mirror of
https://github.com/pacnpal/thrilltrack-explorer.git
synced 2025-12-20 08:31:12 -05:00
543d7bc9dc
Settings Configuration: - Split settings into base.py, local.py, production.py - Configured all 60+ installed packages - Set up PostgreSQL, Redis, Celery, Channels - Configured caching, sessions, logging - Added security settings for production Core Models (apps/core/models.py): - BaseModel: UUID primary key + timestamps + lifecycle hooks - VersionedModel: Automatic version tracking with DirtyFieldsMixin - Country, Subdivision, Locality: Location reference data - DatePrecisionMixin: Track date precision (year/month/day) - SoftDeleteMixin: Soft-delete functionality - ActiveManager & AllObjectsManager: Query managers User Models (apps/users/models.py): - Custom User model with UUID, email-based auth - OAuth support (Google, Discord) - MFA support fields - Ban/unban functionality - UserRole: Role-based permissions (user/moderator/admin) - UserProfile: Extended user info and preferences App Structure: - Created 7 Django apps with proper configs - Set up migrations for core and users apps - All migrations applied successfully to SQLite Testing: - Django check passes with only 1 warning (static dir) - Database migrations successful - Ready for entity models (Park, Ride, Company) Next: Implement entity models for parks, rides, companies
68 lines
2.3 KiB
Python
68 lines
2.3 KiB
Python
"""
|
|
Django production settings for ThrillWiki project.
|
|
These settings are used in production environments.
|
|
"""
|
|
|
|
from .base import *
|
|
|
|
# SECURITY WARNING: don't run with debug turned on in production!
|
|
DEBUG = False
|
|
|
|
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS')
|
|
|
|
# Security Settings
|
|
SECURE_SSL_REDIRECT = True
|
|
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
|
SESSION_COOKIE_SECURE = True
|
|
CSRF_COOKIE_SECURE = True
|
|
SECURE_HSTS_SECONDS = 31536000 # 1 year
|
|
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
|
SECURE_HSTS_PRELOAD = True
|
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
|
SECURE_BROWSER_XSS_FILTER = True
|
|
X_FRAME_OPTIONS = 'DENY'
|
|
|
|
# Static files (WhiteNoise)
|
|
STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
|
|
MIDDLEWARE.insert(1, 'whitenoise.middleware.WhiteNoiseMiddleware')
|
|
|
|
# Email Configuration (configure for production email backend)
|
|
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
|
|
EMAIL_HOST = env('EMAIL_HOST', default='smtp.gmail.com')
|
|
EMAIL_PORT = env.int('EMAIL_PORT', default=587)
|
|
EMAIL_USE_TLS = env.bool('EMAIL_USE_TLS', default=True)
|
|
EMAIL_HOST_USER = env('EMAIL_HOST_USER', default='')
|
|
EMAIL_HOST_PASSWORD = env('EMAIL_HOST_PASSWORD', default='')
|
|
DEFAULT_FROM_EMAIL = env('DEFAULT_FROM_EMAIL', default='noreply@thrillwiki.com')
|
|
|
|
# Database - Require DATABASE_URL in production
|
|
if not env('DATABASE_URL', default=None):
|
|
raise ImproperlyConfigured('DATABASE_URL environment variable is required in production')
|
|
|
|
# Connection pooling
|
|
DATABASES['default']['CONN_MAX_AGE'] = env.int('CONN_MAX_AGE', default=600)
|
|
|
|
# Redis - Require REDIS_URL in production
|
|
if not env('REDIS_URL', default=None):
|
|
raise ImproperlyConfigured('REDIS_URL environment variable is required in production')
|
|
|
|
# Celery - Run tasks asynchronously in production
|
|
CELERY_TASK_ALWAYS_EAGER = False
|
|
|
|
# Logging - Send errors to file and Sentry
|
|
LOGGING['handlers']['file']['filename'] = '/var/log/thrillwiki/django.log'
|
|
LOGGING['root']['level'] = 'WARNING'
|
|
LOGGING['loggers']['django']['level'] = 'WARNING'
|
|
LOGGING['loggers']['apps']['level'] = 'INFO'
|
|
|
|
# Admin URL (obfuscate in production)
|
|
ADMIN_URL = env('ADMIN_URL', default='admin/')
|
|
|
|
# Performance
|
|
CACHEOPS_ENABLED = True
|
|
|
|
# CORS - Strict in production
|
|
CORS_ALLOW_ALL_ORIGINS = False
|
|
if not CORS_ALLOWED_ORIGINS:
|
|
raise ImproperlyConfigured('CORS_ALLOWED_ORIGINS must be set in production')
|