import os from datetime import timedelta from pathlib import Path from dotenv import find_dotenv, load_dotenv # Python dotenv # Build paths inside the project like this: BASE_DIR / 'subdir'. # Backend folder (/backend) BASE_DIR = Path(__file__).resolve().parent.parent # Root folder where docker-compose.yml is located ROOT_DIR = Path(__file__).resolve().parent.parent.parent # If you're hosting this with a secret provider, have this set to True USE_VAULT = bool(os.getenv("USE_VAULT", False) == "True") # Have this set to True to serve media and static contents directly via Django SERVE_MEDIA = bool(os.getenv("SERVE_MEDIA", False) == "True") load_dotenv(find_dotenv()) def get_secret(secret_name): if USE_VAULT: try: pass # Add specific implementations here if deploying to Azure, GCP, or AWS to get secrets from vault except: secret_value = "" else: # Fallback to .env or system environment variables for local development secret_value = os.getenv(secret_name) if secret_value is None: raise ValueError(f"Secret '{secret_name}' not found.") else: return secret_value # URL Prefixes URL_SCHEME = "https" if (get_secret("USE_HTTPS") == "True") else "http" # Backend BACKEND_ADDRESS = get_secret("BACKEND_ADDRESS") BACKEND_PORT = get_secret("BACKEND_PORT") # Frontend FRONTEND_ADDRESS = get_secret("FRONTEND_ADDRESS") FRONTEND_PORT = get_secret("FRONTEND_PORT") ALLOWED_HOSTS = ["*"] CSRF_TRUSTED_ORIGINS = [ # Frontend f"{URL_SCHEME}://{FRONTEND_ADDRESS}:{FRONTEND_PORT}", f"{URL_SCHEME}://{FRONTEND_ADDRESS}", # For external domains # Backend f"{URL_SCHEME}://{BACKEND_ADDRESS}:{BACKEND_PORT}", f"{URL_SCHEME}://{BACKEND_ADDRESS}", # For external domains # You can also set up https://*.name.xyz for wildcards here ] # SECURITY WARNING: don't run with debug turned on in production! DEBUG = get_secret("BACKEND_DEBUG") == "True" # Determines whether or not to insert test data within tables SEED_DATA = get_secret("SEED_DATA") == "True" # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = get_secret("SECRET_KEY") # Selenium Config # Initiate CAPTCHA solver in test mode CAPTCHA_TESTING = get_secret("CAPTCHA_TESTING") == "True" # If using Selenium and/or the provided CAPTCHA solver, determines whether or not to use proxies USE_PROXY = get_secret("USE_PROXY") == "True" # Stripe (For payments) STRIPE_SECRET_KEY = get_secret("STRIPE_SECRET_KEY") STRIPE_SECRET_WEBHOOK = get_secret("STRIPE_SECRET_WEBHOOK") STRIPE_CHECKOUT_URL = f"" # Email credentials EMAIL_HOST = get_secret("EMAIL_HOST") EMAIL_HOST_USER = get_secret("EMAIL_HOST_USER") EMAIL_HOST_PASSWORD = get_secret("EMAIL_HOST_PASSWORD") EMAIL_PORT = get_secret("EMAIL_PORT") EMAIL_USE_TLS = get_secret("EMAIL_USE_TLS") == "True" EMAIL_ADDRESS = get_secret("EMAIL_ADDRESS") == "True" # Application definition INSTALLED_APPS = [ "config", "unfold", "unfold.contrib.filters", "unfold.contrib.simple_history", "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "storages", "django_extensions", "rest_framework", "rest_framework_simplejwt", "django_celery_results", "django_celery_beat", "simple_history", "djoser", "corsheaders", "drf_spectacular", "drf_spectacular_sidecar", "webdriver", "accounts", "user_groups", "subscriptions", "payments", "billing", "emails", "notifications", "search_results", ] if DEBUG: INSTALLED_APPS += ["silk"] MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "silk.middleware.SilkyMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "corsheaders.middleware.CorsMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] DJANGO_LOG_LEVEL = "DEBUG" # Enables VS Code debugger to break on raised exceptions DEBUG_PROPAGATE_EXCEPTIONS = "DEBUG" LOGGING = { "version": 1, "disable_existing_loggers": False, "handlers": { "console": { "class": "logging.StreamHandler", }, }, "root": { "handlers": ["console"], "level": "DEBUG", }, } else: MIDDLEWARE = [ "django.middleware.security.SecurityMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "corsheaders.middleware.CorsMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/4.2/howto/static-files/ ROOT_URLCONF = "config.urls" if SERVE_MEDIA: # Cloud Storage Settings # This is assuming you use the same bucket for media and static containers CLOUD_BUCKET = get_secret("CLOUD_BUCKET") MEDIA_CONTAINER = get_secret("MEDIA_CONTAINER") STATIC_CONTAINER = get_secret("STATIC_CONTAINER") MEDIA_URL = f"https://{CLOUD_BUCKET}/{MEDIA_CONTAINER}/" MEDIA_ROOT = f"https://{CLOUD_BUCKET}/" STATIC_URL = f"https://{CLOUD_BUCKET}/{STATIC_CONTAINER}/" STATIC_ROOT = f"https://{CLOUD_BUCKET}/{STATIC_CONTAINER}/" # Consult django-storages documentation when filling in these values. This will vary depending on your cloud service provider STORAGES = { "default": { # TODO: Set this up here if you're using cloud storage "BACKEND": None, "OPTIONS": { # Optional parameters }, }, "staticfiles": { # TODO: Set this up here if you're using cloud storage "BACKEND": None, "OPTIONS": { # Optional parameters }, }, } else: STATIC_URL = "static/" STATIC_ROOT = os.path.join(BASE_DIR, "static") STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage" MEDIA_URL = "api/v1/media/" MEDIA_ROOT = os.path.join(BASE_DIR, "media") ROOT_URLCONF = "config.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [ BASE_DIR / "emails/templates/", ], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], }, }, ] REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": ( "rest_framework_simplejwt.authentication.JWTAuthentication", ), "DEFAULT_THROTTLE_CLASSES": [ "rest_framework.throttling.AnonRateThrottle", "rest_framework.throttling.UserRateThrottle", ], "DEFAULT_THROTTLE_RATES": {"anon": "360/min", "user": "1440/min"}, "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema", } # DRF-Spectacular SPECTACULAR_SETTINGS = { "TITLE": "DRF-Template", "DESCRIPTION": "A Template Project by Keannu Bernasol", "VERSION": "1.0.0", "SERVE_INCLUDE_SCHEMA": False, "SWAGGER_UI_DIST": "SIDECAR", "SWAGGER_UI_FAVICON_HREF": "SIDECAR", "REDOC_DIST": "SIDECAR", } WSGI_APPLICATION = "config.wsgi.application" # If you're using an external connection bouncer (eg. PgBouncer), server side cursors must be disabled to avoid any issues USE_BOUNCER = get_secret("USE_BOUNCER") if USE_BOUNCER: DISABLE_SERVER_SIDE_CURSORS = True DB_HOST = get_secret("DB_BOUNCER_HOST") DB_PORT = get_secret("DB_BOUNCER_PORT") else: DISABLE_SERVER_SIDE_CURSORS = False DB_HOST = get_secret("DB_HOST") DB_PORT = get_secret("DB_PORT") DATABASES = { "default": { "ENGINE": "django.db.backends.postgresql", "DISABLE_SERVER_SIDE_CURSORS": DISABLE_SERVER_SIDE_CURSORS, "NAME": get_secret("DB_DATABASE"), "USER": get_secret("DB_USERNAME"), "PASSWORD": get_secret("DB_PASSWORD"), "HOST": DB_HOST, "PORT": DB_PORT, "OPTIONS": {"sslmode": get_secret("DB_SSL_MODE")}, } } # Django Cache CACHES = { "default": { "BACKEND": "django_redis.cache.RedisCache", "LOCATION": f"redis://{get_secret('REDIS_HOST')}:{get_secret('REDIS_PORT')}/2", "OPTIONS": { "CLIENT_CLASS": "django_redis.client.DefaultClient", }, } } AUTH_USER_MODEL = "accounts.CustomUser" DJOSER = { "SEND_ACTIVATION_EMAIL": True, "SEND_CONFIRMATION_EMAIL": True, "PASSWORD_RESET_CONFIRM_URL": "reset_password_confirm/{uid}/{token}", "ACTIVATION_URL": "activation/{uid}/{token}", "USER_AUTHENTICATION_RULES": ["djoser.authentication.TokenAuthenticationRule"], "EMAIL": { "activation": "emails.templates.ActivationEmail", "password_reset": "emails.templates.PasswordResetEmail", }, "SERIALIZERS": { "user": "accounts.serializers.CustomUserSerializer", "current_user": "accounts.serializers.CustomUserSerializer", "user_create": "accounts.serializers.UserRegistrationSerializer", }, "PERMISSIONS": { # Disable some unneeded endpoints by setting them to admin only "username_reset": ["rest_framework.permissions.IsAdminUser"], "username_reset_confirm": ["rest_framework.permissions.IsAdminUser"], "set_username": ["rest_framework.permissions.IsAdminUser"], "set_password": ["rest_framework.permissions.IsAdminUser"], }, } # Password validation # https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", "OPTIONS": { "min_length": 8, }, }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", }, # Additional password validators { "NAME": "accounts.validators.SpecialCharacterValidator", }, { "NAME": "accounts.validators.LowercaseValidator", }, { "NAME": "accounts.validators.UppercaseValidator", }, { "NAME": "accounts.validators.NumberValidator", }, ] # Internationalization # https://docs.djangoproject.com/en/4.2/topics/i18n/ LANGUAGE_CODE = "en-us" TIME_ZONE = get_secret("TIMEZONE") USE_I18N = True USE_TZ = True # Default primary key field type # https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" SITE_NAME = "DRF-Template" # JWT Token Lifetimes SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": timedelta(hours=1), "REFRESH_TOKEN_LIFETIME": timedelta(days=3), } CORS_ALLOW_ALL_ORIGINS = True CORS_ALLOW_CREDENTIALS = True # Celery Configuration Options CELERY_TIMEZONE = TIME_ZONE CELERY_TASK_TRACK_STARTED = True CELERY_TASK_TIME_LIMIT = 30 * 60 CELERY_BROKER_URL = get_secret("CELERY_BROKER") CELERY_BROKER = get_secret("CELERY_BROKER") CELERY_BACKEND = get_secret("CELERY_BROKER") CELERY_RESULT_BACKEND = get_secret("CELERY_RESULT_BACKEND") CELERY_RESULT_EXTENDED = True # Celery Beat Options CELERY_BEAT_SCHEDULER = "django_celery_beat.schedulers:DatabaseScheduler" # Maximum number of rows that can be updated within the Django admin panel DATA_UPLOAD_MAX_NUMBER_FIELDS = 20480 GRAPH_MODELS = { "app_labels": [ "accounts", "user_groups", "billing", "emails", "payments", "subscriptions", "search_results", ] }