""" Django settings for wikiazma project. Generated by 'django-admin startproject' using Django 3.2. For more information on this file, see https://docs.djangoproject.com/en/3.2/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/3.2/ref/settings/ """ import os from pathlib import Path # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = os.getenv("SECRET_KEY") def get_bool_env(key): val = os.getenv(key) if val != None and val.lower() == "true": return True return False MY_LOG_QUERIES = False # SECURITY WARNING: don't run with debug turned on in production! DEBUG = get_bool_env("DEBUG") DJANGO_ADMIN_IS_ENABLED = get_bool_env("DJANGO_ADMIN_IS_ENABLED") SECURE_CONTENT_TYPE_NOSNIFF = get_bool_env("SECURE_CONTENT_TYPE_NOSNIFF") SECURE_BROWSER_XSS_FILTER = get_bool_env("SECURE_BROWSER_XSS_FILTER") SECURE_SSL_REDIRECT = get_bool_env("SECURE_SSL_REDIRECT") SESSION_COOKIE_SECURE = get_bool_env("SESSION_COOKIE_SECURE") X_FRAME_OPTIONS = os.getenv("X_FRAME_OPTIONS", "DENY") SECURE_HSTS_SECONDS = int(os.getenv("SECURE_HSTS_SECONDS", "0")) SECURE_HSTS_INCLUDE_SUBDOMAINS = get_bool_env("SECURE_HSTS_INCLUDE_SUBDOMAINS") SECURE_HSTS_PRELOAD = get_bool_env("SECURE_HSTS_PRELOAD") SECURE_REFERRER_POLICY = os.getenv("SECURE_REFERRER_POLICY") # Content Security Policy # CSP_STYLE_SRC = ("'self'", "fonts.googleapis.com", "'sha256-/3kWSXHts8LrwfemLzY9W0tOv5I4eLIhrf0pT8cU0WI='") # CSP_STYLE_SRC = ("'self'", ) # CSP_SCRIPT_SRC = ("'self'", ) # CSP_SCRIPT_SRC_ELEM = ("'self'", ) # CSP_IMG_SRC = ("'self'", ) # CSP_FONT_SRC = ("'self'", ) # CSP_CONNECT_SRC = ("'self'", ) # CSP_OBJECT_SRC = ("'none'", ) # CSP_BASE_URI = ("'none'", ) # CSP_FRAME_ANCESTORS = ("'none'", ) # CSP_FORM_ACTION = ("'self'", ) # CSP_INCLUDE_NONCE_IN = ('script-src', ) # CSP_SCRIPT_SRC_ATTR = ("'unsafe-inline'",) PERMISSIONS_POLICY = {"geolocation": "none", "camera": "none", "microphone": "none"} ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS").split(",") BASE_URL = os.getenv("BASE_URL", "/") CORS_ALLOW_ALL_ORIGINS = get_bool_env("CORS_ALLOW_ALL_ORIGINS") CORS_ALLOWED_ORIGINS_STRING = os.getenv("CORS_ALLOWED_ORIGINS").split(",") CORS_ALLOWED_ORIGINS = ( CORS_ALLOWED_ORIGINS_STRING if CORS_ALLOWED_ORIGINS_STRING[0] != "" else [] ) CORS_ALLOW_METHODS = ["POST"] CORS_ALLOW_CREDENTIALS = get_bool_env("CORS_ALLOW_CREDENTIALS") CSRF_COOKIE_SECURE = get_bool_env("CSRF_COOKIE_SECURE") CSRF_COOKIE_SAMESITE = os.getenv("CSRF_COOKIE_SAMESITE") CSRF_FAILURE_VIEW = "utils.csrf_failure.csrf_failure_handler" CSRF_TRUSTED_ORIGINS_STRING = os.getenv("CSRF_TRUSTED_ORIGINS").split(",") CSRF_TRUSTED_ORIGINS = ( CSRF_TRUSTED_ORIGINS_STRING if CSRF_TRUSTED_ORIGINS_STRING[0] != "" else [] ) # Application definition INSTALLED_APPS = [ "django_crontab", "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "rest_framework", "corsheaders", "django_extensions", "django_cleanup.apps.CleanupConfig", "plan.apps.PlanConfig", "authenticate.apps.AuthenticateConfig", "collaborators.apps.CollaboratorsConfig", "institute.apps.InstituteConfig", "question_bank.apps.QuestionBankConfig", "question.apps.QuestionConfig", "public_resources.apps.PublicResourcesConfig", "exam.apps.ExamConfig", "text_book.apps.TextBookConfig", "payment.apps.PaymentConfig", "doc_parser.apps.DocParserConfig", "promotion.apps.PromotionConfig", # 'drf_spectacular', "django.contrib.postgres", "quiz.apps.QuizConfig", "challenge", ] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "django_permissions_policy.PermissionsPolicyMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", # 'csp.middleware.CSPMiddleware', "corsheaders.middleware.CorsMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] REST_FRAMEWORK = { "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", ], "EXCEPTION_HANDLER": "utils.exceptions.custom_exception_handler", "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema", } ROOT_URLCONF = "wikiazma.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], }, }, ] WSGI_APPLICATION = "wikiazma.wsgi.application" # Database # https://docs.djangoproject.com/en/3.2/ref/settings/#databases DATABASES = { "default": { "ENGINE": os.getenv("DATABASE_ENGINE"), "NAME": os.getenv("DATABASE_NAME"), "USER": os.getenv("DATABASE_USER"), "PASSWORD": os.getenv("DATABASE_PASSWORD"), "HOST": os.getenv("DATABASE_HOST"), "PORT": os.getenv("DATABASE_PORT"), } } # Password validation # https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", }, ] # Internationalization # https://docs.djangoproject.com/en/3.2/topics/i18n/ LANGUAGE_CODE = "en-us" TIME_ZONE = "Asia/Tehran" USE_I18N = True USE_L10N = False USE_TZ = True DATETIME_FORMAT = "N j, Y, H:i:s" # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/3.2/howto/static-files/ if get_bool_env("USE_AWS_S3_BUCKET"): AWS_S3_ACCESS_KEY_ID = os.getenv("AWS_S3_ACCESS_KEY_ID") AWS_S3_SECRET_ACCESS_KEY = os.getenv("AWS_S3_SECRET_ACCESS_KEY") AWS_STORAGE_BUCKET_NAME = os.getenv("AWS_STORAGE_BUCKET_NAME") AWS_S3_REGION_NAME = os.getenv("AWS_S3_REGION_NAME") if os.getenv("AWS_S3_CLOUD_FRONT_DOMAIN"): AWS_S3_CUSTOM_DOMAIN = os.getenv("AWS_S3_CLOUD_FRONT_DOMAIN") else: AWS_S3_CUSTOM_DOMAIN = ( f"%s.s3.{AWS_S3_REGION_NAME}.amazonaws.com" % AWS_STORAGE_BUCKET_NAME ) AWS_S3_OBJECT_PARAMETERS = { "CacheControl": "max-age=86400", } AWS_QUERYSTRING_EXPIRE = os.getenv("AWS_QUERYSTRING_EXPIRE") AWS_STATIC_LOCATION = "static" STATICFILES_STORAGE = "wikiazma.storage_amazon.StaticStorage" STATIC_URL = "https://%s/%s/" % (AWS_S3_CUSTOM_DOMAIN, AWS_STATIC_LOCATION) AWS_PUBLIC_MEDIA_LOCATION = "media/public/" DEFAULT_FILE_STORAGE = "wikiazma.storage_amazon.PublicMediaStorage" PUBLIC_FILE_STORAGE = "wikiazma.storage_amazon.PublicMediaStorage" AWS_PRIVATE_MEDIA_LOCATION = "media/private/" PRIVATE_FILE_STORAGE = "wikiazma.storage_amazon.PrivateMediaStorage" else: STATIC_FILES_DOMAIN = os.getenv("STATIC_FILES_DOMAIN") STATIC_LOCATION = "static/" STATIC_ROOT = os.path.join(BASE_DIR, STATIC_LOCATION) if STATIC_FILES_DOMAIN: STATIC_URL = "https://%s/%s/" % (STATIC_FILES_DOMAIN, STATIC_LOCATION) else: STATIC_URL = STATIC_LOCATION PUBLIC_MEDIA_RELATIVE_LOCATION = "media/public/" PUBLIC_MEDIA_ABSOLUTE_LOCATION = os.path.join( BASE_DIR, PUBLIC_MEDIA_RELATIVE_LOCATION ) if STATIC_FILES_DOMAIN: PUBLIC_MEDIA_URL = "https://%s/%s/" % ( STATIC_FILES_DOMAIN, PUBLIC_MEDIA_RELATIVE_LOCATION, ) else: PUBLIC_MEDIA_URL = BASE_URL + PUBLIC_MEDIA_RELATIVE_LOCATION PUBLIC_FILE_STORAGE = "wikiazma.storage_dev.PublicMediaStorage" PRIVATE_MEDIA_RELATIVE_LOCATION = "media/private/" PRIVATE_MEDIA_ABSOLUTE_LOCATION = os.path.join( BASE_DIR, PRIVATE_MEDIA_RELATIVE_LOCATION ) if STATIC_FILES_DOMAIN: PRIVATE_MEDIA_URL = "https://%s/%s/" % ( STATIC_FILES_DOMAIN, PRIVATE_MEDIA_RELATIVE_LOCATION, ) else: PRIVATE_MEDIA_URL = BASE_URL + PRIVATE_MEDIA_RELATIVE_LOCATION PRIVATE_FILE_STORAGE = "wikiazma.storage_dev.PrivateMediaStorage" PRODUCTION_LOGGING_TO_FILE = get_bool_env("PRODUCTION_LOGGING_TO_FILE") if PRODUCTION_LOGGING_TO_FILE: # make sure to create /var/log/django.log file and set its owner to www-data LOGGING = { "version": 1, "disable_existing_loggers": False, "handlers": { "file": { "level": "WARNING", "class": "logging.FileHandler", "filename": "/var/log/django.log", "formatter": "app", }, }, "loggers": { "": {"handlers": ["file"], "level": "WARNING", "propagate": True}, }, "formatters": { "app": { "format": ( "%(asctime)s [%(levelname)-8s] " "(%(module)s.%(funcName)s) %(message)s" ), "datefmt": "%Y-%m-%d %H:%M:%S", }, }, } STATICFILES_DIRS = [ os.path.join(BASE_DIR, "staticAssets"), ] JWT_ISSUER = os.getenv("JWT_ISSUER") JWT_AUDIENCE = os.getenv("JWT_AUDIENCE") # Email Settings EMAIL_BACKEND = os.getenv("EMAIL_BACKEND") EMAIL_HOST = os.getenv("EMAIL_HOST") EMAIL_USE_TLS = os.getenv("EMAIL_USE_TLS") EMAIL_PORT = os.getenv("EMAIL_PORT") EMAIL_HOST_USER = os.getenv("EMAIL_HOST_USER") EMAIL_HOST_PASSWORD = os.getenv("EMAIL_HOST_PASSWORD") SENDER_EMAIL_ADDRESS = os.getenv("SENDER_EMAIL_ADDRESS") # It is the Google client id for authenticating users which were login via Google GOOGLE_CLIENT_ID = os.getenv("GOOGLE_CLIENT_ID") # These are the Facebook parameters for authenticating users which were login via Facebook FACEBOOK_CLIENT_ID = os.getenv("FACEBOOK_CLIENT_ID") FACEBOOK_REDIRECT_URI = os.getenv("FACEBOOK_REDIRECT_URI") FACEBOOK_CLIENT_SECRET = os.getenv("FACEBOOK_CLIENT_SECRET") # Default primary key field type # https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" # SMS Configureations SMS_USERNAME = os.getenv("SMS_USERNAME") SMS_PASSWORD = os.getenv("SMS_PASSWORD") SMS_PHONE = os.getenv("SMS_PHONE") VERIFICATION_PATTERN_CODE = os.getenv("VERIFICATION_PATTERN_CODE") INVITATION_PATTERN_CODE = os.getenv("INVITATION_PATTERN_CODE") SCORE_PUBLISHED_NOTIFY_PATTERN_CODE = os.getenv("SCORE_PUBLISHED_NOTIFY_PATTERN_CODE") GOOGLE_RECAPTCHA_V3_SECRET = os.getenv("GOOGLE_RECAPTCHA_V3_SECRET") ZARINPAL_MERCHANT = os.getenv("ZARINPAL_MERCHANT") ZARINPAL_REQUEST_URL = os.getenv("ZARINPAL_REQUEST_URL") ZARINPAL_STARTPAY_URL = os.getenv("ZARINPAL_STARTPAY_URL") ZARINPAL_VERIFY_URL = os.getenv("ZARINPAL_VERIFY_URL") SUCCESS_PAYMENT_CALLBACK_URL = os.getenv("SUCCESS_PAYMENT_CALLBACK_URL") FAILED_PAYMENT_CALLBACK_URL = os.getenv("FAILED_PAYMENT_CALLBACK_URL") REPETITIOUS_PAYMENT_CALLBACK_URL = os.getenv("REPETITIOUS_PAYMENT_CALLBACK_URL") # # SPECTACULAR_SETTINGS = { # 'TITLE': 'Wikiazma API', # 'DESCRIPTION': 'Wikiazma public API specifications', # 'VERSION': '1.0.0', # } SILKY_AUTHENTICATION = os.getenv("SILKY_AUTHENTICATION") SILKY_AUTHORISATION = os.getenv("SILKY_AUTHORISATION") SILKY_INTERCEPT_PERCENT = int(os.getenv("SILKY_INTERCEPT_PERCENT")) CRONJOBS = [ # difference with zappa syntax # remove the ? # convert 1/3 to */3 ("0 2 * * *", "zappa_schedule.verification_attempt_cleanup_scheduler"), ("0 2 * * *", "zappa_schedule.wrong_password_attempt_cleanup_scheduler"), ("0 2 1 */3 *", "zappa_schedule.jwtoken_cleanup_scheduler"), ("0 2 1 */3 *", "zappa_schedule.invite_access_cleanup_scheduler"), ("0 2 1 */3 *", "zappa_schedule.transfer_ownership_cleanup_scheduler"), ]