""" Django settings for sikweb project. Generated by 'django-admin startproject' using Django 1.9. For more information on this file, see https://docs.djangoproject.com/en/1.9/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/1.9/ref/settings/ """ from dotenv import load_dotenv import sentry_sdk from sentry_sdk.integrations.django import DjangoIntegration from sikweb.base import * from datetime import timedelta import json load_dotenv() # loads the configs from .env DEPLOY_ENV = os.getenv("DEPLOY_ENV", "production") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = os.getenv("DEBUG", False) == "True" URL = os.getenv("HOST", "api.sahkoinsinoorikilta.fi") FRONTEND_URL = os.getenv("FRONTEND_URL", "sahkoinsinoorikilta.fi") ALLOWED_HOSTS = ["localhost", "127.0.0.1", FRONTEND_URL, URL] if DEBUG: ALLOWED_HOSTS = ["*"] USE_X_FORWARDED_HOST = True SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = os.getenv( "SECRET_KEY", "7p$85^4ibb^p4-=vs44b7!y0e-zemugze18@a#30&71=a8)dp(" ) # Sentry SENTRY_DSN = os.getenv("SENTRY_DSN", "") sentry_sdk.init( dsn=SENTRY_DSN, environment=DEPLOY_ENV, integrations=[DjangoIntegration()], # If you wish to associate users to errors (assuming you are using # django.contrib.auth) you may enable sending PII data. send_default_pii=True, ) # ReCaptcha # http://www.yaconiello.com/blog/integrating-google-recaptcha-to-django/ GOOGLE_RECAPTCHA_SITE_KEY = os.getenv("GOOGLE_RECAPTCHA_SITE_KEY", "YOUR-PUBLIC-KEY") GOOGLE_RECAPTCHA_SECRET_KEY = os.getenv( "GOOGLE_RECAPTCHA_SECRET_KEY", "YOUR-PRIVATE-KEY" ) # Email settings (Sendgrid) EMAIL_API_KEY = os.getenv("EMAIL_API_KEY", "") DEFAULT_EMAIL_FROM = "SIK" DEFAULT_EMAIL_FROM_ADDR = "noreply@sahkoinsinoorikilta.fi" ENABLE_AUTOMATIC_EMAILS = True ## Database connection DB_OPTIONS = {"sslmode": "require"} if os.getenv("DB_SSL", False) == "True" else {} DATABASES = { "default": { "ENGINE": "django.db.backends.postgresql_psycopg2", "NAME": os.getenv("DB_NAME", "postgres"), "USER": os.getenv("DB_USER", "postgres"), "PASSWORD": os.getenv("DB_PASSWD", "postgres"), "HOST": os.getenv("DB_HOST", "localhost"), "PORT": os.getenv("DB_PORT", 5432), "OPTIONS": DB_OPTIONS, } } # Google api settings GROUP_KEY = os.getenv("GROUP_KEY", "") GOOGLE_SERVICE_ACCOUNT = json.loads(os.getenv("GOOGLE_CREDS_JSON", "")) # JWT authentication SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": timedelta(minutes=5), "REFRESH_TOKEN_LIFETIME": timedelta(days=1), "ROTATE_REFRESH_TOKENS": False, "BLACKLIST_AFTER_ROTATION": False, "UPDATE_LAST_LOGIN": False, "ALGORITHM": "HS256", "SIGNING_KEY": SECRET_KEY, "VERIFYING_KEY": None, "AUDIENCE": None, "ISSUER": None, "JWK_URL": None, "LEEWAY": 0, "AUTH_HEADER_TYPES": ("Bearer",), "AUTH_HEADER_NAME": "HTTP_AUTHORIZATION", "USER_ID_FIELD": "id", "USER_ID_CLAIM": "user_id", "USER_AUTHENTICATION_RULE": "rest_framework_simplejwt.authentication.default_user_authentication_rule", "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",), "TOKEN_TYPE_CLAIM": "token_type", "TOKEN_USER_CLASS": "rest_framework_simplejwt.models.TokenUser", "JTI_CLAIM": "jti", "SLIDING_TOKEN_REFRESH_EXP_CLAIM": "refresh_exp", "SLIDING_TOKEN_LIFETIME": timedelta(minutes=5), "SLIDING_TOKEN_REFRESH_LIFETIME": timedelta(days=1), }