From fa13b3a0ed15bc67a70b6a69130d935544329ee6 Mon Sep 17 00:00:00 2001
From: Dorian Lesbre <dorian.lesbre@gmail.com>
Date: Mon, 22 Mar 2021 14:20:34 +0100
Subject: [PATCH] Secret settings + Fix #3
---
.gitignore | 3 ++
Makefile | 6 +++-
README.md | 6 +++-
interludes/secret_example.py | 14 ++++++++
interludes/settings.py | 68 ++++++++++++++++++++++++------------
5 files changed, 72 insertions(+), 25 deletions(-)
create mode 100644 interludes/secret_example.py
diff --git a/.gitignore b/.gitignore
index 72a2c49..716b93f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,6 @@
+# secret file
+interludes/secret.py
+
myvenv
/static
.DS_Store
diff --git a/Makefile b/Makefile
index 3d479c4..6cb4a4a 100644
--- a/Makefile
+++ b/Makefile
@@ -12,6 +12,10 @@ install: ## Install requirements
$(PYTHON) -m pip install --upgrade pip
pip install -r requirements.txt
+.PHONY: secret
+secret: ## Link the secret_example.py to secret.py (only in dev mode)
+ ln -s interludes/secret_example.py interludes/secret.py
+
.PHONY: migrate
migrate: ## Make and run migrations
$(PYTHON) $(MANAGER) makemigrations
@@ -26,7 +30,7 @@ host: ## Host localy to access from same netword (make sure to add IP to ALLOWED
$(PYTHON) $(MANAGER) runserver 0.0.0.0:8000
.PHONY: start
-start: install migrate serve ## Install requirements, apply migrations, then start development server
+start: install secret migrate serve ## Install requirements, apply migrations, then start development server
.PHONY: clean
clean: ## Remove migrations and delete database
diff --git a/README.md b/README.md
index 35d978d..806fd06 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,11 @@ Pour tester modifier le repo, après l'avoir cloné :
pip3 install -r requirements.txt
-5. Faire les les migrations
+5. Copier/linker le fichier `interludes/secret_example.py` dans `interludes/secret.py`
+
+ ln -s interludes/secret_example.py interludes/secret.py
+
+6. Faire les les migrations
make migrate
diff --git a/interludes/secret_example.py b/interludes/secret_example.py
new file mode 100644
index 0000000..2590ff3
--- /dev/null
+++ b/interludes/secret_example.py
@@ -0,0 +1,14 @@
+# Secrets that must be changed in production
+
+SECRET_KEY = "i*4$=*fa(644(*!9m2)0-*&sows2uz$b^brb(=)elfn3+y6#1n"
+
+ADMINS = [("superuser", "superuser@admin.fr"),]
+
+DB_NAME = "db.sqlite3"
+
+SERVER_EMAIL = "root@localhost"
+DEFAULT_FROM_EMAIL = "webmaster@localhost"
+EMAIL_HOST = "localhost"
+EMAIL_PORT = 587
+EMAIL_HOST_USER = None
+EMAIL_HOST_PASSWORD = None
diff --git a/interludes/settings.py b/interludes/settings.py
index bc4426f..f0fcce2 100644
--- a/interludes/settings.py
+++ b/interludes/settings.py
@@ -19,16 +19,50 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'tx$xi%n!8cghirp377zb)gd24g#=&w*ik(bx2h(i8ji0_&9_5l'
-
-# SECURITY WARNING: don't run with debug turned on in production!
+try:
+ from . import secret
+except ImportError:
+ raise ImportError(
+ "The interludes/secret.py file is missing.\n"
+ "Run 'make secret' to generate a secret."
+ )
+
+def import_secret(name):
+ """
+ Shorthand for importing a value from the secret module and raising an
+ informative exception if a secret is missing.
+ """
+ try:
+ return getattr(secret, name)
+ except AttributeError:
+ raise RuntimeError("Secret missing: {}".format(name))
+
+SECRET_KEY = import_secret("SECRET_KEY")
+
+DB_NAME = import_secret("DB_NAME")
+
+ADMINS = import_secret("ADMINS")
+
+SERVER_EMAIL = import_secret("SERVER_EMAIL")
+DEFAULT_FROM_EMAIL = import_secret("DEFAULT_FROM_EMAIL")
+EMAIL_HOST = import_secret("EMAIL_HOST")
+EMAIL_PORT = import_secret("EMAIL_PORT")
+EMAIL_HOST_USER = import_secret("EMAIL_HOST_USER")
+EMAIL_HOST_PASSWORD = import_secret("EMAIL_HOST_PASSWORD")
+
+EMAIL_USE_SSL = True
+
+# FIXME - set to False in production
DEBUG = True
-ADMINS = [("respos", "respointerludes21@ens.psl.eu"),]
-
+# FIXME - set hosts in production
ALLOWED_HOSTS = []
+if DEBUG:
+ # This will display emails in Console.
+ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
+else:
+ EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
# Application definition
@@ -85,7 +119,7 @@ WSGI_APPLICATION = 'interludes.wsgi.application'
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
- 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
+ 'NAME': os.path.join(BASE_DIR, DB_NAME),
}
}
@@ -100,18 +134,10 @@ AUTH_USER_MODEL = 'accounts.EmailUser'
AUTH_PROFILE_MODULE = 'home.InterludesParticipant'
AUTH_PASSWORD_VALIDATORS = [
- {
- 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
- },
- {
- 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
- },
+ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', },
+ { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', },
+ { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', },
+ { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', },
]
# Session time in seconds
@@ -140,9 +166,5 @@ STATIC_ROOT = os.path.join(BASE_DIR, 'static')
LOGIN_URL = "accounts:login"
LOGIN_REDIRECT_URL = "accounts:profile"
-# This will display emails in Console.
-# FIXME: remove in production
-EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
-
# Prefix to mails to admins
EMAIL_SUBJECT_PREFIX = '[DJANGO WEBLUDES] '
--
GitLab