416 lines
15 KiB
Python
416 lines
15 KiB
Python
"""
|
||
Django settings for core project.
|
||
|
||
Generated by 'django-admin startproject' using Django 5.2.
|
||
|
||
For more information on this file, see
|
||
https://docs.djangoproject.com/en/5.2/topics/settings/
|
||
|
||
For the full list of settings and their values, see
|
||
https://docs.djangoproject.com/en/5.2/ref/settings/
|
||
"""
|
||
|
||
from pathlib import Path
|
||
import os
|
||
|
||
# Build paths inside the project like this: BASE_DIR / 'subdir'.
|
||
BASE_DIR = Path(__file__).resolve().parent.parent
|
||
|
||
# Quick-start development settings - unsuitable for production
|
||
# See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/
|
||
|
||
# SECURITY WARNING: keep the secret key used in production secret!
|
||
SECRET_KEY = os.getenv('SECRET_KEY', 'django-insecure-slih+3-7gn0b04-2wm4zq)rp*kz1jnt&bf9o3i3*8jhz*n9=2k')
|
||
|
||
# SECURITY WARNING: don't run with debug turned on in production!
|
||
# DEBUG = os.getenv('DEBUG', 'True') == 'True'
|
||
DEBUG = os.getenv('DEBUG', 'True').lower() == 'true'
|
||
# ALLOWED_HOSTS = os.getenv('ALLOWED_HOSTS', '127.0.0.1,localhost').split(',')
|
||
ALLOWED_HOSTS = os.getenv('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1,api.beyhano.net.tr,api.beyhano.com.tr').split(',')
|
||
|
||
CSRF_TRUSTED_ORIGINS = os.getenv('CSRF_TRUSTED_ORIGINS', 'https://beyhano.net.tr,https://api.beyhano.net.tr,https://api.beyhano.com.tr').split(',')
|
||
|
||
# Application definition
|
||
|
||
INSTALLED_APPS = [
|
||
'django.contrib.admin',
|
||
'django.contrib.auth',
|
||
'django.contrib.contenttypes',
|
||
'django.contrib.sessions',
|
||
'django.contrib.messages',
|
||
'django.contrib.staticfiles',
|
||
|
||
# 3. Parti
|
||
'django_extensions',
|
||
'rest_framework',
|
||
'rest_framework_simplejwt',
|
||
'djoser',
|
||
'corsheaders',
|
||
'social_django',
|
||
'imagekit',
|
||
'django_cleanup',
|
||
'colorfield',
|
||
'autoslug',
|
||
'tinymce',
|
||
|
||
'django.contrib.sites', # Added for Djoser domain resolution
|
||
|
||
# Local apps
|
||
'accounts',
|
||
'blog',
|
||
'backup.apps.BackupConfig',
|
||
'settings',
|
||
'utils',
|
||
'image.apps.ImageConfig',
|
||
]
|
||
|
||
MIDDLEWARE = [
|
||
'django.middleware.security.SecurityMiddleware',
|
||
'whitenoise.middleware.WhiteNoiseMiddleware',
|
||
'django.contrib.sessions.middleware.SessionMiddleware',
|
||
'corsheaders.middleware.CorsMiddleware',
|
||
'django.middleware.common.CommonMiddleware',
|
||
'django.middleware.csrf.CsrfViewMiddleware',
|
||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||
'django.contrib.messages.middleware.MessageMiddleware',
|
||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||
'accounts.middleware.SocialAuthExceptionMiddleware',
|
||
]
|
||
SITE_ID = 1
|
||
ROOT_URLCONF = 'core.urls'
|
||
|
||
TEMPLATES = [
|
||
{
|
||
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||
'DIRS': [BASE_DIR / 'templates']
|
||
,
|
||
'APP_DIRS': True,
|
||
'OPTIONS': {
|
||
'context_processors': [
|
||
'django.template.context_processors.request',
|
||
'django.contrib.auth.context_processors.auth',
|
||
'django.contrib.messages.context_processors.messages',
|
||
# Social auth context processors
|
||
'social_django.context_processors.backends',
|
||
'social_django.context_processors.login_redirect',
|
||
],
|
||
},
|
||
},
|
||
]
|
||
|
||
WSGI_APPLICATION = 'core.wsgi.application'
|
||
|
||
# Database
|
||
# https://docs.djangoproject.com/en/5.2/ref/settings/#databases
|
||
|
||
# Docker ortamında veya environment değişkeni varsa PostgreSQL kullan
|
||
USE_POSTGRES = os.getenv('USE_POSTGRES', 'True').lower() == 'true'
|
||
|
||
if USE_POSTGRES:
|
||
DATABASES = {
|
||
'default': {
|
||
'ENGINE': 'django.db.backends.postgresql',
|
||
'NAME': os.getenv('POSTGRES_DB', 'server_dj'),
|
||
'USER': os.getenv('POSTGRES_USER', 'cloud'),
|
||
'PASSWORD': os.getenv('POSTGRES_PASSWORD', 'gg7678290'),
|
||
'HOST': os.getenv('POSTGRES_HOST', '10.80.80.70'),
|
||
'PORT': os.getenv('POSTGRES_PORT', '5432'),
|
||
'OPTIONS': {
|
||
'options': '-c search_path=public'
|
||
},
|
||
}
|
||
}
|
||
else:
|
||
DATABASES = {
|
||
'default': {
|
||
'ENGINE': 'django.db.backends.sqlite3',
|
||
'NAME': BASE_DIR / 'db.sqlite3',
|
||
}
|
||
}
|
||
# redis://default:gg7678290@194.29.55.228:6379
|
||
# ==============================================================================
|
||
# REDIS CACHE CONFIGURATION
|
||
# ==============================================================================
|
||
CACHES = {
|
||
'default': {
|
||
'BACKEND': 'django_redis.cache.RedisCache',
|
||
# 'LOCATION': 'redis://default:1923btO**@ares-redis-xrot7z:6379',
|
||
'LOCATION': os.getenv('REDIS_URL', 'redis://default:gg7678290@10.80.80.70:6379'),
|
||
# 'LOCATION': os.getenv('REDIS_URL', 'redis://127.0.0.1:6379/1'),
|
||
'OPTIONS': {
|
||
'CLIENT_CLASS': 'django_redis.client.DefaultClient',
|
||
},
|
||
'KEY_PREFIX': 'dj52',
|
||
'TIMEOUT': 300, # 5 dakika default timeout
|
||
}
|
||
}
|
||
|
||
# Password validation
|
||
|
||
AUTH_PASSWORD_VALIDATORS = [
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
|
||
},
|
||
]
|
||
|
||
# Internationalization
|
||
# https://docs.djangoproject.com/en/5.2/topics/i18n/
|
||
|
||
LANGUAGE_CODE = 'en-us'
|
||
|
||
TIME_ZONE = 'UTC'
|
||
|
||
USE_I18N = True
|
||
|
||
USE_TZ = True
|
||
|
||
# Static files (CSS, JavaScript, Images)
|
||
# https://docs.djangoproject.com/en/5.2/howto/static-files/
|
||
|
||
STATIC_URL = 'static/'
|
||
STATIC_ROOT = BASE_DIR / 'staticfiles'
|
||
STATICFILES_DIRS = [
|
||
BASE_DIR / 'static',
|
||
]
|
||
# Media files (User uploaded files)
|
||
MEDIA_URL = 'media/'
|
||
MEDIA_ROOT = BASE_DIR / 'media'
|
||
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
|
||
|
||
# Default primary key field type
|
||
# https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field
|
||
|
||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
||
|
||
AUTH_USER_MODEL = 'accounts.CustomUser'
|
||
|
||
# ==============================================================================
|
||
# REST FRAMEWORK CONFIGURATION
|
||
# ==============================================================================
|
||
REST_FRAMEWORK = {
|
||
'DEFAULT_AUTHENTICATION_CLASSES': (
|
||
'rest_framework_simplejwt.authentication.JWTAuthentication',
|
||
'rest_framework.authentication.SessionAuthentication', # For social auth
|
||
),
|
||
'DEFAULT_PERMISSION_CLASSES': [
|
||
'rest_framework.permissions.IsAuthenticated',
|
||
],
|
||
# Throttling for security
|
||
'DEFAULT_THROTTLE_CLASSES': [
|
||
'rest_framework.throttling.AnonRateThrottle',
|
||
'rest_framework.throttling.UserRateThrottle',
|
||
],
|
||
'DEFAULT_THROTTLE_RATES': {
|
||
'anon': '100/hour', # Anonymous users
|
||
'user': '1000/hour', # Authenticated users
|
||
},
|
||
}
|
||
|
||
# ==============================================================================
|
||
# SIMPLE JWT CONFIGURATION
|
||
# ==============================================================================
|
||
from datetime import timedelta
|
||
|
||
SIMPLE_JWT = {
|
||
'ACCESS_TOKEN_LIFETIME': timedelta(days=30),
|
||
'REFRESH_TOKEN_LIFETIME': timedelta(days=120),
|
||
'ROTATE_REFRESH_TOKENS': True,
|
||
'BLACKLIST_AFTER_ROTATION': True,
|
||
'UPDATE_LAST_LOGIN': True,
|
||
|
||
'ALGORITHM': 'HS256',
|
||
'SIGNING_KEY': SECRET_KEY,
|
||
'VERIFYING_KEY': None,
|
||
'AUDIENCE': None,
|
||
'ISSUER': None,
|
||
|
||
'AUTH_HEADER_TYPES': ('Bearer',),
|
||
'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
|
||
'USER_ID_FIELD': 'id',
|
||
'USER_ID_CLAIM': 'user_id',
|
||
|
||
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
|
||
'TOKEN_TYPE_CLAIM': 'token_type',
|
||
|
||
'JTI_CLAIM': 'jti',
|
||
}
|
||
# ==============================================================================
|
||
# DJOSER CONFIGURATION
|
||
# ==============================================================================
|
||
DJOSER = {
|
||
# Domain for email links (YOUR FRONTEND URL)
|
||
# Djoser combines DOMAIN + ACTIVATION_URL to create the full link
|
||
'DOMAIN': os.getenv('DJOSER_DOMAIN', 'localhost:3000'), # IMPORTANT: Change this to your frontend's domain
|
||
'SITE_NAME': os.getenv('DJOSER_SITE_NAME', 'Django Auth API'),
|
||
|
||
# Registration & Activation
|
||
'SEND_ACTIVATION_EMAIL': True,
|
||
'ACTIVATION_URL': 'activate/{uid}/{token}', # Frontend route, e.g., http://localhost:3000/activate/MQ/token/
|
||
|
||
# Password Reset
|
||
'SEND_CONFIRMATION_EMAIL': True,
|
||
'PASSWORD_RESET_CONFIRM_URL': 'password-reset/{uid}/{token}', # Frontend route
|
||
'PASSWORD_RESET_SHOW_EMAIL_NOT_FOUND': False,
|
||
|
||
# Username Reset
|
||
'USERNAME_RESET_CONFIRM_URL': 'username-reset/{uid}/{token}', # Frontend route
|
||
|
||
# Email confirmations
|
||
'PASSWORD_CHANGED_EMAIL_CONFIRMATION': True,
|
||
'USERNAME_CHANGED_EMAIL_CONFIRMATION': True,
|
||
|
||
# User settings
|
||
'USER_CREATE_PASSWORD_RETYPE': True,
|
||
'SET_PASSWORD_RETYPE': True,
|
||
'PASSWORD_RESET_CONFIRM_RETYPE': True,
|
||
'LOGIN_FIELD': 'email',
|
||
|
||
# Serializers
|
||
'SERIALIZERS': {
|
||
'user_create': 'accounts.serializers.CustomUserCreateSerializer',
|
||
'user': 'accounts.serializers.CustomUserSerializer',
|
||
'current_user': 'accounts.serializers.CustomUserSerializer',
|
||
},
|
||
}
|
||
# ==============================================================================
|
||
# EMAIL CONFIGURATION
|
||
# ==============================================================================
|
||
# Development: Using MailPit (local email testing tool)
|
||
# MailPit default runs on localhost:1025 for SMTP and localhost:8025 for web UI
|
||
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
|
||
EMAIL_HOST = os.getenv('EMAIL_HOST', '10.80.80.70')
|
||
EMAIL_PORT = int(os.getenv('EMAIL_PORT', 1025))
|
||
EMAIL_USE_TLS = os.getenv('EMAIL_USE_TLS', 'False').lower() == 'true'
|
||
EMAIL_USE_SSL = os.getenv('EMAIL_USE_SSL', 'False').lower() == 'true'
|
||
EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '')
|
||
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '')
|
||
DEFAULT_FROM_EMAIL = os.getenv('DEFAULT_FROM_EMAIL', 'noreply@localhost')
|
||
|
||
CORS_ALLOWED_ORIGINS = os.getenv('CORS_ALLOWED_ORIGINS', 'http://localhost:3000,http://127.0.0.1:3000,http://localhost:5173,http://127.0.0.1:5173,http://localhost:8080,http://127.0.0.1:8080').split(',')
|
||
|
||
# For development only - be careful in production!
|
||
CORS_ORIGIN_ALLOW_ALL = True
|
||
|
||
CORS_ALLOW_CREDENTIALS = True
|
||
CORS_ALLOW_HEADERS = [
|
||
'accept',
|
||
'accept-encoding',
|
||
'authorization',
|
||
'content-type',
|
||
'dnt',
|
||
'origin',
|
||
'user-agent',
|
||
'x-csrftoken',
|
||
'x-requested-with',
|
||
]
|
||
|
||
# ==============================================================================
|
||
# SOCIAL AUTH CONFIGURATION (Python Social Auth)
|
||
# ==============================================================================
|
||
AUTHENTICATION_BACKENDS = (
|
||
# Social auth backends
|
||
'social_core.backends.google.GoogleOAuth2',
|
||
'social_core.backends.github.GithubOAuth2',
|
||
'social_core.backends.facebook.FacebookOAuth2',
|
||
# Add more providers as needed
|
||
|
||
# Django default
|
||
'django.contrib.auth.backends.ModelBackend',
|
||
)
|
||
|
||
# Social Auth Settings
|
||
SOCIAL_AUTH_JSONFIELD_ENABLED = True
|
||
SOCIAL_AUTH_URL_NAMESPACE = 'social'
|
||
|
||
# Pipeline - custom pipeline to set is_active=True for social users
|
||
SOCIAL_AUTH_PIPELINE = (
|
||
'social_core.pipeline.social_auth.social_details',
|
||
'social_core.pipeline.social_auth.social_uid',
|
||
'social_core.pipeline.social_auth.auth_allowed',
|
||
'social_core.pipeline.social_auth.social_user',
|
||
'social_core.pipeline.user.get_username',
|
||
'social_core.pipeline.user.create_user',
|
||
'social_core.pipeline.social_auth.associate_user',
|
||
'social_core.pipeline.social_auth.load_extra_data',
|
||
'social_core.pipeline.user.user_details',
|
||
'accounts.pipeline.activate_user', # Custom pipeline to set is_active=True
|
||
)
|
||
|
||
# User model
|
||
SOCIAL_AUTH_USER_MODEL = 'accounts.CustomUser'
|
||
SOCIAL_AUTH_USERNAME_IS_REQUIRED = False
|
||
SOCIAL_AUTH_USER_FIELDS = ['email', 'first_name', 'last_name']
|
||
|
||
# Strategy
|
||
SOCIAL_AUTH_STRATEGY = 'social_django.strategy.DjangoStrategy'
|
||
SOCIAL_AUTH_STORAGE = 'social_django.models.DjangoStorage'
|
||
|
||
# Google OAuth2 Configuration
|
||
# Get credentials from: https://console.developers.google.com/
|
||
SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = os.getenv('SOCIAL_AUTH_GOOGLE_OAUTH2_KEY', '915364976256-691m0s87as2r5vdbqr96f6humblseobt.apps.googleusercontent.com') # Your Google Client ID
|
||
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = os.getenv('SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET', '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') # Your Google Client Secret
|
||
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
|
||
'https://www.googleapis.com/auth/userinfo.email',
|
||
'https://www.googleapis.com/auth/userinfo.profile',
|
||
]
|
||
SOCIAL_AUTH_GOOGLE_OAUTH2_EXTRA_DATA = ['first_name', 'last_name']
|
||
|
||
# GitHub OAuth2 Configuration
|
||
# Get credentials from: https://github.com/settings/developers
|
||
SOCIAL_AUTH_GITHUB_KEY = os.getenv('SOCIAL_AUTH_GITHUB_KEY', 'Ov23liUt9B61O46Mdfm4') # Your GitHub Client ID
|
||
SOCIAL_AUTH_GITHUB_SECRET = os.getenv('SOCIAL_AUTH_GITHUB_SECRET', 'c7fc8dcb1b2c8f22120608425d07d5efd995baaf') # Your GitHub Client Secret
|
||
SOCIAL_AUTH_GITHUB_SCOPE = ['user:email']
|
||
|
||
# Facebook OAuth2 Configuration
|
||
# Get credentials from: https://developers.facebook.com/
|
||
SOCIAL_AUTH_FACEBOOK_KEY = os.getenv('SOCIAL_AUTH_FACEBOOK_KEY', '') # Your Facebook App ID
|
||
SOCIAL_AUTH_FACEBOOK_SECRET = os.getenv('SOCIAL_AUTH_FACEBOOK_SECRET', '') # Your Facebook App Secret
|
||
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']
|
||
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {
|
||
'fields': 'id, name, email, first_name, last_name'
|
||
}
|
||
|
||
# Redirect URLs (customize for your frontend)
|
||
LOGIN_URL = '/api/v1/spa/'
|
||
LOGIN_REDIRECT_URL = '/api/v1/auth/social/callback/'
|
||
SOCIAL_AUTH_LOGIN_REDIRECT_URL = '/api/v1/auth/social/callback/'
|
||
SOCIAL_AUTH_NEW_USER_REDIRECT_URL = '/api/v1/auth/social/callback/'
|
||
SOCIAL_AUTH_INACTIVE_USER_URL = '/api/v1/auth/social/error/'
|
||
SOCIAL_AUTH_LOGIN_ERROR_URL = '/api/v1/auth/social/error/'
|
||
|
||
TASKS = {"default": {"BACKEND": "django.tasks.backends.immediate.ImmediateBackend"}}
|
||
# ==============================================================================
|
||
# SECURITY SETTINGS FOR SPA/JWT
|
||
# ==============================================================================
|
||
# Since we're using JWT tokens (not session cookies), we can relax CSRF for API endpoints
|
||
# But keep it enabled for Django admin
|
||
"""
|
||
CSRF_COOKIE_HTTPONLY = False
|
||
CSRF_COOKIE_SECURE = False # Set to True in production with HTTPS
|
||
SESSION_COOKIE_SECURE = False # Set to True in production with HTTPS
|
||
CSRF_TRUSTED_ORIGINS = [
|
||
"http://localhost:3000",
|
||
"http://localhost:5173",
|
||
]
|
||
"""
|
||
|
||
# TinyMCE Configuration
|
||
TINYMCE_DEFAULT_CONFIG = {
|
||
"height": "320px",
|
||
"width": "960px",
|
||
"menubar": "file edit view insert format tools table help",
|
||
"plugins": "advlist autolink lists link image charmap print preview anchor searchreplace visualblocks code fullscreen insertdatetime media table paste code help wordcount spellchecker",
|
||
"toolbar": "undo redo | bold italic underline strikethrough | fontselect fontsizeselect formatselect | alignleft aligncenter alignright alignjustify | outdent indent | numlist bullist checkbox | forecolor backcolor casechange permanentpen formatpainter removeformat | pagebreak | charmap emoticons | fullscreen preview save print | insertfile image media pageembed template link anchor codesample | a11ycheck ltr rtl | showcomments addcomment",
|
||
"custom_undo_redo_levels": 10,
|
||
"language": "tr", # To force a specific language instead of the Django current language.
|
||
}
|