· 6 years ago · Oct 15, 2019, 12:12 AM
1import os
2
3from corsheaders.defaults import default_headers
4
5# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
6BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
7
8# Quick-start development settings - unsuitable for production
9# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/
10
11# SECURITY WARNING: keep the secret key used in production secret!
12SECRET_KEY = '+vh@!2sdmh70%6y@)yjo62rv3j#)k4p6#50#bzp-)to#%a)!68'
13
14# SECURITY WARNING: don't run with debug turned on in production!
15DEBUG = True
16
17# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
18# CSRF_COOKIE_SECURE = True
19# SESSION_COOKIE_SECURE = True
20# Look into http strict transport security, django to avoid MITM attacks
21
22ALLOWED_HOSTS = ['localhost', 'localtunnel.me', 'lvh.me']
23
24# Application definition
25
26INSTALLED_APPS = [
27 'adaptilab.apps.AdaptilabConfig',
28 'rest_framework',
29 'rest_framework_api_key',
30 'django.contrib.admin',
31 'django.contrib.auth',
32 'django.contrib.contenttypes',
33 'django.contrib.sessions',
34 'django.contrib.messages',
35 'django.contrib.staticfiles',
36 'social_django',
37 'corsheaders',
38]
39
40MIDDLEWARE = [
41 'django.middleware.security.SecurityMiddleware',
42 'corsheaders.middleware.CorsMiddleware',
43 # 'django.contrib.sessions.middleware.SessionMiddleware',
44 'django_session_header.middleware.SessionMiddleware',
45 'django.middleware.common.CommonMiddleware',
46 'django.middleware.csrf.CsrfViewMiddleware',
47 'django.contrib.auth.middleware.AuthenticationMiddleware',
48 'django.contrib.messages.middleware.MessageMiddleware',
49 'django.middleware.clickjacking.XFrameOptionsMiddleware',
50 'social_django.middleware.SocialAuthExceptionMiddleware',
51]
52
53CORS_ORIGIN_REGEX_WHITELIST = [
54 r"(http(s)?://)?localhost:\d+",
55 r"(http(s)?://)?lvh.me:\d+",
56 r"(^.)*.localtunnel.me",
57]
58#
59# CSRF_TRUSTED_ORIGINS = [
60# 'localhost:3000',
61# 'lvh.me',
62# 'localtunnel.me',
63# ]
64
65CORS_ALLOW_CREDENTIALS = True
66
67CORS_ALLOW_HEADERS = list(default_headers) + [
68 'x-csrftoken',
69 'x-csrf-token',
70 'content-type',
71 'x-session-id',
72 'x-sessionid',
73 'X-SessionID'
74]
75
76CORS_EXPOSE_HEADERS = [
77 'x-sessionid',
78 'x-csrftoken',
79 'x-csrf-token',
80
81
82]
83
84CSRF_USE_SESSIONS = True
85
86SESSION_ENGINE = 'django.contrib.sessions.backends.signed_cookies'
87
88ROOT_URLCONF = 'mysite.urls'
89
90TEMPLATES = [
91 {
92 'BACKEND': 'django.template.backends.django.DjangoTemplates',
93 'DIRS': [
94 # os.path.join(BASE_DIR, 'adaptilab/client', 'build'),
95 os.path.join(BASE_DIR, 'adaptilab/web', 'build'),
96 BASE_DIR + '/adaptilab/web/build',
97 # BASE_DIR + '/adaptilab/client/build',
98 os.path.join(BASE_DIR, 'adaptilab/templates'),
99 BASE_DIR + '/adaptilab/templates',
100 ],
101 'APP_DIRS': True,
102 'OPTIONS': {
103 'context_processors': [
104 'django.template.context_processors.debug',
105 'django.template.context_processors.request',
106 'django.contrib.auth.context_processors.auth',
107 'django.contrib.messages.context_processors.messages',
108 'social_django.context_processors.backends',
109 'social_django.context_processors.login_redirect',
110 ],
111 },
112 },
113]
114
115WSGI_APPLICATION = 'mysite.wsgi.application'
116
117# For migration, do python manage.py migrate --database=db_name
118# To use non-default database is shell, use 'using' function: e.g. MyModel.objects.using('production').all()
119# Use the 'db_manager' function for create_user, e.g. Candidate.objects.db_manager(db).create_user(...)
120DATABASES = {
121 # https://docs.djangoproject.com/en/2.2/topics/db/multi-db/
122 'default': {
123 'ENGINE': 'django.db.backends.sqlite3',
124 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
125 },
126 'production': {
127 'ENGINE': 'django.db.backends.postgresql',
128 'NAME': 'userdb',
129 'USER': 'adaptilabdb',
130 'PASSWORD': 'Newport123!', # Move to different file
131 'HOST': 'userdbinstance.cve6j5b9okqz.us-west-2.rds.amazonaws.com', # Store as environment variable
132 'PORT': '5432',
133 },
134 'qa': {
135 'ENGINE': 'django.db.backends.postgresql',
136 'NAME': 'qadb',
137 'USER': 'qauser',
138 'PASSWORD': 'IndianapolisColts12!', # Move to different file
139 'HOST': 'adaptilabdb-qa.cve6j5b9okqz.us-west-2.rds.amazonaws.com', # Store as environment variable
140 'PORT': '5432',
141 }
142}
143
144# https://docs.djangoproject.com/en/2.2/topics/auth/customizing/#changing-to-a-custom-user-model-mid-project
145AUTH_USER_MODEL = 'adaptilab.AdaptiLabUser'
146
147# List of Authentication Backends for authenticating user
148AUTHENTICATION_BACKENDS = [
149 'social_core.backends.linkedin.LinkedinOAuth2',
150 'social_core.backends.google.GoogleOAuth2',
151 'social_core.backends.facebook.FacebookOAuth2',
152 'social_core.backends.github.GithubOAuth2',
153 'django.contrib.auth.backends.ModelBackend',
154]
155
156# Social Auth Pipeline
157SOCIAL_AUTH_PIPELINE = (
158 'social_core.pipeline.social_auth.social_details',
159 'social_core.pipeline.social_auth.social_uid',
160 'social_core.pipeline.social_auth.auth_allowed',
161 'social_core.pipeline.social_auth.social_user',
162 'social_core.pipeline.user.get_username',
163 'social_core.pipeline.social_auth.associate_by_email', # Merge duplicate emails
164 'social_core.pipeline.user.create_user',
165 'social_core.pipeline.social_auth.associate_user',
166 'social_core.pipeline.social_auth.load_extra_data',
167 'social_core.pipeline.user.user_details',
168)
169
170# Social Auth Config
171SOCIAL_AUTH_USERNAME_IS_FULL_EMAIL = True
172SOCIAL_AUTH_LOGIN_REDIRECT_URL = 'adaptilab:candidate_oauth'
173SOCIAL_AUTH_LOGIN_URL = 'adaptilab:candidate_signin'
174SOCIAL_AUTH_LOGIN_ERROR_URL = '/candidate/signin/?error=oauth-login'
175SOCIAL_AUTH_POSTGRES_JSONFIELD = True
176SOCIAL_AUTH_URL_NAMESPACE = 'social'
177SOCIAL_AUTH_USER_MODEL = 'adaptilab.Candidate'
178
179# LinkedIn OAuth2.0
180SOCIAL_AUTH_LINKEDIN_OAUTH2_KEY = '78bgbpvwv2rbvs'
181SOCIAL_AUTH_LINKEDIN_OAUTH2_SECRET = 'wl0CP8CxMKA8mhxG'
182SOCIAL_AUTH_LINKEDIN_OAUTH2_SCOPE = ['r_basicprofile', 'r_emailaddress']
183SOCIAL_AUTH_LINKEDIN_OAUTH2_FIELD_SELECTORS = ['emailAddress', 'formattedName', 'publicProfileUrl', 'pictureUrl']
184SOCIAL_AUTH_LINKEDIN_OAUTH2_EXTRA_DATA = [
185 ('id', 'id'),
186 ('formattedName', 'name'),
187 ('emailAddress', 'email_address'),
188 ('pictureUrl', 'picture_url'),
189 ('publicProfileUrl', 'profile_url'),
190]
191
192# Facebook OAuth2.0
193SOCIAL_AUTH_FACEBOOK_KEY = '1242811182568511'
194SOCIAL_AUTH_FACEBOOK_SECRET = 'b7b2ed3bca67e54d9471d7da7ad7bc88'
195SOCIAL_AUTH_FACEBOOK_API_VERSION = '4.0'
196SOCIAL_AUTH_FACEBOOK_SCOPE = ['email']
197SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {
198 'fields': 'id, name, email'
199}
200
201# Google OAuth2.0
202SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = '580400534713-dhu025b8srieueh93emvglpgl9ng4dnd.apps.googleusercontent.com'
203SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = 'woEL_kMrdxqJvV7K3zMdtrpu'
204SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = ['email']
205
206# GitHub OAuth2.0
207SOCIAL_AUTH_GITHUB_KEY = 'b794b5cbc8edb33792b3'
208SOCIAL_AUTH_GITHUB_SECRET = 'fa5f384a59d5b2e1df23648d3c006b642360c75c'
209SOCIAL_AUTH_GITHUB_SCOPE = ['user']
210
211# Password validation
212# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators
213
214AUTH_PASSWORD_VALIDATORS = [
215 {
216 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
217 },
218 {
219 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
220 },
221 {
222 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
223 },
224 {
225 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
226 },
227]
228
229# Sending confirmation and password emails
230
231EMAIL_HOST = 'email-smtp.us-west-2.amazonaws.com'
232EMAIL_PORT = 587
233EMAIL_HOST_USER = 'AKIAIKLTUJRROVZYCDXA' # Move the strings to environment variables
234EMAIL_HOST_PASSWORD = 'At2m5eIuCMDY59PCmuCLe2I21bQkyCGTY3LBviCg/7VC'
235EMAIL_USE_TLS = True
236DEFAULT_FROM_EMAIL = 'AdaptiLab <do-not-reply@adaptilab.com>'
237
238# AWS credentials for web app
239AWS_ACCESS_KEY_ID = 'AKIAUKC6I3KAGNXJ6MOQ'
240AWS_SECRET_ACCESS_KEY = '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'
241
242# Stripe API keys
243
244STRIPE_PUBLISHABLE_KEY = 'pk_test_s8dGcN2X0iCgtjZSxXm9mXRo'
245STRIPE_SECRET_KEY = 'sk_test_tJbJpkF1wtff0LjgpwjZ85l6'
246
247# REST API settings
248REST_FRAMEWORK = {
249 'DEFAULT_AUTHENTICATION_CLASSES': [],
250 'DEFAULT_PERMISSION_CLASSES': [
251 'adaptilab.api_permissions.HasBasicAuthenticationAPIKey',
252 ],
253 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
254 'PAGE_SIZE': 10,
255}
256
257# Mixpanel token
258
259MIXPANEL_TOKEN = 'd113ca12d25df81ce9e906562c3313da'
260
261# Internationalization
262# https://docs.djangoproject.com/en/2.0/topics/i18n/
263
264LANGUAGE_CODE = 'en-us'
265
266TIME_ZONE = 'America/Los_Angeles'
267
268USE_I18N = True
269
270USE_L10N = True
271
272USE_TZ = True
273
274# Static files (CSS, JavaScript, Images)
275# https://docs.djangoproject.com/en/2.0/howto/static-files/
276
277STATIC_URL = '/static/'
278STATICFILES_DIRS = [
279 os.path.join(BASE_DIR, 'static'),
280 os.path.join(BASE_DIR, 'adaptilab', 'web', 'build', 'static'),
281]