thrillwiki_django_no_react/config/django/base.py

"""
Base Django settings for thrillwiki project.
Common settings shared across all environments.
"""

import os
import environ
from pathlib import Path

# Initialize environment variables
env = environ.Env(
    DEBUG=(bool, False),
    SECRET_KEY=(str, ''),
    ALLOWED_HOSTS=(list, []),
    DATABASE_URL=(str, ''),
    CACHE_URL=(str, 'locmem://'),
    EMAIL_URL=(str, ''),
    REDIS_URL=(str, ''),
)

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent.parent

# Read environment file if it exists
environ.Env.read_env(BASE_DIR / '.env')

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = env('SECRET_KEY')

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = env('DEBUG')

# Allowed hosts
ALLOWED_HOSTS = env('ALLOWED_HOSTS')

# CSRF trusted origins
CSRF_TRUSTED_ORIGINS = env('CSRF_TRUSTED_ORIGINS', default=[])

# Application definition
DJANGO_APPS = [
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "django.contrib.sites",
    "django.contrib.gis",  # GeoDjango
]

THIRD_PARTY_APPS = [
    "rest_framework",  # Django REST Framework
    "drf_spectacular",  # OpenAPI 3.0 documentation
    "corsheaders",  # CORS headers for API
    "pghistory",  # django-pghistory
    "pgtrigger",  # Required by django-pghistory
    "allauth",
    "allauth.account",
    "allauth.socialaccount",
    "allauth.socialaccount.providers.google",
    "allauth.socialaccount.providers.discord",
    "django_cleanup",
    "django_filters",
    "django_htmx",
    "whitenoise",
    "django_tailwind_cli",
    "autocomplete",  # Django HTMX Autocomplete
    "health_check",  # Health checks
    "health_check.db",
    "health_check.cache",
    "health_check.storage",
    "health_check.contrib.migrations",
    "health_check.contrib.redis",
]

LOCAL_APPS = [
    "core",
    "accounts",
    "parks",
    "rides",
    "email_service",
    "media.apps.MediaConfig",
    "moderation",
    "location",
]

INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS

MIDDLEWARE = [
    "django.middleware.cache.UpdateCacheMiddleware",
    "corsheaders.middleware.CorsMiddleware",  # CORS middleware for API
    "django.middleware.security.SecurityMiddleware",
    "whitenoise.middleware.WhiteNoiseMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "core.middleware.PgHistoryContextMiddleware",  # Add history context tracking
    "allauth.account.middleware.AccountMiddleware",
    "django.middleware.cache.FetchFromCacheMiddleware",
    "django_htmx.middleware.HtmxMiddleware",
    "core.middleware.PageViewMiddleware",  # Add our page view tracking
]

ROOT_URLCONF = "thrillwiki.urls"

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": [BASE_DIR / "templates"],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
                "moderation.context_processors.moderation_access",
            ]
        }
    }
]

WSGI_APPLICATION = "thrillwiki.wsgi.application"

# Password validation
AUTH_PASSWORD_VALIDATORS = [
    {
        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
    },
]

# Internationalization
LANGUAGE_CODE = "en-us"
TIME_ZONE = "America/New_York"
USE_I18N = True
USE_TZ = True

# Static files (CSS, JavaScript, Images)
STATIC_URL = "static/"
STATICFILES_DIRS = [BASE_DIR / "static"]
STATIC_ROOT = BASE_DIR / "staticfiles"

# Media files
MEDIA_URL = "/media/"
MEDIA_ROOT = BASE_DIR / "media"

# Default primary key field type
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"

# Authentication settings
AUTHENTICATION_BACKENDS = [
    "django.contrib.auth.backends.ModelBackend",
    "allauth.account.auth_backends.AuthenticationBackend",
]

# django-allauth settings
SITE_ID = 1
ACCOUNT_SIGNUP_FIELDS = ['email*', 'username*', 'password1*', 'password2*']
ACCOUNT_LOGIN_METHODS = {'email', 'username'}
ACCOUNT_EMAIL_VERIFICATION = "optional"
LOGIN_REDIRECT_URL = "/"
ACCOUNT_LOGOUT_REDIRECT_URL = "/"

# Custom adapters
ACCOUNT_ADAPTER = "accounts.adapters.CustomAccountAdapter"
SOCIALACCOUNT_ADAPTER = "accounts.adapters.CustomSocialAccountAdapter"

# Social account settings
SOCIALACCOUNT_PROVIDERS = {
    "google": {
        "SCOPE": [
            "profile",
            "email",
        ],
        "AUTH_PARAMS": {"access_type": "online"},
    },
    "discord": {
        "SCOPE": ["identify", "email"],
        "OAUTH_PKCE_ENABLED": True,
    }
}

# Additional social account settings
SOCIALACCOUNT_LOGIN_ON_GET = True
SOCIALACCOUNT_AUTO_SIGNUP = False
SOCIALACCOUNT_STORE_TOKENS = True

# Custom User Model
AUTH_USER_MODEL = "accounts.User"

# Autocomplete configuration
AUTOCOMPLETE_BLOCK_UNAUTHENTICATED = False

# Tailwind configuration
TAILWIND_CLI_CONFIG_FILE = BASE_DIR / "tailwind.config.js"
TAILWIND_CLI_SRC_CSS = BASE_DIR / "static/css/src/input.css"
TAILWIND_CLI_DIST_CSS = BASE_DIR / "static/css/tailwind.css"

# Test runner
TEST_RUNNER = "django.test.runner.DiscoverRunner"

# Road Trip Service Settings
ROADTRIP_CACHE_TIMEOUT = 3600 * 24  # 24 hours for geocoding
ROADTRIP_ROUTE_CACHE_TIMEOUT = 3600 * 6  # 6 hours for routes
ROADTRIP_MAX_REQUESTS_PER_SECOND = 1  # Respect OSM rate limits
ROADTRIP_USER_AGENT = "ThrillWiki Road Trip Planner (https://thrillwiki.com)"
ROADTRIP_REQUEST_TIMEOUT = 10  # seconds
ROADTRIP_MAX_RETRIES = 3
ROADTRIP_BACKOFF_FACTOR = 2

# Django REST Framework Settings
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.TokenAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ],
    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    'PAGE_SIZE': 20,
    'DEFAULT_VERSIONING_CLASS': 'rest_framework.versioning.AcceptHeaderVersioning',
    'DEFAULT_VERSION': 'v1',
    'ALLOWED_VERSIONS': ['v1'],
    'DEFAULT_RENDERER_CLASSES': [
        'rest_framework.renderers.JSONRenderer',
        'rest_framework.renderers.BrowsableAPIRenderer',
    ],
    'DEFAULT_PARSER_CLASSES': [
        'rest_framework.parsers.JSONParser',
        'rest_framework.parsers.FormParser',
        'rest_framework.parsers.MultiPartParser',
    ],
    'EXCEPTION_HANDLER': 'core.api.exceptions.custom_exception_handler',
    'DEFAULT_FILTER_BACKENDS': [
        'django_filters.rest_framework.DjangoFilterBackend',
        'rest_framework.filters.SearchFilter',
        'rest_framework.filters.OrderingFilter',
    ],
    'TEST_REQUEST_DEFAULT_FORMAT': 'json',
    'NON_FIELD_ERRORS_KEY': 'non_field_errors',
    'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
}

# CORS Settings for API
CORS_ALLOWED_ORIGINS = env('CORS_ALLOWED_ORIGINS', default=[])
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_ALL_ORIGINS = env('CORS_ALLOW_ALL_ORIGINS', default=False)

# API-specific settings
API_RATE_LIMIT_PER_MINUTE = env.int('API_RATE_LIMIT_PER_MINUTE', default=60)
API_RATE_LIMIT_PER_HOUR = env.int('API_RATE_LIMIT_PER_HOUR', default=1000)

# drf-spectacular settings
SPECTACULAR_SETTINGS = {
    'TITLE': 'ThrillWiki API',
    'DESCRIPTION': 'Comprehensive theme park and ride information API',
    'VERSION': '1.0.0',
    'SERVE_INCLUDE_SCHEMA': False,
    'COMPONENT_SPLIT_REQUEST': True,
    'TAGS': [
        {'name': 'parks', 'description': 'Theme park operations'},
        {'name': 'rides', 'description': 'Ride information and management'},
        {'name': 'locations', 'description': 'Geographic location services'},
        {'name': 'accounts', 'description': 'User account management'},
        {'name': 'media', 'description': 'Media and image management'},
        {'name': 'moderation', 'description': 'Content moderation'},
    ],
    'SCHEMA_PATH_PREFIX': '/api/',
    'DEFAULT_GENERATOR_CLASS': 'drf_spectacular.generators.SchemaGenerator',
    'SERVE_PERMISSIONS': ['rest_framework.permissions.AllowAny'],
    'SWAGGER_UI_SETTINGS': {
        'deepLinking': True,
        'persistAuthorization': True,
        'displayOperationId': False,
        'displayRequestDuration': True,
    },
    'REDOC_UI_SETTINGS': {
        'hideDownloadButton': False,
        'hideHostname': False,
        'hideLoading': False,
        'hideSchemaPattern': True,
        'scrollYOffset': 0,
        'theme': {
            'colors': {
                'primary': {
                    'main': '#1976d2'
                }
            }
        }
    }
}

# Health Check Configuration
HEALTH_CHECK = {
    'DISK_USAGE_MAX': 90,  # Fail if disk usage is over 90%
    'MEMORY_MIN': 100,     # Fail if less than 100MB available memory
}

# Custom health check backends
HEALTH_CHECK_BACKENDS = [
    'health_check.db',
    'health_check.cache',
    'health_check.storage',
    'core.health_checks.custom_checks.CacheHealthCheck',
    'core.health_checks.custom_checks.DatabasePerformanceCheck',
    'core.health_checks.custom_checks.ApplicationHealthCheck',
    'core.health_checks.custom_checks.ExternalServiceHealthCheck',
    'core.health_checks.custom_checks.DiskSpaceHealthCheck',
]

# Enhanced Cache Configuration
DJANGO_REDIS_CACHE_BACKEND = 'django_redis.cache.RedisCache'
DJANGO_REDIS_CLIENT_CLASS = 'django_redis.client.DefaultClient'

CACHES = {
    'default': {
        'BACKEND': DJANGO_REDIS_CACHE_BACKEND,
        'LOCATION': env('REDIS_URL', default='redis://127.0.0.1:6379/1'),
        'OPTIONS': {
            'CLIENT_CLASS': DJANGO_REDIS_CLIENT_CLASS,
            'PARSER_CLASS': 'redis.connection.HiredisParser',
            'CONNECTION_POOL_CLASS': 'redis.BlockingConnectionPool',
            'CONNECTION_POOL_CLASS_KWARGS': {
                'max_connections': 50,
                'timeout': 20,
            },
            'COMPRESSOR': 'django_redis.compressors.zlib.ZlibCompressor',
            'IGNORE_EXCEPTIONS': True,
        },
        'KEY_PREFIX': 'thrillwiki',
        'VERSION': 1,
    },
    'sessions': {
        'BACKEND': DJANGO_REDIS_CACHE_BACKEND,
        'LOCATION': env('REDIS_URL', default='redis://127.0.0.1:6379/2'),
        'OPTIONS': {
            'CLIENT_CLASS': DJANGO_REDIS_CLIENT_CLASS,
        }
    },
    'api': {
        'BACKEND': DJANGO_REDIS_CACHE_BACKEND,
        'LOCATION': env('REDIS_URL', default='redis://127.0.0.1:6379/3'),
        'OPTIONS': {
            'CLIENT_CLASS': DJANGO_REDIS_CLIENT_CLASS,
        }
    }
}

# Use Redis for sessions
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
SESSION_CACHE_ALIAS = 'sessions'
SESSION_COOKIE_AGE = 86400  # 24 hours

# Cache middleware settings
CACHE_MIDDLEWARE_SECONDS = 300  # 5 minutes
CACHE_MIDDLEWARE_KEY_PREFIX = 'thrillwiki'