""" Django settings for core project. Generated by 'django-admin startproject' using Django 5.2. For more information on this file, see https://docs.djangoproject.com/en/5.2/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/5.2/ref/settings/ """ from pathlib import Path import os # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = os.getenv('SECRET_KEY', 'django-insecure-slih+3-7gn0b04-2wm4zq)rp*kz1jnt&bf9o3i3*8jhz*n9=2k') # SECURITY WARNING: don't run with debug turned on in production! # DEBUG = os.getenv('DEBUG', 'True') == 'True' DEBUG = os.getenv('DEBUG', 'True').lower() == 'true' # ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', '127.0.0.1,localhost').split(',') ALLOWED_HOSTS = os.getenv('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1,api.beyhano.net.tr,api.beyhano.com.tr').split(',') CSRF_TRUSTED_ORIGINS = os.getenv('CSRF_TRUSTED_ORIGINS', 'https://beyhano.net.tr,https://api.beyhano.net.tr,https://api.beyhano.com.tr').split(',') # Application definition INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', # 3. Parti 'django_extensions', 'rest_framework', 'rest_framework_simplejwt', 'djoser', 'corsheaders', 'social_django', 'imagekit', 'django_cleanup', 'colorfield', 'autoslug', 'tinymce', 'django.contrib.sites', # Added for Djoser domain resolution # Local apps 'accounts', 'blog', 'backup.apps.BackupConfig', 'settings', 'utils', 'image.apps.ImageConfig', ] MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'whitenoise.middleware.WhiteNoiseMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'corsheaders.middleware.CorsMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'accounts.middleware.SocialAuthExceptionMiddleware', ] SITE_ID = 1 ROOT_URLCONF = 'core.urls' TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [BASE_DIR / 'templates'] , 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', # Social auth context processors 'social_django.context_processors.backends', 'social_django.context_processors.login_redirect', ], }, }, ] WSGI_APPLICATION = 'core.wsgi.application' # Database # https://docs.djangoproject.com/en/5.2/ref/settings/#databases # Docker ortamında veya environment değişkeni varsa PostgreSQL kullan USE_POSTGRES = os.getenv('USE_POSTGRES', 'True').lower() == 'true' if USE_POSTGRES: DATABASES = { 'default': { 'ENGINE': 'django.db.backends.postgresql', 'NAME': os.getenv('POSTGRES_DB', 'server_dj'), 'USER': os.getenv('POSTGRES_USER', 'cloud'), 'PASSWORD': os.getenv('POSTGRES_PASSWORD', 'gg7678290'), 'HOST': os.getenv('POSTGRES_HOST', '10.80.80.70'), 'PORT': os.getenv('POSTGRES_PORT', '5432'), 'OPTIONS': { 'options': '-c search_path=public' }, } } else: DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': BASE_DIR / 'db.sqlite3', } } # redis://default:gg7678290@194.29.55.228:6379 # ============================================================================== # REDIS CACHE CONFIGURATION # ============================================================================== CACHES = { 'default': { 'BACKEND': 'django_redis.cache.RedisCache', # 'LOCATION': 'redis://default:1923btO**@ares-redis-xrot7z:6379', 'LOCATION': os.getenv('REDIS_URL', 'redis://default:gg7678290@10.80.80.70:6379'), # 'LOCATION': os.getenv('REDIS_URL', 'redis://127.0.0.1:6379/1'), 'OPTIONS': { 'CLIENT_CLASS': 'django_redis.client.DefaultClient', }, 'KEY_PREFIX': 'dj52', 'TIMEOUT': 300, # 5 dakika default timeout } } # Password validation AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', }, { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', }, ] # Internationalization # https://docs.djangoproject.com/en/5.2/topics/i18n/ LANGUAGE_CODE = 'en-us' TIME_ZONE = 'UTC' USE_I18N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/5.2/howto/static-files/ STATIC_URL = 'static/' STATIC_ROOT = BASE_DIR / 'staticfiles' STATICFILES_DIRS = [ BASE_DIR / 'static', ] # Media files (User uploaded files) MEDIA_URL = 'media/' MEDIA_ROOT = BASE_DIR / 'media' STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage' # Default primary key field type # https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' AUTH_USER_MODEL = 'accounts.CustomUser' # ============================================================================== # REST FRAMEWORK CONFIGURATION # ============================================================================== REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': ( 'rest_framework_simplejwt.authentication.JWTAuthentication', 'rest_framework.authentication.SessionAuthentication', # For social auth ), 'DEFAULT_PERMISSION_CLASSES': [ 'rest_framework.permissions.IsAuthenticated', ], # Throttling for security 'DEFAULT_THROTTLE_CLASSES': [ 'rest_framework.throttling.AnonRateThrottle', 'rest_framework.throttling.UserRateThrottle', ], 'DEFAULT_THROTTLE_RATES': { 'anon': '100/hour', # Anonymous users 'user': '1000/hour', # Authenticated users }, } # ============================================================================== # SIMPLE JWT CONFIGURATION # ============================================================================== from datetime import timedelta SIMPLE_JWT = { 'ACCESS_TOKEN_LIFETIME': timedelta(days=30), 'REFRESH_TOKEN_LIFETIME': timedelta(days=120), 'ROTATE_REFRESH_TOKENS': True, 'BLACKLIST_AFTER_ROTATION': True, 'UPDATE_LAST_LOGIN': True, 'ALGORITHM': 'HS256', 'SIGNING_KEY': SECRET_KEY, 'VERIFYING_KEY': None, 'AUDIENCE': None, 'ISSUER': None, 'AUTH_HEADER_TYPES': ('Bearer',), 'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION', 'USER_ID_FIELD': 'id', 'USER_ID_CLAIM': 'user_id', 'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',), 'TOKEN_TYPE_CLAIM': 'token_type', 'JTI_CLAIM': 'jti', } # ============================================================================== # DJOSER CONFIGURATION # ============================================================================== DJOSER = { # Domain for email links (YOUR FRONTEND URL) # Djoser combines DOMAIN + ACTIVATION_URL to create the full link 'DOMAIN': os.getenv('DJOSER_DOMAIN', 'localhost:3000'), # IMPORTANT: Change this to your frontend's domain 'SITE_NAME': os.getenv('DJOSER_SITE_NAME', 'Django Auth API'), # Registration & Activation 'SEND_ACTIVATION_EMAIL': True, 'ACTIVATION_URL': 'activate/{uid}/{token}', # Frontend route, e.g., http://localhost:3000/activate/MQ/token/ # Password Reset 'SEND_CONFIRMATION_EMAIL': True, 'PASSWORD_RESET_CONFIRM_URL': 'password-reset/{uid}/{token}', # Frontend route 'PASSWORD_RESET_SHOW_EMAIL_NOT_FOUND': False, # Username Reset 'USERNAME_RESET_CONFIRM_URL': 'username-reset/{uid}/{token}', # Frontend route # Email confirmations 'PASSWORD_CHANGED_EMAIL_CONFIRMATION': True, 'USERNAME_CHANGED_EMAIL_CONFIRMATION': True, # User settings 'USER_CREATE_PASSWORD_RETYPE': True, 'SET_PASSWORD_RETYPE': True, 'PASSWORD_RESET_CONFIRM_RETYPE': True, 'LOGIN_FIELD': 'email', # Serializers 'SERIALIZERS': { 'user_create': 'accounts.serializers.CustomUserCreateSerializer', 'user': 'accounts.serializers.CustomUserSerializer', 'current_user': 'accounts.serializers.CustomUserSerializer', }, } # ============================================================================== # EMAIL CONFIGURATION # ============================================================================== # Development: Using MailPit (local email testing tool) # MailPit default runs on localhost:1025 for SMTP and localhost:8025 for web UI EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' EMAIL_HOST = os.getenv('EMAIL_HOST', '10.80.80.70') EMAIL_PORT = int(os.getenv('EMAIL_PORT', 1025)) EMAIL_USE_TLS = os.getenv('EMAIL_USE_TLS', 'False').lower() == 'true' EMAIL_USE_SSL = os.getenv('EMAIL_USE_SSL', 'False').lower() == 'true' EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '') EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '') DEFAULT_FROM_EMAIL = os.getenv('DEFAULT_FROM_EMAIL', 'noreply@localhost') CORS_ALLOWED_ORIGINS = os.getenv('CORS_ALLOWED_ORIGINS', 'http://localhost:3000,http://127.0.0.1:3000,http://localhost:5173,http://127.0.0.1:5173,http://localhost:8080,http://127.0.0.1:8080').split(',') # For development only - be careful in production! CORS_ORIGIN_ALLOW_ALL = True CORS_ALLOW_CREDENTIALS = True CORS_ALLOW_HEADERS = [ 'accept', 'accept-encoding', 'authorization', 'content-type', 'dnt', 'origin', 'user-agent', 'x-csrftoken', 'x-requested-with', ] # ============================================================================== # SOCIAL AUTH CONFIGURATION (Python Social Auth) # ============================================================================== AUTHENTICATION_BACKENDS = ( # Social auth backends 'social_core.backends.google.GoogleOAuth2', 'social_core.backends.github.GithubOAuth2', 'social_core.backends.facebook.FacebookOAuth2', # Add more providers as needed # Django default 'django.contrib.auth.backends.ModelBackend', ) # Social Auth Settings SOCIAL_AUTH_JSONFIELD_ENABLED = True SOCIAL_AUTH_URL_NAMESPACE = 'social' # Pipeline - custom pipeline to set is_active=True for social users SOCIAL_AUTH_PIPELINE = ( 'social_core.pipeline.social_auth.social_details', 'social_core.pipeline.social_auth.social_uid', 'social_core.pipeline.social_auth.auth_allowed', 'social_core.pipeline.social_auth.social_user', 'social_core.pipeline.user.get_username', 'social_core.pipeline.user.create_user', 'social_core.pipeline.social_auth.associate_user', 'social_core.pipeline.social_auth.load_extra_data', 'social_core.pipeline.user.user_details', 'accounts.pipeline.activate_user', # Custom pipeline to set is_active=True ) # User model SOCIAL_AUTH_USER_MODEL = 'accounts.CustomUser' SOCIAL_AUTH_USERNAME_IS_REQUIRED = False SOCIAL_AUTH_USER_FIELDS = ['email', 'first_name', 'last_name'] # Strategy SOCIAL_AUTH_STRATEGY = 'social_django.strategy.DjangoStrategy' SOCIAL_AUTH_STORAGE = 'social_django.models.DjangoStorage' # Google OAuth2 Configuration # Get credentials from: https://console.developers.google.com/ SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = os.getenv('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY', '915364976256-691m0s87as2r5vdbqr96f6humblseobt.apps.googleusercontent.com') # Your Google Client ID SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = os.getenv('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET', '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') # Your Google Client Secret SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [ 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', ] SOCIAL_AUTH_GOOGLE_OAUTH2_EXTRA_DATA = ['first_name', 'last_name'] # GitHub OAuth2 Configuration # Get credentials from: https://github.com/settings/developers SOCIAL_AUTH_GITHUB_KEY = os.getenv('SOCIAL_AUTH_GITHUB_KEY', 'Ov23liUt9B61O46Mdfm4') # Your GitHub Client ID SOCIAL_AUTH_GITHUB_SECRET = os.getenv('SOCIAL_AUTH_GITHUB_SECRET', 'c7fc8dcb1b2c8f22120608425d07d5efd995baaf') # Your GitHub Client Secret SOCIAL_AUTH_GITHUB_SCOPE = ['user:email'] # Facebook OAuth2 Configuration # Get credentials from: https://developers.facebook.com/ SOCIAL_AUTH_FACEBOOK_KEY = os.getenv('SOCIAL_AUTH_FACEBOOK_KEY', '') # Your Facebook App ID SOCIAL_AUTH_FACEBOOK_SECRET = os.getenv('SOCIAL_AUTH_FACEBOOK_SECRET', '') # Your Facebook App Secret SOCIAL_AUTH_FACEBOOK_SCOPE = ['email'] SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = { 'fields': 'id, name, email, first_name, last_name' } # Redirect URLs (customize for your frontend) LOGIN_URL = '/api/v1/spa/' LOGIN_REDIRECT_URL = '/api/v1/auth/social/callback/' SOCIAL_AUTH_LOGIN_REDIRECT_URL = '/api/v1/auth/social/callback/' SOCIAL_AUTH_NEW_USER_REDIRECT_URL = '/api/v1/auth/social/callback/' SOCIAL_AUTH_INACTIVE_USER_URL = '/api/v1/auth/social/error/' SOCIAL_AUTH_LOGIN_ERROR_URL = '/api/v1/auth/social/error/' TASKS = {"default": {"BACKEND": "django.tasks.backends.immediate.ImmediateBackend"}} # ============================================================================== # SECURITY SETTINGS FOR SPA/JWT # ============================================================================== # Since we're using JWT tokens (not session cookies), we can relax CSRF for API endpoints # But keep it enabled for Django admin """ CSRF_COOKIE_HTTPONLY = False CSRF_COOKIE_SECURE = False # Set to True in production with HTTPS SESSION_COOKIE_SECURE = False # Set to True in production with HTTPS CSRF_TRUSTED_ORIGINS = [ "http://localhost:3000", "http://localhost:5173", ] """ # TinyMCE Configuration TINYMCE_DEFAULT_CONFIG = { "height": "320px", "width": "960px", "menubar": "file edit view insert format tools table help", "plugins": "advlist autolink lists link image charmap print preview anchor searchreplace visualblocks code fullscreen insertdatetime media table paste code help wordcount spellchecker", "toolbar": "undo redo | bold italic underline strikethrough | fontselect fontsizeselect formatselect | alignleft aligncenter alignright alignjustify | outdent indent | numlist bullist checkbox | forecolor backcolor casechange permanentpen formatpainter removeformat | pagebreak | charmap emoticons | fullscreen preview save print | insertfile image media pageembed template link anchor codesample | a11ycheck ltr rtl | showcomments addcomment", "custom_undo_redo_levels": 10, "language": "tr", # To force a specific language instead of the Django current language. }