""" Django settings for future_academie project. Generated by 'django-admin startproject' using Django 5.0.1. For more information on this file, see https://docs.djangoproject.com/en/5.0/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/5.0/ref/settings/ """ import environ import os from pathlib import Path from django.utils.timezone import timedelta # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent.parent env = environ.Env() environ.Env.read_env(os.path.join(BASE_DIR, ".env")) # GDAL needed for postgris if env("GDAL_LIBRARY_PATH", default=None) and env("GEOS_LIBRARY_PATH", default=None): GDAL_LIBRARY_PATH = env("GDAL_LIBRARY_PATH") GEOS_LIBRARY_PATH = env("GEOS_LIBRARY_PATH") # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = env("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = env("DEBUG") STATIC_URL = "static/" # Dossier par app STATIC_ROOT = os.path.join(BASE_DIR, "static") # Dossier général ALLOWED_HOSTS = env.list("ALLOWED_HOSTS") DOMAIN = env("DOMAIN") # Application definition INSTALLED_APPS = [ # Default apps "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", # Third-party installed apps "django.contrib.gis", "djoser", "axes", "admin_honeypot", "django_filters", "rest_framework", "rest_framework.authtoken", "rest_framework_simplejwt", "rest_framework_simplejwt.token_blacklist", "corsheaders", # Local apps "private_app", "public_app", ] REST_FRAMEWORK = { "DEFAULT_FILTER_BACKENDS": ["django_filters.rest_framework.DjangoFilterBackend"], "DEFAULT_AUTHENTICATION_CLASSES": [ "rest_framework_simplejwt.authentication.JWTAuthentication", ], "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_PAGINATION_CLASS": "private_app.pagination.MyPagination", } SIMPLE_JWT = { "ACCESS_TOKEN_LIFETIME": timedelta(hours=2), "REFRESH_TOKEN_LIFETIME": timedelta(days=1), "ROTATE_REFRESH_TOKENS": False, "BLACKLIST_AFTER_ROTATION": True, } DJOSER = { "USER_ID_FIELD": "email", "LOGIN_FIELD": "email", "SEND_ACTIVATION_EMAIL": True, 'DOMAIN': 'https://api.futureacademie.tech', "ACTIVATION_URL": "accounts/activate/{uid}/{token}", "SERIALIZERS": { "token_create": "djoser.serializers.TokenCreateSerializer", "token": "djoser.serializers.TokenSerializer", "current_user": "djoser.serializers.UserSerializer", "user_create": "public_app.views.userprofile.CustomUserRegistrationSerializer", }, } MIDDLEWARE = [ "corsheaders.middleware.CorsMiddleware", "django.middleware.security.SecurityMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", # AxesMiddleware should be the last middleware in the MIDDLEWARE list. "axes.middleware.AxesMiddleware", ] ROOT_URLCONF = "future_academie.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", ], }, }, ] WSGI_APPLICATION = "future_academie.wsgi.application" # Database # https://docs.djangoproject.com/en/5.0/ref/settings/#databases DATABASES = { "default": { "ENGINE": "django.contrib.gis.db.backends.postgis", "NAME": env.str("DB_NAME"), "USER": env.str("DB_USER"), "PASSWORD": env.str("DB_PASSWORD"), "HOST": env.str("DB_HOST"), "PORT": env.int("DB_PORT"), } } # Password validation # https://docs.djangoproject.com/en/5.0/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator", }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", }, ] AUTH_USER_MODEL = "private_app.User" # Internationalization # https://docs.djangoproject.com/en/5.0/topics/i18n/ LANGUAGE_CODE = "en-us" TIME_ZONE = "UTC" USE_I18N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/5.0/howto/static-files/ STATIC_URL = "static/" # Default primary key field type # https://docs.djangoproject.com/en/5.0/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" AUTHENTICATION_BACKENDS = [ # AxesStandaloneBackend should be the first backend in the AUTHENTICATION_BACKENDS list. "axes.backends.AxesStandaloneBackend", # Django ModelBackend is the default authentication backend. "django.contrib.auth.backends.ModelBackend", ] # SMTP CONFIGURATION EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend" EMAIL_HOST = env.str("EMAIL_HOST") EMAIL_PORT = env.int("EMAIL_PORT") EMAIL_USE_TLS = True EMAIL_HOST_USER = env.str("EMAIL_HOST_USER") EMAIL_HOST_PASSWORD = env.str("EMAIL_HOST_PASSWORD") # Get root IP needed for completing favorite share url ROOT_IP = env.str("ROOT_IP") CSRF_TRUSTED_ORIGINS = ['https://api.futureacademie.tech'] CSRF_COOKIE_DOMAIN = '.futureacademie.tech' # When front is in prod, replace the following line by putting the prod ip below CORS_ALLOW_ALL_ORIGINS = True CORS_ALLOWED_ORIGINS = ["http://127.0.0.1", "http://localhost", "https://futureacademie.tech", "https://api.futureacademie.tech"] # Customizing Axes handling of login failures # 15min cooloff time before attempts are reset AXES_COOLOFF_TIME = 0.25 # AXES_LOCKOUT_CALLABLE = "private_app.views.lockout"