`},`
			`},`
			`]`

Run pre-commit 2021-07-10 12:11:58 +02:00			`WSGI_APPLICATION = "manuels_collection.wsgi.application"`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`CACHES = {`
			`"default": {`
			`"BACKEND": "django.core.cache.backends.db.DatabaseCache",`
			`"LOCATION": "manuels_cache",`
			`}`
			`}`

Add working django 2018-05-21 19:28:36 +02:00			`# Database`
Rework project structure 2022-06-15 19:45:35 +02:00			`# https://docs.djangoproject.com/en/3.1/ref/settings/#databases`

Run pre-commit 2021-07-10 12:11:58 +02:00			`default_db_path = BASE_DIR / "db.sqlite3"`
Add working django 2018-05-21 19:28:36 +02:00			`DATABASES = {`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"default": env.db(default=f"sqlite:///{default_db_path}"),`
Add working django 2018-05-21 19:28:36 +02:00			`}`

Rework project structure 2022-06-15 19:45:35 +02:00			`INTERNAL_IPS = [`
			`"127.0.0.1",`
			`"localhost",`
			`]`

Add working django 2018-05-21 19:28:36 +02:00			`# Password validation`
Rework project structure 2022-06-15 19:45:35 +02:00			`# https://docs.djangoproject.com/en/3.1/ref/settings/#auth-password-validators`
Add working django 2018-05-21 19:28:36 +02:00
			`AUTH_PASSWORD_VALIDATORS = [`
			`{`
Rework project structure 2022-06-15 19:45:35 +02:00			`"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"`
Add working django 2018-05-21 19:28:36 +02:00			`},`
Rework project structure 2022-06-15 19:45:35 +02:00			`{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},`
			`{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},`
			`{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},`
Add working django 2018-05-21 19:28:36 +02:00			`]`

Upgrade 2020-06-01 13:29:48 +02:00
Add working django 2018-05-21 19:28:36 +02:00			`# Internationalization`
Rework project structure 2022-06-15 19:45:35 +02:00			`# https://docs.djangoproject.com/en/3.1/topics/i18n/`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`LANGUAGE_CODE = env("LANGUAGE_CODE")`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`TIME_ZONE = env("TIME_ZONE")`
Add working django 2018-05-21 19:28:36 +02:00
			`USE_I18N = True`

			`USE_TZ = True`

Configure logging 2018-05-23 15:36:18 +02:00			`# Logging`
Run pre-commit 2021-07-10 12:11:58 +02:00			`LOG_LEVEL = "DEBUG" if DEBUG else "INFO"`
Configure logging 2018-05-23 15:36:18 +02:00			`LOGGING = {`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"version": 1,`
			`"disable_existing_loggers": False,`
			`"formatters": {`
			`"verbose": {`
			`"format": "[%(asctime)s] [%(process)d] [%(levelname)s] %(module)s - %(message)s"`
Configure logging 2018-05-23 15:36:18 +02:00			`},`
			`},`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"handlers": {`
			`"console": {"class": "logging.StreamHandler", "formatter": "verbose"},`
Configure logging 2018-05-23 15:36:18 +02:00			`},`
Run pre-commit 2021-07-10 12:11:58 +02:00			`"loggers": {`
			`"manuels": {"handlers": ["console"], "level": LOG_LEVEL},`
Configure logging 2018-05-23 15:36:18 +02:00			`},`
			`}`
Add working django 2018-05-21 19:28:36 +02:00
			`# Static files (CSS, JavaScript, Images)`
Rework project structure 2022-06-15 19:45:35 +02:00			`# https://docs.djangoproject.com/en/3.1/howto/static-files/`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`STATIC_URL = "static/"`
			`STATIC_ROOT = BASE_DIR.parent / "staticfiles"`
			`STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"`

			`MEDIA_URL = "media/"`
			`MEDIA_ROOT = BASE_DIR.parent / "media"`
Add working django 2018-05-21 19:28:36 +02:00
Run pre-commit 2021-07-10 12:11:58 +02:00			`LOGIN_REDIRECT_URL = "rooms-list"`
Add working django 2018-05-21 19:28:36 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`LOGIN_URL = "admin:login"`
Send link via email 2018-05-22 00:45:54 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`SECURE_REFERRER_POLICY = "strict-origin-when-cross-origin"`
			`SECURE_HSTS_INCLUDE_SUBDOMAINS = True`
			`SECURE_HSTS_PRELOAD = True`
			`SECURE_HSTS_SECONDS = 63072000`
Implement teacher lists confirmation. #19 2018-06-02 17:51:53 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")`
Use cache to improve ISBN api response time. 2018-06-16 00:12:33 +02:00
Rework project structure 2022-06-15 19:45:35 +02:00			`# CSP`
			`CSP_DEFAULT_SRC = ("'none'",)`
			`CSP_IMG_SRC = ("'self'", "data:")`
			`CSP_SCRIPT_SRC = ("'self'", "'unsafe-inline'")`
			`CSP_CONNECT_SRC = ("'self'",)`
			`CSP_STYLE_SRC = ("'self'", "'unsafe-inline'")`
			`CSP_MANIFEST_SRC = ("'self'",)`
			`CSP_FONT_SRC = ("'self'",)`
			`CSP_BASE_URI = ("'none'",)`
			`CSP_FORM_ACTION = ("'self'",)`
Use cache to improve ISBN api response time. 2018-06-16 00:12:33 +02:00
Run pre-commit 2021-07-10 12:11:58 +02:00			`DEFAULT_AUTO_FIELD = "django.db.models.AutoField"`
Rework project structure 2022-06-15 19:45:35 +02:00

			`MESSAGE_TAGS = {messages.ERROR: "danger"}`