Tesis 1.0.0
Loading...
Searching...
No Matches
settings.py
Go to the documentation of this file.
1"""
2Django settings for back2fa project.
3
4Generated by 'django-admin startproject' using Django 4.2.
5
6For more information on this file, see
7https://docs.djangoproject.com/en/4.2/topics/settings/
8
9For the full list of settings and their values, see
10https://docs.djangoproject.com/en/4.2/ref/settings/
11"""
12
13from pathlib import Path
14import os
15
16# Build paths inside the project like this: BASE_DIR / 'subdir'.
17BASE_DIR = Path(__file__).resolve().parent.parent
18
19
20# Quick-start development settings - unsuitable for production
21# See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
22
23# SECURITY WARNING: keep the secret key used in production secret!
24SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', 'django-insecure-qhu0i@1blx*kwq=!o#grkdq^_5k1gce3(8(y46twjd40_vcj$$')
25
26# SECURITY WARNING: don't run with debug turned on in production!
27DEBUG = os.environ.get('DJANGO_DEBUG', 'False') != 'False'
28
29ALLOWED_HOSTS = ['back2fa.onrender.com', 'localhost', '127.0.0.1']
30
31# Configuración de seguridad para producción
32SECURE_SSL_REDIRECT = os.environ.get('DJANGO_SECURE_SSL_REDIRECT', 'False') == 'True'
33SECURE_HSTS_SECONDS = 3600
34SECURE_HSTS_INCLUDE_SUBDOMAINS = True
35SECURE_HSTS_PRELOAD = True
36SESSION_COOKIE_SECURE = True
37CSRF_COOKIE_SECURE = True
38SECURE_BROWSER_XSS_FILTER = True
39SECURE_CONTENT_TYPE_NOSNIFF = True
40X_FRAME_OPTIONS = 'DENY'
41SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
42
43
44# Application definition
45
46INSTALLED_APPS = [
47 'django.contrib.admin',
48 'django.contrib.auth',
49 'django.contrib.contenttypes',
50 'django.contrib.sessions',
51 'django.contrib.messages',
52 'django.contrib.staticfiles',
53 'rest_framework',
54 'twofa',
55]
56
57INSTALLED_APPS += ['corsheaders']
58
59MIDDLEWARE = [
60 'corsheaders.middleware.CorsMiddleware', # Debe ir antes de CommonMiddleware
61 'django.middleware.security.SecurityMiddleware',
62 'django.contrib.sessions.middleware.SessionMiddleware',
63 'django.middleware.common.CommonMiddleware',
64 'django.middleware.csrf.CsrfViewMiddleware',
65 'django.contrib.auth.middleware.AuthenticationMiddleware',
66 'django.contrib.messages.middleware.MessageMiddleware',
67 'django.middleware.clickjacking.XFrameOptionsMiddleware',
68]
69
70ROOT_URLCONF = 'back2fa.urls'
71
72TEMPLATES = [
73 {
74 'BACKEND': 'django.template.backends.django.DjangoTemplates',
75 'DIRS': [],
76 'APP_DIRS': True,
77 'OPTIONS': {
78 'context_processors': [
79 'django.template.context_processors.debug',
80 'django.template.context_processors.request',
81 'django.contrib.auth.context_processors.auth',
82 'django.contrib.messages.context_processors.messages',
83 ],
84 },
85 },
86]
87
88WSGI_APPLICATION = 'back2fa.wsgi.application'
89
90
91# Database
92# https://docs.djangoproject.com/en/4.2/ref/settings/#databases
93
94DATABASES = {
95 'default': {
96 'ENGINE': 'django.db.backends.mysql',
97 'NAME': 'railway',
98 'USER': 'root',
99 'PASSWORD': 'BGVqserZKnEpylRlbhwyQcgSmmoocqAt',
100 'HOST': 'shortline.proxy.rlwy.net',
101 'PORT': '45482',
102 'OPTIONS': {
103 'sql_mode': 'traditional',
104 }
105 }
106}
107
108
109# Password validation
110# https://docs.djangoproject.com/en/4.2/ref/settings/#auth-password-validators
111
112AUTH_PASSWORD_VALIDATORS = [
113 {
114 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
115 },
116 {
117 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
118 },
119 {
120 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
121 },
122 {
123 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
124 },
125]
126
127
128# Internationalization
129# https://docs.djangoproject.com/en/4.2/topics/i18n/
130
131LANGUAGE_CODE = 'en-us'
132
133TIME_ZONE = 'UTC'
134
135USE_I18N = True
136
137USE_TZ = True
138
139
140# Static files (CSS, JavaScript, Images)
141# https://docs.djangoproject.com/en/4.2/howto/static-files/
142
143STATIC_URL = '/static/'
144STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles')
145
146# Default primary key field type
147# https://docs.djangoproject.com/en/4.2/ref/settings/#default-auto-field
148
149DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
150
151CORS_ALLOWED_ORIGINS = [
152 "https://ispcfood.netlify.app",
153 "http://localhost:4200",
154 "http://localhost:4000",
155 "http://127.0.0.1:4200",
156 "https://ispcfood.netlify.app",
157 "https://*.netlify.app", # Para permitir cualquier subdominio de netlify
158]
159
160# En desarrollo podemos permitir todos los orígenes
161# En producción definimos específicamente los orígenes permitidos
162CORS_ALLOW_ALL_ORIGINS = False
163CORS_ALLOW_CREDENTIALS = True
164CORS_ALLOW_METHODS = [
165 'DELETE',
166 'GET',
167 'OPTIONS',
168 'PATCH',
169 'POST',
170 'PUT',
171]
172CORS_ALLOW_HEADERS = [
173 'accept',
174 'accept-encoding',
175 'authorization',
176 'content-type',
177 'dnt',
178 'origin',
179 'user-agent',
180 'x-csrftoken',
181 'x-requested-with',
182]
183
184# Configuración de Logging para depuración
185LOGGING = {
186 'version': 1,
187 'disable_existing_loggers': False,
188 'handlers': {
189 'console': {
190 'class': 'logging.StreamHandler',
191 },
192 },
193 'root': {
194 'handlers': ['console'],
195 'level': 'INFO',
196 },
197 'loggers': {
198 'django': {
199 'handlers': ['console'],
200 'level': 'INFO',
201 'propagate': True,
202 },
203 },
204}