416 lines
18 KiB
Python
416 lines
18 KiB
Python
# ruff: noqa: ERA001, E501
|
|
"""Base settings to build other settings files upon."""
|
|
|
|
import ssl
|
|
from pathlib import Path
|
|
|
|
import environ
|
|
|
|
BASE_DIR = Path(__file__).resolve(strict=True).parent.parent.parent
|
|
# lms/
|
|
APPS_DIR = BASE_DIR / "lms"
|
|
env = environ.Env()
|
|
|
|
READ_DOT_ENV_FILE = env.bool("DJANGO_READ_DOT_ENV_FILE", default=False)
|
|
if READ_DOT_ENV_FILE:
|
|
# OS environment variables take precedence over variables from .env
|
|
env.read_env(str(BASE_DIR / ".env"))
|
|
|
|
# GENERAL
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#debug
|
|
DEBUG = env.bool("DJANGO_DEBUG", False)
|
|
# Local time zone. Choices are
|
|
# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
|
|
# though not all of them may be available with every OS.
|
|
# In Windows, this must be set to your system time zone.
|
|
TIME_ZONE = "UTC"
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#language-code
|
|
LANGUAGE_CODE = "en-us"
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#languages
|
|
# from django.utils.translation import gettext_lazy as _
|
|
# LANGUAGES = [
|
|
# ('en', _('English')),
|
|
# ('fr-fr', _('French')),
|
|
# ('pt-br', _('Portuguese')),
|
|
# ]
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#site-id
|
|
SITE_ID = 1
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#use-i18n
|
|
USE_I18N = True
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#use-tz
|
|
USE_TZ = True
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#locale-paths
|
|
LOCALE_PATHS = [str(BASE_DIR / "locale")]
|
|
|
|
# DATABASES
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#databases
|
|
DATABASES = {"default": env.db("DATABASE_URL")}
|
|
DATABASES["default"]["ATOMIC_REQUESTS"] = True
|
|
# https://docs.djangoproject.com/en/stable/ref/settings/#std:setting-DEFAULT_AUTO_FIELD
|
|
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
|
|
|
|
# URLS
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#root-urlconf
|
|
ROOT_URLCONF = "config.urls"
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#wsgi-application
|
|
WSGI_APPLICATION = "config.wsgi.application"
|
|
|
|
# APPS
|
|
# ------------------------------------------------------------------------------
|
|
DJANGO_APPS = [
|
|
"django.contrib.auth",
|
|
"django.contrib.contenttypes",
|
|
"django.contrib.sessions",
|
|
"django.contrib.sites",
|
|
"django.contrib.messages",
|
|
"django.contrib.staticfiles",
|
|
# "django.contrib.humanize", # Handy template tags
|
|
"django.contrib.admin",
|
|
"django.forms",
|
|
]
|
|
THIRD_PARTY_APPS = [
|
|
"crispy_forms",
|
|
"crispy_bootstrap5",
|
|
"allauth",
|
|
'allauth.headless',
|
|
"allauth.account",
|
|
"allauth.mfa",
|
|
"allauth.socialaccount",
|
|
"django_celery_beat",
|
|
"rest_framework",
|
|
"rest_framework.authtoken",
|
|
"corsheaders",
|
|
"drf_spectacular",
|
|
]
|
|
|
|
LOCAL_APPS = [
|
|
"lms.accounts",
|
|
"lms.app",
|
|
# Your stuff: custom apps go here
|
|
]
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#installed-apps
|
|
INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
|
|
|
|
# MIGRATIONS
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#migration-modules
|
|
MIGRATION_MODULES = {"sites": "lms.contrib.sites.migrations"}
|
|
|
|
# AUTHENTICATION
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#authentication-backends
|
|
AUTHENTICATION_BACKENDS = [
|
|
# "django.contrib.auth.backends.ModelBackend",
|
|
"allauth.account.auth_backends.AuthenticationBackend",
|
|
]
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#auth-user-model
|
|
AUTH_USER_MODEL = "accounts.CustomUser"
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#login-redirect-url
|
|
# LOGIN_REDIRECT_URL = "users:redirect"
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#login-url
|
|
# LOGIN_URL = "account_login"
|
|
|
|
# PASSWORDS
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#password-hashers
|
|
PASSWORD_HASHERS = [
|
|
# https://docs.djangoproject.com/en/dev/topics/auth/passwords/#using-argon2-with-django
|
|
"django.contrib.auth.hashers.Argon2PasswordHasher",
|
|
"django.contrib.auth.hashers.PBKDF2PasswordHasher",
|
|
"django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher",
|
|
"django.contrib.auth.hashers.BCryptSHA256PasswordHasher",
|
|
]
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#auth-password-validators
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
{
|
|
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
|
|
},
|
|
{"NAME": "django.contrib.auth.password_validation.MinimumLengthValidator"},
|
|
{"NAME": "django.contrib.auth.password_validation.CommonPasswordValidator"},
|
|
{"NAME": "django.contrib.auth.password_validation.NumericPasswordValidator"},
|
|
]
|
|
|
|
# MIDDLEWARE
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#middleware
|
|
MIDDLEWARE = [
|
|
"corsheaders.middleware.CorsMiddleware",
|
|
"django.middleware.security.SecurityMiddleware",
|
|
"whitenoise.middleware.WhiteNoiseMiddleware",
|
|
"django.contrib.sessions.middleware.SessionMiddleware",
|
|
"django.middleware.locale.LocaleMiddleware",
|
|
"django.middleware.common.CommonMiddleware",
|
|
"django.middleware.csrf.CsrfViewMiddleware",
|
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
|
"django.contrib.messages.middleware.MessageMiddleware",
|
|
"django.middleware.clickjacking.XFrameOptionsMiddleware",
|
|
"allauth.account.middleware.AccountMiddleware",
|
|
]
|
|
|
|
# STATIC
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#static-root
|
|
STATIC_ROOT = str(BASE_DIR / "staticfiles")
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#static-url
|
|
STATIC_URL = "/static/"
|
|
# https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#std:setting-STATICFILES_DIRS
|
|
STATICFILES_DIRS = [str(APPS_DIR / "static")]
|
|
# https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#staticfiles-finders
|
|
STATICFILES_FINDERS = [
|
|
"django.contrib.staticfiles.finders.FileSystemFinder",
|
|
"django.contrib.staticfiles.finders.AppDirectoriesFinder",
|
|
]
|
|
|
|
# MEDIA
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#media-root
|
|
MEDIA_ROOT = str(APPS_DIR / "media")
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#media-url
|
|
MEDIA_URL = "/media/"
|
|
|
|
# TEMPLATES
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#templates
|
|
TEMPLATES = [
|
|
{
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#std:setting-TEMPLATES-BACKEND
|
|
"BACKEND": "django.template.backends.django.DjangoTemplates",
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#dirs
|
|
"DIRS": [str(APPS_DIR / "templates")],
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#app-dirs
|
|
"APP_DIRS": True,
|
|
"OPTIONS": {
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#template-context-processors
|
|
"context_processors": [
|
|
"django.template.context_processors.debug",
|
|
"django.template.context_processors.request",
|
|
"django.contrib.auth.context_processors.auth",
|
|
"django.template.context_processors.i18n",
|
|
"django.template.context_processors.media",
|
|
"django.template.context_processors.static",
|
|
"django.template.context_processors.tz",
|
|
"django.contrib.messages.context_processors.messages",
|
|
],
|
|
},
|
|
},
|
|
]
|
|
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#form-renderer
|
|
FORM_RENDERER = "django.forms.renderers.TemplatesSetting"
|
|
|
|
# http://django-crispy-forms.readthedocs.io/en/latest/install.html#template-packs
|
|
CRISPY_TEMPLATE_PACK = "bootstrap5"
|
|
CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5"
|
|
|
|
# FIXTURES
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#fixture-dirs
|
|
FIXTURE_DIRS = (str(APPS_DIR / "fixtures"),)
|
|
|
|
# SECURITY
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-httponly
|
|
SESSION_COOKIE_HTTPONLY = True
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#csrf-cookie-httponly
|
|
CSRF_COOKIE_HTTPONLY = True
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#x-frame-options
|
|
X_FRAME_OPTIONS = "DENY"
|
|
|
|
# EMAIL
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#email-backend
|
|
EMAIL_BACKEND = env(
|
|
"DJANGO_EMAIL_BACKEND",
|
|
default="django.core.mail.backends.smtp.EmailBackend",
|
|
)
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#email-timeout
|
|
EMAIL_TIMEOUT = 5
|
|
|
|
# ADMIN
|
|
# ------------------------------------------------------------------------------
|
|
# Django Admin URL.
|
|
ADMIN_URL = "admin/"
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#admins
|
|
ADMINS = [("""ص""", "e@gmail.com")]
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#managers
|
|
MANAGERS = ADMINS
|
|
# https://cookiecutter-django.readthedocs.io/en/latest/settings.html#other-environment-settings
|
|
# Force the `admin` sign in process to go through the `django-allauth` workflow
|
|
DJANGO_ADMIN_FORCE_ALLAUTH = env.bool("DJANGO_ADMIN_FORCE_ALLAUTH", default=False)
|
|
|
|
# LOGGING
|
|
# ------------------------------------------------------------------------------
|
|
# https://docs.djangoproject.com/en/dev/ref/settings/#logging
|
|
# See https://docs.djangoproject.com/en/dev/topics/logging for
|
|
# more details on how to customize your logging configuration.
|
|
# LOGGING = {
|
|
# "version": 1,
|
|
# "disable_existing_loggers": False,
|
|
# "formatters": {
|
|
# "verbose": {
|
|
# "format": "%(levelname)s %(asctime)s %(module)s %(process)d %(thread)d %(message)s",
|
|
# },
|
|
# },
|
|
# "handlers": {
|
|
# "console": {
|
|
# "level": "DEBUG",
|
|
# "class": "logging.StreamHandler",
|
|
# "formatter": "verbose",
|
|
# },
|
|
# },
|
|
# "root": {"level": "INFO", "handlers": ["console"]},
|
|
# }
|
|
|
|
REDIS_URL = env("REDIS_URL", default="redis://redis:6379/0")
|
|
REDIS_SSL = REDIS_URL.startswith("rediss://")
|
|
|
|
# Celery
|
|
# ------------------------------------------------------------------------------
|
|
if USE_TZ:
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-timezone
|
|
CELERY_TIMEZONE = TIME_ZONE
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-broker_url
|
|
CELERY_BROKER_URL = REDIS_URL
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#redis-backend-use-ssl
|
|
CELERY_BROKER_USE_SSL = {"ssl_cert_reqs": ssl.CERT_NONE} if REDIS_SSL else None
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-result_backend
|
|
CELERY_RESULT_BACKEND = REDIS_URL
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#redis-backend-use-ssl
|
|
CELERY_REDIS_BACKEND_USE_SSL = CELERY_BROKER_USE_SSL
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#result-extended
|
|
CELERY_RESULT_EXTENDED = True
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#result-backend-always-retry
|
|
# https://github.com/celery/celery/pull/6122
|
|
CELERY_RESULT_BACKEND_ALWAYS_RETRY = True
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#result-backend-max-retries
|
|
CELERY_RESULT_BACKEND_MAX_RETRIES = 10
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-accept_content
|
|
CELERY_ACCEPT_CONTENT = ["json"]
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-task_serializer
|
|
CELERY_TASK_SERIALIZER = "json"
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std:setting-result_serializer
|
|
CELERY_RESULT_SERIALIZER = "json"
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#task-time-limit
|
|
# TODO: set to whatever value is adequate in your circumstances
|
|
CELERY_TASK_TIME_LIMIT = 5 * 60
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#task-soft-time-limit
|
|
# TODO: set to whatever value is adequate in your circumstances
|
|
CELERY_TASK_SOFT_TIME_LIMIT = 60
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#beat-scheduler
|
|
CELERY_BEAT_SCHEDULER = "django_celery_beat.schedulers:DatabaseScheduler"
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#worker-send-task-events
|
|
CELERY_WORKER_SEND_TASK_EVENTS = True
|
|
# https://docs.celeryq.dev/en/stable/userguide/configuration.html#std-setting-task_send_sent_event
|
|
CELERY_TASK_SEND_SENT_EVENT = True
|
|
# https://cheat.readthedocs.io/en/latest/django/celery.html
|
|
CELERYD_HIJACK_ROOT_LOGGER = False
|
|
# django-allauth
|
|
# ------------------------------------------------------------------------------
|
|
ACCOUNT_ALLOW_REGISTRATION = env.bool("DJANGO_ACCOUNT_ALLOW_REGISTRATION", True)
|
|
# https://docs.allauth.org/en/latest/account/configuration.html
|
|
ACCOUNT_AUTHENTICATION_METHOD = "email"
|
|
# https://docs.allauth.org/en/latest/account/configuration.html
|
|
ACCOUNT_EMAIL_REQUIRED = True
|
|
# https://docs.allauth.org/en/latest/account/configuration.html
|
|
ACCOUNT_USERNAME_REQUIRED = False
|
|
# https://docs.allauth.org/en/latest/account/configuration.html
|
|
ACCOUNT_USER_MODEL_USERNAME_FIELD = None
|
|
# https://docs.allauth.org/en/latest/account/configuration.html
|
|
ACCOUNT_EMAIL_VERIFICATION = "mandatory"
|
|
ACCOUNT_LOGOUT_ON_GET = True
|
|
LOGOUT_ON_PASSWORD_CHANGE = False
|
|
ACCOUNT_CHANGE_EMAIL = True
|
|
ACCOUNT_EMAIL_CONFIRMATION_HMAC = True
|
|
ACCOUNT_CONFIRM_EMAIL_ON_GET = True
|
|
ACCOUNT_MAX_EMAIL_ADDRESSES = 2
|
|
ACCOUNT_EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URL = None
|
|
ACCOUNT_EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URL = None
|
|
# ACCOUNT_RATE_LIMITS = {
|
|
# "confirm_email": "1/4m", # 1 confirmation email every 4 minutes
|
|
# }
|
|
HEADLESS_FRONTEND_URLS = {
|
|
"account_confirm_email": "http://127.0.0.1:3000/account/email-confirmation/{key}/",
|
|
# Key placeholders are automatically populated. You are free to adjust this
|
|
# to your own needs, e.g.
|
|
#
|
|
# "https://app.project.org/account/email/verify-email?token={key}",
|
|
"account_reset_password": "https://app.project.org/account/password/reset",
|
|
"account_reset_password_from_key": "https://app.project.org/account/password/reset/key/{key}",
|
|
# "account_signup": "https://app.project.org/account/signup",
|
|
# Fallback in case the state containing the `next` URL is lost and the handshake
|
|
# with the third-party provider fails.
|
|
# "socialaccount_login_error": "https://app.project.org/account/provider/callback",
|
|
}
|
|
HEADLESS_ONLY = True
|
|
# https://docs.allauth.org/en/latest/account/configuration.html
|
|
# ACCOUNT_ADAPTER = "lms.accounts.adapters.CustomAccountAdapter"
|
|
# https://docs.allauth.org/en/latest/account/forms.html
|
|
# ACCOUNT_FORMS = {"signup": "lms.users.forms.UserSignupForm"}
|
|
# https://docs.allauth.org/en/latest/socialaccount/configuration.html
|
|
# SOCIALACCOUNT_ADAPTER = "lms.users.adapters.SocialAccountAdapter"
|
|
# https://docs.allauth.org/en/latest/socialaccount/configuration.html
|
|
# SOCIALACCOUNT_FORMS = {"signup": "lms.users.forms.UserSocialSignupForm"}
|
|
# django-compressor
|
|
# ------------------------------------------------------------------------------
|
|
# https://django-compressor.readthedocs.io/en/latest/quickstart/#installation
|
|
INSTALLED_APPS += ["compressor"]
|
|
STATICFILES_FINDERS += ["compressor.finders.CompressorFinder"]
|
|
# django-rest-framework
|
|
# -------------------------------------------------------------------------------
|
|
# django-rest-framework - https://www.django-rest-framework.org/api-guide/settings/
|
|
REST_FRAMEWORK = {
|
|
"DEFAULT_AUTHENTICATION_CLASSES": (
|
|
"rest_framework.authentication.SessionAuthentication",
|
|
"rest_framework.authentication.TokenAuthentication",
|
|
'dj_rest_auth.jwt_auth.JWTCookieAuthentication',
|
|
),
|
|
"DEFAULT_PERMISSION_CLASSES": (
|
|
'rest_framework.permissions.AllowAny',
|
|
"rest_framework.permissions.IsAuthenticated",
|
|
),
|
|
"DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
|
|
}
|
|
REST_AUTH = {
|
|
'LOGIN_SERIALIZER': 'lms.accounts.serializers.CustomLoginSerializer',
|
|
'REGISTER_SERIALIZER': 'lms.accounts.serializers.CustomRegisterSerializer',
|
|
'OLD_PASSWORD_FIELD_ENABLED': True,
|
|
'USE_JWT': True,
|
|
'JWT_AUTH_HTTPONLY':False
|
|
|
|
}
|
|
from datetime import timedelta
|
|
SIMPLE_JWT = {
|
|
'ACCESS_TOKEN_LIFETIME': timedelta(hours=5),
|
|
'REFRESH_TOKEN_LIFETIME': timedelta(days=30),
|
|
'ROTATE_REFRESH_TOKENS': True,
|
|
'BLACKLIST_AFTER_ROTATION': True,
|
|
'ALGORITHM': 'HS256',
|
|
'SIGNING_KEY': 'SECRET_KEY',
|
|
}
|
|
|
|
# django-cors-headers - https://github.com/adamchainz/django-cors-headers#setup
|
|
# CORS_URLS_REGEX = r"^/api/.*$"
|
|
|
|
# By Default swagger ui is available only to admin user(s). You can change permission classes to change that
|
|
# See more configuration options at https://drf-spectacular.readthedocs.io/en/latest/settings.html#settings
|
|
SPECTACULAR_SETTINGS = {
|
|
"TITLE": "Learning Management System API",
|
|
"DESCRIPTION": "Documentation of API endpoints of Learning Management System",
|
|
"VERSION": "1.0.0",
|
|
# "SERVE_PERMISSIONS": ["rest_framework.permissions.IsAdminUser"],
|
|
"SCHEMA_PATH_PREFIX": "/api/",
|
|
'SERVE_INCLUDE_SCHEMA': False,
|
|
}
|
|
# Your stuff...
|
|
# ------------------------------------------------------------------------------
|
|
# CSRF_COOKIE_SECURE = False # لأنك لا تستخدم HTTPS محليًا
|
|
# CSRF_COOKIE_SAMESITE = 'None' # للسماح بالطلبات عبر النطاقات
|
|
# CSRF_COOKIE_HTTPONLY = False # للسماح للـ JavaScript بالوصول إذا لزم الأمر
|
|
|
|
# SESSION_COOKIE_SECURE = False
|
|
# SESSION_COOKIE_SAMESITE = 'None'
|
|
# SESSION_COOKIE_HTTPONLY = True
|
|
|