spejstore-new/spejstore/settings.py

"""
Django settings for spejstore project.

Generated by 'django-admin startproject' using Django 1.10.1.

For more information on this file, see
https://docs.djangoproject.com/en/1.10/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.10/ref/settings/
"""

import os


def env(name, default=None):
    return os.getenv("SPEJSTORE_" + name, default)


# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
STATIC_ROOT = os.path.join(BASE_DIR, "build_static")
PROD = os.getenv("SPEJSTORE_ENV") == "prod"

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = env("SECRET_KEY", "#hjthi7_udsyt*9eeyb&nwgw5x=%pk_lnz3+u2tg9@=w3p1m*k")

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = not PROD

ALLOWED_HOSTS = env(
    "ALLOWED_HOSTS",
    "devinventory,inventory.waw.hackerspace.pl,inventory.hackerspace.pl,i,inventory"
    + (",127.0.0.1,locahost,*" if not PROD else ""),
).split(",")
LOGIN_REDIRECT_URL = "/admin/"

CSRF_TRUSTED_ORIGINS = env("HOST", "https://inventory.hackerspace.pl,").split(",")


# Application definition

INSTALLED_APPS = [
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "django.contrib.postgres",
    "social_django",
    "tree",
    "django_select2",
    "rest_framework",
    "rest_framework.authtoken",
    "django_markdown2",
    "storage",
    "django_admin_hstore_widget",
]

MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "whitenoise.middleware.WhiteNoiseMiddleware",
    "django.middleware.cache.UpdateCacheMiddleware",
    "django.middleware.gzip.GZipMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "storage.middleware.is_authorized_or_in_lan_middleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "social_django.middleware.SocialAuthExceptionMiddleware",
    "django.middleware.cache.FetchFromCacheMiddleware",
]

ROOT_URLCONF = "spejstore.urls"

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": ["templates/"],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
                "social_django.context_processors.backends",
                "social_django.context_processors.login_redirect",
            ],
        },
    },
]

WSGI_APPLICATION = "spejstore.wsgi.application"

# Logging

LOGGING = {
    "version": 1,
    "disable_existing_loggers": False,
    "handlers": {
        "console": {
            "class": "logging.StreamHandler",
        },
    },
    "root": {
        "handlers": ["console"],
        "level": "INFO",
    },
}

# Database
# https://docs.djangoproject.com/en/1.10/ref/settings/#databases

DATABASES = {
    "default": {
        "ENGINE": env("DB_ENGINE", "django.db.backends.postgresql_psycopg2"),
        "NAME": env("DB_NAME", "postgres"),
        "USER": env("DB_USER", "postgres"),
        "PASSWORD": env("DB_PASSWORD", None),
        "HOST": env("DB_HOST", "127.0.0.1"),
        "PORT": env("DB_PORT", 5432),
    }
}


# Password validation
# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
    },
]


AUTHENTICATION_BACKENDS = (
    "auth.backend.HSWawOAuth2",
    "django.contrib.auth.backends.ModelBackend",
)

SOCIAL_AUTH_PIPELINE = (
    "social_core.pipeline.social_auth.social_details",
    "social_core.pipeline.social_auth.social_uid",
    "social_core.pipeline.social_auth.social_user",
    "social_core.pipeline.user.get_username",
    "social_core.pipeline.social_auth.associate_by_email",
    "auth.pipeline.associate_by_personal_email",
    "social_core.pipeline.user.create_user",
    "social_core.pipeline.social_auth.associate_user",
    "social_core.pipeline.social_auth.load_extra_data",
    "social_core.pipeline.user.user_details",
    "auth.pipeline.staff_me_up",
)

STORAGES = {
    "default": {
        "BACKEND": "django.core.files.storage.FileSystemStorage",
    },
    "staticfiles": {
        "BACKEND": "whitenoise.storage.CompressedManifestStaticFilesStorage",
    },
}

# Internationalization
# https://docs.djangoproject.com/en/1.10/topics/i18n/

LANGUAGE_CODE = "en-us"
TIME_ZONE = "UTC"
USE_I18N = True
USE_L10N = True
USE_TZ = True

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.10/howto/static-files/

STATIC_URL = "/static/"
STATICFILES_DIRS = [os.path.join(BASE_DIR, "static")]

MEDIA_URL = "/media/"
MEDIA_ROOT = env("MEDIA_ROOT", os.path.join(BASE_DIR, "media"))

REQUIRE_AUTH = env("REQUIRE_AUTH", "true")
if REQUIRE_AUTH == "true":
    REQUIRE_AUTH = True
elif REQUIRE_AUTH == "false":
    REQUIRE_AUTH = False

# REST Framework
REST_FRAMEWORK = {
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
    "DEFAULT_PERMISSION_CLASSES": [
        "rest_framework.permissions.IsAuthenticatedOrReadOnly"
        if REQUIRE_AUTH
        else "rest_framework.permissions.IsAuthenticated",
    ],
    "DEFAULT_AUTHENTICATION_CLASSES": [
        "storage.authentication.LanAuthentication",
        "rest_framework.authentication.BasicAuthentication",
        "rest_framework.authentication.TokenAuthentication",
    ],
}

SOCIAL_AUTH_HSWAW_KEY = env("CLIENT_ID")
SOCIAL_AUTH_HSWAW_SECRET = env("SECRET")
SOCIAL_AUTH_REDIRECT_IS_HTTPS = env("OAUTH_REDIRECT_IS_HTTPS", "true") == "true"

SOCIAL_AUTH_JSONFIELD_ENABLED = True

LABEL_API = env("LABEL_API", "http://label.waw.hackerspace.pl:4567")
LOGIN_URL = "/admin/login/"
# Local LAN address space
LAN_ALLOWED_ADDRESS_SPACE = env("LAN_ALLOWED_ADDRESS_SPACE", "")
Initial commit 2016-09-29 20:20:10 +00:00			`"""`
			`Django settings for spejstore project.`

			`Generated by 'django-admin startproject' using Django 1.10.1.`

			`For more information on this file, see`
			`https://docs.djangoproject.com/en/1.10/topics/settings/`

			`For the full list of settings and their values, see`
			`https://docs.djangoproject.com/en/1.10/ref/settings/`
			`"""`

			`import os`

Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00
settings: load all relevant options from environment 2019-05-12 13:58:01 +00:00			`def env(name, default=None):`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`return os.getenv("SPEJSTORE_" + name, default)`
settings: load all relevant options from environment 2019-05-12 13:58:01 +00:00

Initial commit 2016-09-29 20:20:10 +00:00			`# Build paths inside the project like this: os.path.join(BASE_DIR, ...)`
			`BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`STATIC_ROOT = os.path.join(BASE_DIR, "build_static")`
			`PROD = os.getenv("SPEJSTORE_ENV") == "prod"`
Initial commit 2016-09-29 20:20:10 +00:00
			`# Quick-start development settings - unsuitable for production`
			`# See https://docs.djangoproject.com/en/1.10/howto/deployment/checklist/`

			`# SECURITY WARNING: keep the secret key used in production secret!`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`SECRET_KEY = env("SECRET_KEY", "#hjthi7_udsyt9eeyb&nwgw5x=%pk_lnz3+u2tg9@=w3p1mk")`
Initial commit 2016-09-29 20:20:10 +00:00
			`# SECURITY WARNING: don't run with debug turned on in production!`
Add apitoken endpoint 2019-02-02 12:21:15 +00:00			`DEBUG = not PROD`
Initial commit 2016-09-29 20:20:10 +00:00
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`ALLOWED_HOSTS = env(`
Migrate old django to the newest version Django 1.x is no longer supported, and the app needed migration to 4.x A lot of libraries has been unsupported or removed, so there's a few of unrelated changes, but necessary for the migration process to work. 2023-07-10 17:40:15 +00:00			`"ALLOWED_HOSTS",`
Add inventory.hackerspace.pl to ALLOWED_HOSTS 2023-07-11 21:36:35 +00:00			`"devinventory,inventory.waw.hackerspace.pl,inventory.hackerspace.pl,i,inventory"`
Make HSLan always authenticated for GET 2023-07-17 19:35:45 +00:00			`+ (",127.0.0.1,locahost,*" if not PROD else ""),`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`).split(",")`
			`LOGIN_REDIRECT_URL = "/admin/"`
Initial commit 2016-09-29 20:20:10 +00:00
fix: missing comma because python 2024-01-14 14:20:04 +00:00			`CSRF_TRUSTED_ORIGINS = env("HOST", "https://inventory.hackerspace.pl,").split(",")`
fix: add csrf config 2024-01-14 14:12:07 +00:00
Initial commit 2016-09-29 20:20:10 +00:00
			`# Application definition`

			`INSTALLED_APPS = [`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"django.contrib.admin",`
			`"django.contrib.auth",`
			`"django.contrib.contenttypes",`
			`"django.contrib.sessions",`
			`"django.contrib.messages",`
			`"django.contrib.staticfiles",`
			`"django.contrib.postgres",`
			`"social_django",`
			`"tree",`
			`"django_select2",`
			`"rest_framework",`
			`"rest_framework.authtoken",`
			`"django_markdown2",`
			`"storage",`
Migrate old django to the newest version Django 1.x is no longer supported, and the app needed migration to 4.x A lot of libraries has been unsupported or removed, so there's a few of unrelated changes, but necessary for the migration process to work. 2023-07-10 17:40:15 +00:00			`"django_admin_hstore_widget",`
Initial commit 2016-09-29 20:20:10 +00:00			`]`

			`MIDDLEWARE = [`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"django.middleware.security.SecurityMiddleware",`
add whitenoise lib to serve statics in production w/o nginx 2023-08-18 11:00:32 +00:00			`"whitenoise.middleware.WhiteNoiseMiddleware",`
settings: properly order middleware and and gzip 2023-08-25 19:03:55 +00:00			`"django.middleware.cache.UpdateCacheMiddleware",`
			`"django.middleware.gzip.GZipMiddleware",`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"django.contrib.sessions.middleware.SessionMiddleware",`
			`"django.middleware.common.CommonMiddleware",`
			`"django.middleware.csrf.CsrfViewMiddleware",`
			`"django.contrib.auth.middleware.AuthenticationMiddleware",`
middleware: Fix ordering again 2023-09-09 14:31:49 +00:00			`"storage.middleware.is_authorized_or_in_lan_middleware",`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"django.middleware.clickjacking.XFrameOptionsMiddleware",`
settings: properly order middleware and and gzip 2023-08-25 19:03:55 +00:00			`"django.contrib.messages.middleware.MessageMiddleware",`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"social_django.middleware.SocialAuthExceptionMiddleware",`
Add cache 2023-08-18 11:44:34 +00:00			`"django.middleware.cache.FetchFromCacheMiddleware",`
Initial commit 2016-09-29 20:20:10 +00:00			`]`

Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`ROOT_URLCONF = "spejstore.urls"`
Initial commit 2016-09-29 20:20:10 +00:00
			`TEMPLATES = [`
			`{`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"BACKEND": "django.template.backends.django.DjangoTemplates",`
			`"DIRS": ["templates/"],`
			`"APP_DIRS": True,`
			`"OPTIONS": {`
			`"context_processors": [`
			`"django.template.context_processors.debug",`
			`"django.template.context_processors.request",`
			`"django.contrib.auth.context_processors.auth",`
			`"django.contrib.messages.context_processors.messages",`
			`"social_django.context_processors.backends",`
			`"social_django.context_processors.login_redirect",`
Initial commit 2016-09-29 20:20:10 +00:00			`],`
			`},`
			`},`
			`]`

Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`WSGI_APPLICATION = "spejstore.wsgi.application"`
Initial commit 2016-09-29 20:20:10 +00:00
add error logging in production 2023-08-18 13:13:35 +00:00			`# Logging`

			`LOGGING = {`
			`"version": 1,`
			`"disable_existing_loggers": False,`
			`"handlers": {`
			`"console": {`
			`"class": "logging.StreamHandler",`
			`},`
			`},`
			`"root": {`
			`"handlers": ["console"],`
			`"level": "INFO",`
			`},`
			`}`
Initial commit 2016-09-29 20:20:10 +00:00
			`# Database`
			`# https://docs.djangoproject.com/en/1.10/ref/settings/#databases`

			`DATABASES = {`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"default": {`
			`"ENGINE": env("DB_ENGINE", "django.db.backends.postgresql_psycopg2"),`
			`"NAME": env("DB_NAME", "postgres"),`
			`"USER": env("DB_USER", "postgres"),`
			`"PASSWORD": env("DB_PASSWORD", None),`
Make HSLan always authenticated for GET 2023-07-17 19:35:45 +00:00			`"HOST": env("DB_HOST", "127.0.0.1"),`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"PORT": env("DB_PORT", 5432),`
Initial commit 2016-09-29 20:20:10 +00:00			`}`
			`}`


			`# Password validation`
			`# https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators`

			`AUTH_PASSWORD_VALIDATORS = [`
			`{`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",`
Initial commit 2016-09-29 20:20:10 +00:00			`},`
			`{`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",`
Initial commit 2016-09-29 20:20:10 +00:00			`},`
			`{`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",`
Initial commit 2016-09-29 20:20:10 +00:00			`},`
			`{`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",`
Initial commit 2016-09-29 20:20:10 +00:00			`},`
			`]`

vendor me daddy 2018-09-26 20:20:36 +00:00
Add LDAP auth, images support 2017-02-28 23:16:10 +00:00			`AUTHENTICATION_BACKENDS = (`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"auth.backend.HSWawOAuth2",`
			`"django.contrib.auth.backends.ModelBackend",`
Add LDAP auth, images support 2017-02-28 23:16:10 +00:00			`)`

initial oauth commit 2018-10-10 17:56:43 +00:00			`SOCIAL_AUTH_PIPELINE = (`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"social_core.pipeline.social_auth.social_details",`
			`"social_core.pipeline.social_auth.social_uid",`
			`"social_core.pipeline.social_auth.social_user",`
			`"social_core.pipeline.user.get_username",`
			`"social_core.pipeline.social_auth.associate_by_email",`
			`"auth.pipeline.associate_by_personal_email",`
			`"social_core.pipeline.user.create_user",`
			`"social_core.pipeline.social_auth.associate_user",`
			`"social_core.pipeline.social_auth.load_extra_data",`
			`"social_core.pipeline.user.user_details",`
Revert "auth: do not automatically staff new members" This reverts commit 0fa9762bea6bd66bcc88dd67a5110804ed95d3ae. 2023-08-25 19:51:09 +00:00			`"auth.pipeline.staff_me_up",`
associate_by_email 2018-10-10 19:33:16 +00:00			`)`
Add LDAP auth, images support 2017-02-28 23:16:10 +00:00
cache: cache statics 2023-08-25 19:50:53 +00:00			`STORAGES = {`
fix: missing files config 2024-01-13 23:21:30 +00:00			`"default": {`
			`"BACKEND": "django.core.files.storage.FileSystemStorage",`
			`},`
cache: cache statics 2023-08-25 19:50:53 +00:00			`"staticfiles": {`
			`"BACKEND": "whitenoise.storage.CompressedManifestStaticFilesStorage",`
			`},`
			`}`

Initial commit 2016-09-29 20:20:10 +00:00			`# Internationalization`
			`# https://docs.djangoproject.com/en/1.10/topics/i18n/`

Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`LANGUAGE_CODE = "en-us"`
			`TIME_ZONE = "UTC"`
Initial commit 2016-09-29 20:20:10 +00:00			`USE_I18N = True`
			`USE_L10N = True`
			`USE_TZ = True`

			`# Static files (CSS, JavaScript, Images)`
			`# https://docs.djangoproject.com/en/1.10/howto/static-files/`

Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`STATIC_URL = "/static/"`
authentication: always require if defined env if SPEJSTORE_REQUIRE_AUTH is 'true' then always require auth otherwise make it read-only on unauthorized access 2023-08-13 18:07:29 +00:00			`STATICFILES_DIRS = [os.path.join(BASE_DIR, "static")]`
Add LDAP auth, images support 2017-02-28 23:16:10 +00:00
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`MEDIA_URL = "/media/"`
			`MEDIA_ROOT = env("MEDIA_ROOT", os.path.join(BASE_DIR, "media"))`
Initial public REST API 2017-03-06 15:50:55 +00:00
authentication: always require if defined env if SPEJSTORE_REQUIRE_AUTH is 'true' then always require auth otherwise make it read-only on unauthorized access 2023-08-13 18:07:29 +00:00			`REQUIRE_AUTH = env("REQUIRE_AUTH", "true")`
			`if REQUIRE_AUTH == "true":`
			`REQUIRE_AUTH = True`
			`elif REQUIRE_AUTH == "false":`
			`REQUIRE_AUTH = False`

Initial public REST API 2017-03-06 15:50:55 +00:00			`# REST Framework`
			`REST_FRAMEWORK = {`
			# Use Django's standard `django.contrib.auth` permissions,
			`# or allow read-only access for unauthenticated users.`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`"DEFAULT_PERMISSION_CLASSES": [`
authentication: always require if defined env if SPEJSTORE_REQUIRE_AUTH is 'true' then always require auth otherwise make it read-only on unauthorized access 2023-08-13 18:07:29 +00:00			`"rest_framework.permissions.IsAuthenticatedOrReadOnly"`
			`if REQUIRE_AUTH`
			`else "rest_framework.permissions.IsAuthenticated",`
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`],`
			`"DEFAULT_AUTHENTICATION_CLASSES": [`
Make HSLan always authenticated for GET 2023-07-17 19:35:45 +00:00			`"storage.authentication.LanAuthentication",`
authentication: always require if defined env if SPEJSTORE_REQUIRE_AUTH is 'true' then always require auth otherwise make it read-only on unauthorized access 2023-08-13 18:07:29 +00:00			`"rest_framework.authentication.BasicAuthentication",`
			`"rest_framework.authentication.TokenAuthentication",`
Add apitoken endpoint 2019-02-02 12:21:15 +00:00			`],`
Initial public REST API 2017-03-06 15:50:55 +00:00			`}`
Initial label printing integration 2017-05-28 20:00:54 +00:00
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`SOCIAL_AUTH_HSWAW_KEY = env("CLIENT_ID")`
			`SOCIAL_AUTH_HSWAW_SECRET = env("SECRET")`
settings: fix oauth_redirect_is_http 2023-08-21 19:36:44 +00:00			`SOCIAL_AUTH_REDIRECT_IS_HTTPS = env("OAUTH_REDIRECT_IS_HTTPS", "true") == "true"`
initial oauth commit 2018-10-10 17:56:43 +00:00
Migrate deprecated field in settings 2023-07-13 19:01:17 +00:00			`SOCIAL_AUTH_JSONFIELD_ENABLED = True`
initial oauth commit 2018-10-10 17:56:43 +00:00
Blackify the code (autoformat) 2023-07-11 13:34:35 +00:00			`LABEL_API = env("LABEL_API", "http://label.waw.hackerspace.pl:4567")`
Add LOGIN_URL to redirect properly 2023-07-13 19:01:41 +00:00			`LOGIN_URL = "/admin/login/"`
auth: cleanup 2023-09-09 17:26:36 +00:00			`# Local LAN address space`
			`LAN_ALLOWED_ADDRESS_SPACE = env("LAN_ALLOWED_ADDRESS_SPACE", "")`