pacnpal/thrilltrack-explorer
1
0
Fork 0
mirror of https://github.com/pacnpal/thrilltrack-explorer.git synced 2025-12-23 12:31:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

Refactor code structure and remove redundant changes

Browse Source
This commit is contained in:
pacnpal
2025-11-09 16:31:34 -05:00
parent 2884bc23ce
commit eb68cf40c6
1080 changed files with 27361 additions and 56687 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
django-backend/config/settings/__init__.py Normal file
View File

@@ -0,0 +1,17 @@
"""
Django settings package.
Automatically loads the correct settings based on DJANGO_SETTINGS_MODULE environment variable.
"""
import os
# Determine which settings to use
settings_module = os.getenv('DJANGO_SETTINGS_MODULE', 'config.settings.local')
if settings_module == 'config.settings.production':
from .production import *
elif settings_module == 'config.settings.local':
from .local import *
else:
# Default to local for development
from .local import *

519
django-backend/config/settings/base.py Normal file
View File

@@ -0,0 +1,519 @@
"""
Django base settings for ThrillWiki project.
These settings are common across all environments.
"""
from pathlib import Path
import environ
# Build paths
BASE_DIR = Path(__file__).resolve().parent.parent.parent
# Initialize environment variables
env = environ.Env(
DEBUG=(bool, False),
ALLOWED_HOSTS=(list, []),
)
# Read .env file if it exists
environ.Env.read_env(BASE_DIR / '.env')
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = env('SECRET_KEY', default='django-insecure-change-this-in-production')
# Application definition
INSTALLED_APPS = [
# Django Unfold (must come before django.contrib.admin)
'unfold',
'unfold.contrib.filters',
'unfold.contrib.forms',
'unfold.contrib.import_export',
# Django GIS (must come before admin for proper admin integration)
'django.contrib.gis',
# Django apps
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
# Third-party apps
'import_export',
'rest_framework',
'rest_framework_simplejwt',
'ninja',
'django_filters',
'corsheaders',
'guardian',
'django_otp',
'django_otp.plugins.otp_totp',
'allauth',
'allauth.account',
'allauth.socialaccount',
'allauth.socialaccount.providers.google',
'allauth.socialaccount.providers.discord',
'allauth.mfa',
'allauth.mfa.webauthn',
'allauth.mfa.totp',
'django_celery_beat',
'django_celery_results',
'django_extensions',
'channels',
'storages',
'defender',
'pgtrigger',
'pghistory',
# Local apps
'apps.core',
'apps.users',
'apps.entities',
'apps.moderation',
'apps.media',
'apps.notifications',
'apps.reviews',
'apps.timeline',
'apps.reports',
'apps.contact',
]
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'corsheaders.middleware.CorsMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django_otp.middleware.OTPMiddleware',
'allauth.account.middleware.AccountMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
'defender.middleware.FailedLoginMiddleware',
]
ROOT_URLCONF = 'config.urls'
TEMPLATES = [
{
'BACKEND': 'django.template.backends.django.DjangoTemplates',
'DIRS': [BASE_DIR / 'templates'],
'APP_DIRS': True,
'OPTIONS': {
'context_processors': [
'django.template.context_processors.debug',
'django.template.context_processors.request',
'django.contrib.auth.context_processors.auth',
'django.contrib.messages.context_processors.messages',
],
},
},
]
WSGI_APPLICATION = 'config.wsgi.application'
ASGI_APPLICATION = 'config.asgi.application'
# Database
DATABASES = {
'default': env.db('DATABASE_URL', default='postgresql://localhost/thrillwiki')
}
# Password validation
AUTH_PASSWORD_VALIDATORS = [
{
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_TZ = True
# Static files
STATIC_URL = 'static/'
STATIC_ROOT = BASE_DIR / 'staticfiles'
STATICFILES_DIRS = [BASE_DIR / 'static']
# Media files
MEDIA_URL = 'media/'
MEDIA_ROOT = BASE_DIR / 'media'
# Default primary key field type
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
# Custom User Model
AUTH_USER_MODEL = 'users.User'
# Authentication Backends
AUTHENTICATION_BACKENDS = [
'django.contrib.auth.backends.ModelBackend',
'allauth.account.auth_backends.AuthenticationBackend',
'guardian.backends.ObjectPermissionBackend',
]
# Django REST Framework
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_simplejwt.authentication.JWTAuthentication',
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticatedOrReadOnly',
],
'DEFAULT_FILTER_BACKENDS': [
'django_filters.rest_framework.DjangoFilterBackend',
],
'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
'PAGE_SIZE': 50,
}
# JWT Settings
from datetime import timedelta
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),
'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
'ROTATE_REFRESH_TOKENS': True,
'BLACKLIST_AFTER_ROTATION': True,
'ALGORITHM': 'HS256',
'SIGNING_KEY': SECRET_KEY,
'AUTH_HEADER_TYPES': ('Bearer',),
}
# CORS Settings
CORS_ALLOWED_ORIGINS = env.list(
'CORS_ALLOWED_ORIGINS',
default=['http://localhost:5173', 'http://localhost:3000']
)
CORS_ALLOW_CREDENTIALS = True
# Redis Configuration
REDIS_URL = env('REDIS_URL', default='redis://localhost:6379/0')
# Caching
CACHES = {
'default': {
'BACKEND': 'django_redis.cache.RedisCache',
'LOCATION': REDIS_URL,
'OPTIONS': {
'CLIENT_CLASS': 'django_redis.client.DefaultClient',
'PARSER_CLASS': 'redis.connection.HiredisParser',
},
'KEY_PREFIX': 'thrillwiki',
'TIMEOUT': 300,
}
}
# Session Configuration
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_CACHE_ALIAS = 'default'
SESSION_COOKIE_AGE = 86400 * 30 # 30 days
# Celery Configuration
CELERY_BROKER_URL = env('CELERY_BROKER_URL', default=REDIS_URL)
CELERY_RESULT_BACKEND = env('CELERY_RESULT_BACKEND', default='redis://localhost:6379/1')
CELERY_ACCEPT_CONTENT = ['json']
CELERY_TASK_SERIALIZER = 'json'
CELERY_RESULT_SERIALIZER = 'json'
CELERY_TIMEZONE = TIME_ZONE
CELERY_TASK_TRACK_STARTED = True
CELERY_TASK_TIME_LIMIT = 30 * 60 # 30 minutes
# Celery Beat Schedule (Periodic Tasks)
from celery.schedules import crontab
CELERY_BEAT_SCHEDULE = {
# Clean up expired moderation locks every 5 minutes
'cleanup-expired-locks': {
'task': 'apps.moderation.tasks.cleanup_expired_locks',
'schedule': crontab(minute='*/5'),
},
# Clean up expired JWT tokens daily at 2 AM
'cleanup-expired-tokens': {
'task': 'apps.users.tasks.cleanup_expired_tokens',
'schedule': crontab(hour=2, minute=0),
},
# Update entity statistics every 6 hours
'update-all-statistics': {
'task': 'apps.entities.tasks.update_all_statistics',
'schedule': crontab(hour='*/6', minute=0),
},
# Clean up old rejected photos weekly on Monday at 3 AM
'cleanup-rejected-photos': {
'task': 'apps.media.tasks.cleanup_rejected_photos',
'schedule': crontab(day_of_week=1, hour=3, minute=0),
},
# Auto-unlock stale reviews every 30 minutes
'auto-unlock-stale-reviews': {
'task': 'apps.moderation.tasks.auto_unlock_stale_reviews',
'schedule': crontab(minute='*/30'),
},
# Check moderation queue size every hour
'check-moderation-queue': {
'task': 'apps.moderation.tasks.notify_moderators_of_queue_size',
'schedule': crontab(minute=0),
},
# Update photo statistics daily at 1 AM
'update-photo-statistics': {
'task': 'apps.media.tasks.update_photo_statistics',
'schedule': crontab(hour=1, minute=0),
},
# Update moderation statistics daily at 1:30 AM
'update-moderation-statistics': {
'task': 'apps.moderation.tasks.update_moderation_statistics',
'schedule': crontab(hour=1, minute=30),
},
# Update user statistics daily at 4 AM
'update-user-statistics': {
'task': 'apps.users.tasks.update_user_statistics',
'schedule': crontab(hour=4, minute=0),
},
# Calculate global statistics every 12 hours
'calculate-global-statistics': {
'task': 'apps.entities.tasks.calculate_global_statistics',
'schedule': crontab(hour='*/12', minute=0),
},
}
# Django Channels
CHANNEL_LAYERS = {
'default': {
'BACKEND': 'channels_redis.core.RedisChannelLayer',
'CONFIG': {
'hosts': [REDIS_URL],
},
},
}
# Django Cacheops
CACHEOPS_REDIS = REDIS_URL
CACHEOPS_DEFAULTS = {
'timeout': 60*15 # 15 minutes
}
CACHEOPS = {
'entities.park': {'ops': 'all', 'timeout': 60*15},
'entities.ride': {'ops': 'all', 'timeout': 60*15},
'entities.company': {'ops': 'all', 'timeout': 60*15},
'core.*': {'ops': 'all', 'timeout': 60*60}, # 1 hour for reference data
'*.*': {'timeout': 60*60},
}
# Django Allauth (Updated to latest settings format)
ACCOUNT_LOGIN_METHODS = {'email'}
ACCOUNT_SIGNUP_FIELDS = ['email*', 'password1*', 'password2*']
ACCOUNT_EMAIL_VERIFICATION = 'optional'
SITE_ID = 1
# MFA / WebAuthn Configuration
MFA_ENABLED = True
MFA_WEBAUTHN_ALLOW_INSECURE_ORIGIN = env.bool('MFA_WEBAUTHN_ALLOW_INSECURE_ORIGIN', default=False) # Set to True for local development
MFA_WEBAUTHN_RP_ID = env('MFA_WEBAUTHN_RP_ID', default='localhost') # In production: 'thrillwiki.com'
MFA_WEBAUTHN_RP_NAME = 'ThrillWiki'
# Site Configuration
SITE_URL = env('SITE_URL', default='http://localhost:8000')
DEFAULT_FROM_EMAIL = env('DEFAULT_FROM_EMAIL', default='noreply@thrillwiki.com')
# CloudFlare Images
CLOUDFLARE_ACCOUNT_ID = env('CLOUDFLARE_ACCOUNT_ID', default='')
CLOUDFLARE_IMAGE_TOKEN = env('CLOUDFLARE_IMAGE_TOKEN', default='')
CLOUDFLARE_IMAGE_HASH = env('CLOUDFLARE_IMAGE_HASH', default='')
# CloudFlare Images base URL - supports both imagedelivery.net and custom CDN
# cdn.thrillwiki.com format: {base_url}/images/{image-id}/{variant-id}
# imagedelivery.net format: {base_url}/{hash}/{image-id}/{variant-id}
CLOUDFLARE_IMAGE_BASE_URL = env('CLOUDFLARE_IMAGE_BASE_URL', default='https://cdn.thrillwiki.com')
# Novu
NOVU_API_KEY = env('NOVU_API_KEY', default='')
NOVU_API_URL = env('NOVU_API_URL', default='https://api.novu.co')
# Sentry
SENTRY_DSN = env('SENTRY_DSN', default='')
if SENTRY_DSN:
import sentry_sdk
from sentry_sdk.integrations.django import DjangoIntegration
from sentry_sdk.integrations.celery import CeleryIntegration
sentry_sdk.init(
dsn=SENTRY_DSN,
integrations=[
DjangoIntegration(),
CeleryIntegration(),
],
traces_sample_rate=0.1,
send_default_pii=False,
)
# Logging Configuration
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'formatters': {
'verbose': {
'format': '{levelname} {asctime} {module} {process:d} {thread:d} {message}',
'style': '{',
},
'simple': {
'format': '{levelname} {message}',
'style': '{',
},
},
'handlers': {
'console': {
'class': 'logging.StreamHandler',
'formatter': 'verbose',
},
'file': {
'class': 'logging.FileHandler',
'filename': BASE_DIR / 'logs' / 'django.log',
'formatter': 'verbose',
},
},
'root': {
'handlers': ['console'],
'level': 'INFO',
},
'loggers': {
'django': {
'handlers': ['console'],
'level': 'INFO',
'propagate': False,
},
'apps': {
'handlers': ['console', 'file'],
'level': 'INFO',
'propagate': False,
},
},
}
# Rate Limiting
RATELIMIT_ENABLE = True
RATELIMIT_USE_CACHE = 'default'
# Django Defender
DEFENDER_LOGIN_FAILURE_LIMIT = 5
DEFENDER_COOLOFF_TIME = 300 # 5 minutes
DEFENDER_LOCKOUT_TEMPLATE = 'defender/lockout.html'
# Django Unfold Configuration
UNFOLD = {
"SITE_TITLE": "ThrillWiki Admin",
"SITE_HEADER": "ThrillWiki Administration",
"SITE_URL": "/",
"SITE_ICON": {
"light": lambda request: "/static/logo-light.svg",
"dark": lambda request: "/static/logo-dark.svg",
},
"SITE_SYMBOL": "🎢",
"SHOW_HISTORY": True,
"SHOW_VIEW_ON_SITE": True,
"ENVIRONMENT": "django.conf.settings.DEBUG",
"DASHBOARD_CALLBACK": "apps.entities.admin.dashboard_callback",
"COLORS": {
"primary": {
"50": "220 252 231",
"100": "187 247 208",
"200": "134 239 172",
"300": "74 222 128",
"400": "34 197 94",
"500": "22 163 74",
"600": "21 128 61",
"700": "22 101 52",
"800": "22 78 43",
"900": "20 83 45",
"950": "5 46 22",
},
},
"EXTENSIONS": {
"modeltranslation": {
"flags": {
"en": "🇬🇧",
"fr": "🇫🇷",
"nl": "🇧🇪",
},
},
},
"SIDEBAR": {
"show_search": True,
"show_all_applications": False,
"navigation": [
{
"title": "Dashboard",
"icon": "dashboard",
"link": lambda request: "/admin/",
},
{
"title": "Entities",
"icon": "category",
"items": [
{
"title": "Parks",
"icon": "park",
"link": lambda request: "/admin/entities/park/",
},
{
"title": "Rides",
"icon": "roller_skating",
"link": lambda request: "/admin/entities/ride/",
},
{
"title": "Companies",
"icon": "business",
"link": lambda request: "/admin/entities/company/",
},
{
"title": "Ride Models",
"icon": "construction",
"link": lambda request: "/admin/entities/ridemodel/",
},
],
},
{
"title": "User Management",
"icon": "people",
"items": [
{
"title": "Users",
"icon": "person",
"link": lambda request: "/admin/users/user/",
},
{
"title": "Groups",
"icon": "group",
"link": lambda request: "/admin/auth/group/",
},
],
},
{
"title": "Content",
"icon": "folder",
"items": [
{
"title": "Media",
"icon": "image",
"link": lambda request: "/admin/media/",
},
{
"title": "Moderation",
"icon": "verified_user",
"link": lambda request: "/admin/moderation/",
},
],
},
],
},
}

63
django-backend/config/settings/local.py Normal file
View File

@@ -0,0 +1,63 @@
"""
Django development settings for ThrillWiki project.
These settings are used during local development.
"""
from .base import *
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = env.bool('DEBUG', default=True)
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS', default=['localhost', '127.0.0.1'])
# Development-specific apps
# INSTALLED_APPS += [
# 'silk', # Profiling (optional, install django-silk if needed)
# ]
# MIDDLEWARE += [
# 'silk.middleware.SilkyMiddleware',
# ]
# Database - Use regular SQLite for local development
# PostGIS fields will work but without spatial query capabilities
# Full GIS features available in production with PostGIS
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': BASE_DIR / 'db.sqlite3',
}
}
# Note: For full GIS capabilities in local dev, you would need:
# - SQLite compiled with extension support (pysqlite)
# - SpatiaLite extension installed
# For now, using regular SQLite is simpler for development
# GDAL library paths - Required even with regular SQLite when using GIS models
# For Homebrew on macOS (Apple Silicon)
GDAL_LIBRARY_PATH = env('GDAL_LIBRARY_PATH', default='/opt/homebrew/opt/gdal/lib/libgdal.dylib')
GEOS_LIBRARY_PATH = env('GEOS_LIBRARY_PATH', default='/opt/homebrew/opt/geos/lib/libgeos_c.dylib')
# Disable caching in development
CACHEOPS_ENABLED = False
# Email backend for development (console)
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
# Django Debug Toolbar (optional, install if needed)
# INSTALLED_APPS += ['debug_toolbar']
# MIDDLEWARE += ['debug_toolbar.middleware.DebugToolbarMiddleware']
# INTERNAL_IPS = ['127.0.0.1']
# Celery - Use eager mode in development
CELERY_TASK_ALWAYS_EAGER = env.bool('CELERY_TASK_ALWAYS_EAGER', default=True)
CELERY_TASK_EAGER_PROPAGATES = True
# CORS - Allow all origins in development
CORS_ALLOW_ALL_ORIGINS = True
# Logging - More verbose in development
LOGGING['root']['level'] = 'DEBUG'
LOGGING['loggers']['django']['level'] = 'DEBUG'
LOGGING['loggers']['apps']['level'] = 'DEBUG'

80
django-backend/config/settings/production.py Normal file
View File

@@ -0,0 +1,80 @@
"""
Django production settings for ThrillWiki project.
These settings are used in production environments.
"""
from .base import *
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')
# Security Settings
SECURE_SSL_REDIRECT = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_HSTS_SECONDS = 31536000 # 1 year
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_CONTENT_TYPE_NOSNIFF = True
SECURE_BROWSER_XSS_FILTER = True
X_FRAME_OPTIONS = 'DENY'
# Static files (WhiteNoise)
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
MIDDLEWARE.insert(1, 'whitenoise.middleware.WhiteNoiseMiddleware')
# Email Configuration (configure for production email backend)
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = env('EMAIL_HOST', default='smtp.gmail.com')
EMAIL_PORT = env.int('EMAIL_PORT', default=587)
EMAIL_USE_TLS = env.bool('EMAIL_USE_TLS', default=True)
EMAIL_HOST_USER = env('EMAIL_HOST_USER', default='')
EMAIL_HOST_PASSWORD = env('EMAIL_HOST_PASSWORD', default='')
DEFAULT_FROM_EMAIL = env('DEFAULT_FROM_EMAIL', default='noreply@thrillwiki.com')
# Database - Use PostGIS backend for production
DATABASES = {
'default': {
'ENGINE': 'django.contrib.gis.db.backends.postgis',
'NAME': env('DB_NAME'),
'USER': env('DB_USER'),
'PASSWORD': env('DB_PASSWORD'),
'HOST': env('DB_HOST'),
'PORT': env('DB_PORT', default='5432'),
'CONN_MAX_AGE': env.int('CONN_MAX_AGE', default=600),
'OPTIONS': {
'sslmode': env('DB_SSLMODE', default='require'),
},
}
}
# Verify required database credentials
if not all([env('DB_NAME', default=None), env('DB_USER', default=None), env('DB_PASSWORD', default=None)]):
raise ImproperlyConfigured('DB_NAME, DB_USER, and DB_PASSWORD environment variables are required in production')
# Redis - Require REDIS_URL in production
if not env('REDIS_URL', default=None):
raise ImproperlyConfigured('REDIS_URL environment variable is required in production')
# Celery - Run tasks asynchronously in production
CELERY_TASK_ALWAYS_EAGER = False
# Logging - Send errors to file and Sentry
LOGGING['handlers']['file']['filename'] = '/var/log/thrillwiki/django.log'
LOGGING['root']['level'] = 'WARNING'
LOGGING['loggers']['django']['level'] = 'WARNING'
LOGGING['loggers']['apps']['level'] = 'INFO'
# Admin URL (obfuscate in production)
ADMIN_URL = env('ADMIN_URL', default='admin/')
# Performance
CACHEOPS_ENABLED = True
# CORS - Strict in production
CORS_ALLOW_ALL_ORIGINS = False
if not CORS_ALLOWED_ORIGINS:
raise ImproperlyConfigured('CORS_ALLOWED_ORIGINS must be set in production')