forked from expo/troggle
149 lines
6.1 KiB
Python
149 lines
6.1 KiB
Python
"""
|
|
Django settings for troggle project.
|
|
|
|
For more information on this file, see
|
|
https://docs.djangoproject.com/en/dev/topics/settings/
|
|
|
|
For the full list of settings and their values, see
|
|
https://docs.djangoproject.com/en/dev/ref/settings/
|
|
"""
|
|
#Imports should be grouped in the following order:
|
|
|
|
#1.Standard library imports.
|
|
#2.Related third party imports.
|
|
#3.Local application/library specific imports.
|
|
#4.You should put a blank line between each group of imports.
|
|
|
|
import os
|
|
import urllib.parse
|
|
|
|
import django
|
|
|
|
print("* importing troggle/settings.py")
|
|
|
|
# default value, then gets overwritten by real secrets
|
|
SECRET_KEY = "not-the-real-secret-key-a#vaeozn0---^fj!355qki*vj2"
|
|
|
|
GIT = 'git' # command for running git
|
|
|
|
# Note that this builds upon the django system installed
|
|
# global settings in
|
|
# django/conf/global_settings.py which is automatically loaded first.
|
|
# read https://docs.djangoproject.com/en/3.0/topics/settings/
|
|
|
|
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
|
#BASE_DIR = os.path.dirname(os.path.dirname(__file__))
|
|
|
|
# Django settings for troggle project.
|
|
|
|
ALLOWED_HOSTS = ['*', 'expo.survex.com', '.survex.com', 'localhost', '127.0.0.1', '192.168.0.5' ]
|
|
|
|
ADMINS = (
|
|
# ('Your Name', 'your_email@domain.com'),
|
|
)
|
|
MANAGERS = ADMINS
|
|
|
|
#LOGIN_URL = '/accounts/login/' # this is the default value so does not need to be set
|
|
|
|
# Local time zone for this installation. Choices can be found here:
|
|
# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
|
|
# although not all choices may be available on all operating systems.
|
|
# If running in a Windows environment this must be set to the same as your
|
|
# system time zone.
|
|
USE_TZ = True
|
|
TIME_ZONE = 'Europe/London'
|
|
|
|
# Language code for this installation. All choices can be found here:
|
|
# http://www.i18nguy.com/unicode/language-identifiers.html
|
|
LANGUAGE_CODE = 'en-uk'
|
|
|
|
SITE_ID = 1
|
|
|
|
# If you set this to False, Django will make some optimizations so as not
|
|
# to load the internationalization machinery.
|
|
USE_I18N = True
|
|
USE_L10N = True
|
|
|
|
FIX_PERMISSIONS = []
|
|
|
|
# top-level survex file basename (without .svx)
|
|
SURVEX_TOPNAME = "1623-and-1626-no-schoenberg-hs"
|
|
|
|
|
|
# Caves for which survex files exist, but are not otherwise registered
|
|
# replaced (?) by expoweb/cave_data/pendingcaves.txt
|
|
# PENDING = ["1626-361", "2007-06", "2009-02",
|
|
# "2012-ns-01", "2012-ns-02", "2010-04", "2012-ns-05", "2012-ns-06",
|
|
# "2012-ns-07", "2012-ns-08", "2012-ns-12", "2012-ns-14", "2012-ns-15", "2014-bl888",
|
|
# "2018-pf-01", "2018-pf-02"]
|
|
|
|
APPEND_SLASH = False # never relevant because we have urls that match unknown files and produce an 'edit this page' response
|
|
SMART_APPEND_SLASH = True #not eorking as middleware different after Dj2.0
|
|
|
|
|
|
LOGIN_REDIRECT_URL = '/' # does not seem to have any effect
|
|
|
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
|
SECURE_BROWSER_XSS_FILTER = True
|
|
# SESSION_COOKIE_SECURE = True # if enabled, cannot login to Django control panel, bug elsewhere?
|
|
# CSRF_COOKIE_SECURE = True # if enabled only sends cookies over SSL
|
|
X_FRAME_OPTIONS = 'DENY' # changed to "DENY" after I eliminated all the iframes e.g. /xmlvalid.html
|
|
|
|
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' # from Django 3.2
|
|
|
|
INSTALLED_APPS = (
|
|
'django.contrib.admin',
|
|
'django.contrib.auth', # includes the url redirections for login, logout
|
|
'django.contrib.contenttypes',
|
|
'django.contrib.sessions',
|
|
'django.contrib.messages',
|
|
'django.contrib.admindocs',
|
|
'django.forms', #Required to customise widget templates
|
|
# 'django.contrib.staticfiles', # We put our CSS etc explicitly in the right place so do not need this
|
|
'troggle.core',
|
|
)
|
|
|
|
FORM_RENDERER = 'django.forms.renderers.TemplatesSetting' #Required to customise widget templates
|
|
|
|
# See the recommended order of these in https://docs.djangoproject.com/en/2.2/ref/middleware/
|
|
# Note that this is a radically different onion architecture from earlier versions though it looks the same,
|
|
# see https://docs.djangoproject.com/en/2.0/topics/http/middleware/#upgrading-pre-django-1-10-style-middleware
|
|
# Seriously, read this: https://www.webforefront.com/django/middlewaredjango.html which is MUCH BETTER than the docs
|
|
MIDDLEWARE = [
|
|
#'django.middleware.security.SecurityMiddleware', # SECURE_SSL_REDIRECT and SECURE_SSL_HOST # we don't use this
|
|
'django.middleware.gzip.GZipMiddleware', # not needed when expofiles and photos served by apache
|
|
'django.contrib.sessions.middleware.SessionMiddleware', # Manages sessions, if CSRF_USE_SESSIONS then it needs to be early
|
|
'django.middleware.common.CommonMiddleware', # DISALLOWED_USER_AGENTS, APPEND_SLASH and PREPEND_WWW
|
|
'django.middleware.csrf.CsrfViewMiddleware', # Cross Site Request Forgeries by adding hidden form fields to POST
|
|
'django.contrib.auth.middleware.AuthenticationMiddleware', # Adds the user attribute, representing the currently-logged-in user
|
|
'django.contrib.admindocs.middleware.XViewMiddleware', # this and docutils needed by admindocs
|
|
'django.contrib.messages.middleware.MessageMiddleware', # Cookie-based and session-based message support. Needed by admin system
|
|
'django.middleware.clickjacking.XFrameOptionsMiddleware', # clickjacking protection via the X-Frame-Options header
|
|
#'django.middleware.security.SecurityMiddleware', # SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, SECURE_REFERRER_POLICY, and SECURE_SSL_REDIRECT
|
|
#'troggle.core.middleware.SmartAppendSlashMiddleware' # needs adapting after Dj2.0
|
|
]
|
|
|
|
ROOT_URLCONF = 'troggle.urls'
|
|
|
|
WSGI_APPLICATION = 'troggle.wsgi.application' # change to asgi as soon as we upgrade to Django 3.0
|
|
|
|
ACCOUNT_ACTIVATION_DAYS=3
|
|
|
|
# AUTH_PROFILE_MODULE = 'core.person' # used by removed profiles app ?
|
|
|
|
QM_PATTERN="\[\[\s*[Qq][Mm]:([ABC]?)(\d{4})-(\d*)-(\d*)\]\]"
|
|
|
|
# Re-enable TinyMCE when Dj upgraded to v3. Also templates/editexpopage.html
|
|
# TINYMCE_DEFAULT_CONFIG = {
|
|
# 'plugins': "table,spellchecker,paste,searchreplace",
|
|
# 'theme': "advanced",
|
|
# }
|
|
# TINYMCE_SPELLCHECKER = False
|
|
# TINYMCE_COMPRESSOR = True
|
|
|
|
TEST_RUNNER = 'django.test.runner.DiscoverRunner'
|
|
|
|
from localsettings import *
|
|
|
|
#localsettings needs to take precedence. Call it to override any existing vars.
|