""" Base Django settings for thrillwiki project. Common settings shared across all environments. """ import environ # type: ignore[import] from pathlib import Path # Initialize environment variables env = environ.Env( DEBUG=(bool, False), SECRET_KEY=(str, ""), ALLOWED_HOSTS=(list, []), DATABASE_URL=(str, ""), CACHE_URL=(str, "locmem://"), EMAIL_URL=(str, ""), REDIS_URL=(str, ""), ) # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent.parent # Read environment file if it exists environ.Env.read_env(BASE_DIR / ".env") # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = env("SECRET_KEY") # SECURITY WARNING: don't run with debug turned on in production! DEBUG = env("DEBUG") # Allowed hosts ALLOWED_HOSTS = env("ALLOWED_HOSTS") # CSRF trusted origins CSRF_TRUSTED_ORIGINS = env("CSRF_TRUSTED_ORIGINS", default=[]) # type: ignore[arg-type] # Application definition DJANGO_APPS = [ "django.contrib.admin", "django.contrib.auth", "django.contrib.contenttypes", "django.contrib.sessions", "django.contrib.messages", "django.contrib.staticfiles", "django.contrib.sites", "django.contrib.gis", # GeoDjango ] THIRD_PARTY_APPS = [ "rest_framework", # Django REST Framework "drf_spectacular", # OpenAPI 3.0 documentation "corsheaders", # CORS headers for API "pghistory", # django-pghistory "pgtrigger", # Required by django-pghistory "allauth", "allauth.account", "allauth.socialaccount", "allauth.socialaccount.providers.google", "allauth.socialaccount.providers.discord", "django_cleanup", "django_filters", "django_htmx", "whitenoise", "django_tailwind_cli", "autocomplete", # Django HTMX Autocomplete "health_check", # Health checks "health_check.db", "health_check.cache", "health_check.storage", "health_check.contrib.migrations", "health_check.contrib.redis", ] LOCAL_APPS = [ "core", "accounts", "parks", "rides", "email_service", "media.apps.MediaConfig", "moderation", "location", ] INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS MIDDLEWARE = [ "django.middleware.cache.UpdateCacheMiddleware", "corsheaders.middleware.CorsMiddleware", # CORS middleware for API "django.middleware.security.SecurityMiddleware", "whitenoise.middleware.WhiteNoiseMiddleware", "django.contrib.sessions.middleware.SessionMiddleware", "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", "core.middleware.PgHistoryContextMiddleware", # Add history context tracking "allauth.account.middleware.AccountMiddleware", "django.middleware.cache.FetchFromCacheMiddleware", "django_htmx.middleware.HtmxMiddleware", "core.middleware.PageViewMiddleware", # Add our page view tracking ] ROOT_URLCONF = "thrillwiki.urls" TEMPLATES = [ { "BACKEND": "django.template.backends.django.DjangoTemplates", "DIRS": [BASE_DIR / "templates"], "APP_DIRS": True, "OPTIONS": { "context_processors": [ "django.template.context_processors.debug", "django.template.context_processors.request", "django.contrib.auth.context_processors.auth", "django.contrib.messages.context_processors.messages", "moderation.context_processors.moderation_access", ] }, } ] WSGI_APPLICATION = "thrillwiki.wsgi.application" # Password validation AUTH_PASSWORD_VALIDATORS = [ { "NAME": ( "django.contrib.auth.password_validation.UserAttributeSimilarityValidator" ), }, { "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator", }, { "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator", }, { "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator", }, ] # Internationalization LANGUAGE_CODE = "en-us" TIME_ZONE = "America/New_York" USE_I18N = True USE_TZ = True # Static files (CSS, JavaScript, Images) STATIC_URL = "static/" STATICFILES_DIRS = [BASE_DIR / "static"] STATIC_ROOT = BASE_DIR / "staticfiles" # Media files MEDIA_URL = "/media/" MEDIA_ROOT = BASE_DIR / "media" # Default primary key field type DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField" # Authentication settings AUTHENTICATION_BACKENDS = [ "django.contrib.auth.backends.ModelBackend", "allauth.account.auth_backends.AuthenticationBackend", ] # django-allauth settings SITE_ID = 1 ACCOUNT_SIGNUP_FIELDS = ["email*", "username*", "password1*", "password2*"] ACCOUNT_LOGIN_METHODS = {"email", "username"} ACCOUNT_EMAIL_VERIFICATION = "optional" LOGIN_REDIRECT_URL = "/" ACCOUNT_LOGOUT_REDIRECT_URL = "/" # Custom adapters ACCOUNT_ADAPTER = "accounts.adapters.CustomAccountAdapter" SOCIALACCOUNT_ADAPTER = "accounts.adapters.CustomSocialAccountAdapter" # Social account settings SOCIALACCOUNT_PROVIDERS = { "google": { "SCOPE": [ "profile", "email", ], "AUTH_PARAMS": {"access_type": "online"}, }, "discord": { "SCOPE": ["identify", "email"], "OAUTH_PKCE_ENABLED": True, }, } # Additional social account settings SOCIALACCOUNT_LOGIN_ON_GET = True SOCIALACCOUNT_AUTO_SIGNUP = False SOCIALACCOUNT_STORE_TOKENS = True # Custom User Model AUTH_USER_MODEL = "accounts.User" # Autocomplete configuration AUTOCOMPLETE_BLOCK_UNAUTHENTICATED = False # Tailwind configuration TAILWIND_CLI_CONFIG_FILE = BASE_DIR / "tailwind.config.js" TAILWIND_CLI_SRC_CSS = BASE_DIR / "static/css/src/input.css" TAILWIND_CLI_DIST_CSS = BASE_DIR / "static/css/tailwind.css" # Test runner TEST_RUNNER = "django.test.runner.DiscoverRunner" # Road Trip Service Settings ROADTRIP_CACHE_TIMEOUT = 3600 * 24 # 24 hours for geocoding ROADTRIP_ROUTE_CACHE_TIMEOUT = 3600 * 6 # 6 hours for routes ROADTRIP_MAX_REQUESTS_PER_SECOND = 1 # Respect OSM rate limits ROADTRIP_USER_AGENT = "ThrillWiki Road Trip Planner (https://thrillwiki.com)" ROADTRIP_REQUEST_TIMEOUT = 10 # seconds ROADTRIP_MAX_RETRIES = 3 ROADTRIP_BACKOFF_FACTOR = 2 # Django REST Framework Settings REST_FRAMEWORK = { "DEFAULT_AUTHENTICATION_CLASSES": [ "rest_framework.authentication.SessionAuthentication", "rest_framework.authentication.TokenAuthentication", ], "DEFAULT_PERMISSION_CLASSES": [ "rest_framework.permissions.IsAuthenticated", ], "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination", "PAGE_SIZE": 20, "DEFAULT_VERSIONING_CLASS": "rest_framework.versioning.AcceptHeaderVersioning", "DEFAULT_VERSION": "v1", "ALLOWED_VERSIONS": ["v1"], "DEFAULT_RENDERER_CLASSES": [ "rest_framework.renderers.JSONRenderer", "rest_framework.renderers.BrowsableAPIRenderer", ], "DEFAULT_PARSER_CLASSES": [ "rest_framework.parsers.JSONParser", "rest_framework.parsers.FormParser", "rest_framework.parsers.MultiPartParser", ], "EXCEPTION_HANDLER": "core.api.exceptions.custom_exception_handler", "DEFAULT_FILTER_BACKENDS": [ "django_filters.rest_framework.DjangoFilterBackend", "rest_framework.filters.SearchFilter", "rest_framework.filters.OrderingFilter", ], "TEST_REQUEST_DEFAULT_FORMAT": "json", "NON_FIELD_ERRORS_KEY": "non_field_errors", "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema", } # CORS Settings for API CORS_ALLOWED_ORIGINS = env("CORS_ALLOWED_ORIGINS", default=[]) # type: ignore[arg-type] CORS_ALLOW_CREDENTIALS = True CORS_ALLOW_ALL_ORIGINS = env( "CORS_ALLOW_ALL_ORIGINS", default=False ) # type: ignore[arg-type] # API-specific settings API_RATE_LIMIT_PER_MINUTE = env.int( "API_RATE_LIMIT_PER_MINUTE", default=60 ) # type: ignore[arg-type] API_RATE_LIMIT_PER_HOUR = env.int( "API_RATE_LIMIT_PER_HOUR", default=1000 ) # type: ignore[arg-type] # drf-spectacular settings SPECTACULAR_SETTINGS = { "TITLE": "ThrillWiki API", "DESCRIPTION": "Comprehensive theme park and ride information API", "VERSION": "1.0.0", "SERVE_INCLUDE_SCHEMA": False, "COMPONENT_SPLIT_REQUEST": True, "TAGS": [ {"name": "parks", "description": "Theme park operations"}, {"name": "rides", "description": "Ride information and management"}, {"name": "locations", "description": "Geographic location services"}, {"name": "accounts", "description": "User account management"}, {"name": "media", "description": "Media and image management"}, {"name": "moderation", "description": "Content moderation"}, ], "SCHEMA_PATH_PREFIX": "/api/", "DEFAULT_GENERATOR_CLASS": "drf_spectacular.generators.SchemaGenerator", "SERVE_PERMISSIONS": ["rest_framework.permissions.AllowAny"], "SWAGGER_UI_SETTINGS": { "deepLinking": True, "persistAuthorization": True, "displayOperationId": False, "displayRequestDuration": True, }, "REDOC_UI_SETTINGS": { "hideDownloadButton": False, "hideHostname": False, "hideLoading": False, "hideSchemaPattern": True, "scrollYOffset": 0, "theme": {"colors": {"primary": {"main": "#1976d2"}}}, }, } # Health Check Configuration HEALTH_CHECK = { "DISK_USAGE_MAX": 90, # Fail if disk usage is over 90% "MEMORY_MIN": 100, # Fail if less than 100MB available memory } # Custom health check backends HEALTH_CHECK_BACKENDS = [ "health_check.db", "health_check.cache", "health_check.storage", "core.health_checks.custom_checks.CacheHealthCheck", "core.health_checks.custom_checks.DatabasePerformanceCheck", "core.health_checks.custom_checks.ApplicationHealthCheck", "core.health_checks.custom_checks.ExternalServiceHealthCheck", "core.health_checks.custom_checks.DiskSpaceHealthCheck", ] # Enhanced Cache Configuration DJANGO_REDIS_CACHE_BACKEND = "django_redis.cache.RedisCache" DJANGO_REDIS_CLIENT_CLASS = "django_redis.client.DefaultClient" CACHES = { "default": { "BACKEND": DJANGO_REDIS_CACHE_BACKEND, # type: ignore[arg-type] # pyright: ignore[reportArgumentType] # pyright: ignore[reportArgumentType] # type: ignore "LOCATION": env("REDIS_URL", default="redis://127.0.0.1:6379/1"), "OPTIONS": { "CLIENT_CLASS": DJANGO_REDIS_CLIENT_CLASS, "PARSER_CLASS": "redis.connection.HiredisParser", "CONNECTION_POOL_CLASS": "redis.BlockingConnectionPool", "CONNECTION_POOL_CLASS_KWARGS": { "max_connections": 50, "timeout": 20, }, "COMPRESSOR": "django_redis.compressors.zlib.ZlibCompressor", "IGNORE_EXCEPTIONS": True, }, "KEY_PREFIX": "thrillwiki", "VERSION": 1, }, "sessions": { "BACKEND": DJANGO_REDIS_CACHE_BACKEND, # type: ignore[arg-type] # type: ignore "LOCATION": env("REDIS_URL", default="redis://127.0.0.1:6379/2"), "OPTIONS": { "CLIENT_CLASS": DJANGO_REDIS_CLIENT_CLASS, }, }, "api": { "BACKEND": DJANGO_REDIS_CACHE_BACKEND, # type: ignore[arg-type] "LOCATION": env("REDIS_URL", default="redis://127.0.0.1:6379/3"), "OPTIONS": { "CLIENT_CLASS": DJANGO_REDIS_CLIENT_CLASS, }, }, } # Use Redis for sessions SESSION_ENGINE = "django.contrib.sessions.backends.cache" SESSION_CACHE_ALIAS = "sessions" SESSION_COOKIE_AGE = 86400 # 24 hours # Cache middleware settings CACHE_MIDDLEWARE_SECONDS = 300 # 5 minutes CACHE_MIDDLEWARE_KEY_PREFIX = "thrillwiki"