thrillwiki_django_no_react/config/django/base.py

"""
Base Django settings for thrillwiki project.
Common settings shared across all environments.
"""

import environ  # type: ignore[import]
from pathlib import Path

# Initialize environment variables
env = environ.Env(
    DEBUG=(bool, False),
    SECRET_KEY=(str, ""),
    ALLOWED_HOSTS=(list, []),
    DATABASE_URL=(str, ""),
    CACHE_URL=(str, "locmem://"),
    EMAIL_URL=(str, ""),
    REDIS_URL=(str, ""),
)

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent.parent

# Read environment file if it exists
environ.Env.read_env(BASE_DIR / ".env")

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = env("SECRET_KEY")

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = env("DEBUG")

# Allowed hosts
ALLOWED_HOSTS = env("ALLOWED_HOSTS")

# CSRF trusted origins
CSRF_TRUSTED_ORIGINS = env("CSRF_TRUSTED_ORIGINS", default=[])  # type: ignore[arg-type]

# Application definition
DJANGO_APPS = [
    "django.contrib.admin",
    "django.contrib.auth",
    "django.contrib.contenttypes",
    "django.contrib.sessions",
    "django.contrib.messages",
    "django.contrib.staticfiles",
    "django.contrib.sites",
    "django.contrib.gis",  # GeoDjango
]

THIRD_PARTY_APPS = [
    "rest_framework",  # Django REST Framework
    "drf_spectacular",  # OpenAPI 3.0 documentation
    "corsheaders",  # CORS headers for API
    "pghistory",  # django-pghistory
    "pgtrigger",  # Required by django-pghistory
    "allauth",
    "allauth.account",
    "allauth.socialaccount",
    "allauth.socialaccount.providers.google",
    "allauth.socialaccount.providers.discord",
    "django_cleanup",
    "django_filters",
    "django_htmx",
    "whitenoise",
    "django_tailwind_cli",
    "autocomplete",  # Django HTMX Autocomplete
    "health_check",  # Health checks
    "health_check.db",
    "health_check.cache",
    "health_check.storage",
    "health_check.contrib.migrations",
    "health_check.contrib.redis",
]

LOCAL_APPS = [
    "core",
    "accounts",
    "parks",
    "rides",
    "email_service",
    "media.apps.MediaConfig",
    "moderation",
    "location",
]

INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS

MIDDLEWARE = [
    "django.middleware.cache.UpdateCacheMiddleware",
    "corsheaders.middleware.CorsMiddleware",  # CORS middleware for API
    "django.middleware.security.SecurityMiddleware",
    "whitenoise.middleware.WhiteNoiseMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
    "core.middleware.PgHistoryContextMiddleware",  # Add history context tracking
    "allauth.account.middleware.AccountMiddleware",
    "django.middleware.cache.FetchFromCacheMiddleware",
    "django_htmx.middleware.HtmxMiddleware",
    "core.middleware.PageViewMiddleware",  # Add our page view tracking
]

ROOT_URLCONF = "thrillwiki.urls"

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": [BASE_DIR / "templates"],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.debug",
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
                "moderation.context_processors.moderation_access",
            ]
        },
    }
]

WSGI_APPLICATION = "thrillwiki.wsgi.application"

# Password validation
AUTH_PASSWORD_VALIDATORS = [
    {
        "NAME": (
            "django.contrib.auth.password_validation.UserAttributeSimilarityValidator"
        ),
    },
    {
        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
    },
]

# Internationalization
LANGUAGE_CODE = "en-us"
TIME_ZONE = "America/New_York"
USE_I18N = True
USE_TZ = True

# Static files (CSS, JavaScript, Images)
STATIC_URL = "static/"
STATICFILES_DIRS = [BASE_DIR / "static"]
STATIC_ROOT = BASE_DIR / "staticfiles"

# Media files
MEDIA_URL = "/media/"
MEDIA_ROOT = BASE_DIR / "media"

# Default primary key field type
DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"

# Authentication settings
AUTHENTICATION_BACKENDS = [
    "django.contrib.auth.backends.ModelBackend",
    "allauth.account.auth_backends.AuthenticationBackend",
]

# django-allauth settings
SITE_ID = 1
ACCOUNT_SIGNUP_FIELDS = ["email*", "username*", "password1*", "password2*"]
ACCOUNT_LOGIN_METHODS = {"email", "username"}
ACCOUNT_EMAIL_VERIFICATION = "optional"
LOGIN_REDIRECT_URL = "/"
ACCOUNT_LOGOUT_REDIRECT_URL = "/"

# Custom adapters
ACCOUNT_ADAPTER = "accounts.adapters.CustomAccountAdapter"
SOCIALACCOUNT_ADAPTER = "accounts.adapters.CustomSocialAccountAdapter"

# Social account settings
SOCIALACCOUNT_PROVIDERS = {
    "google": {
        "SCOPE": [
            "profile",
            "email",
        ],
        "AUTH_PARAMS": {"access_type": "online"},
    },
    "discord": {
        "SCOPE": ["identify", "email"],
        "OAUTH_PKCE_ENABLED": True,
    },
}

# Additional social account settings
SOCIALACCOUNT_LOGIN_ON_GET = True
SOCIALACCOUNT_AUTO_SIGNUP = False
SOCIALACCOUNT_STORE_TOKENS = True

# Custom User Model
AUTH_USER_MODEL = "accounts.User"

# Autocomplete configuration
AUTOCOMPLETE_BLOCK_UNAUTHENTICATED = False

# Tailwind configuration
TAILWIND_CLI_CONFIG_FILE = BASE_DIR / "tailwind.config.js"
TAILWIND_CLI_SRC_CSS = BASE_DIR / "static/css/src/input.css"
TAILWIND_CLI_DIST_CSS = BASE_DIR / "static/css/tailwind.css"

# Test runner
TEST_RUNNER = "django.test.runner.DiscoverRunner"

# Road Trip Service Settings
ROADTRIP_CACHE_TIMEOUT = 3600 * 24  # 24 hours for geocoding
ROADTRIP_ROUTE_CACHE_TIMEOUT = 3600 * 6  # 6 hours for routes
ROADTRIP_MAX_REQUESTS_PER_SECOND = 1  # Respect OSM rate limits
ROADTRIP_USER_AGENT = "ThrillWiki Road Trip Planner (https://thrillwiki.com)"
ROADTRIP_REQUEST_TIMEOUT = 10  # seconds
ROADTRIP_MAX_RETRIES = 3
ROADTRIP_BACKOFF_FACTOR = 2

# Django REST Framework Settings
REST_FRAMEWORK = {
    "DEFAULT_AUTHENTICATION_CLASSES": [
        "rest_framework.authentication.SessionAuthentication",
        "rest_framework.authentication.TokenAuthentication",
    ],
    "DEFAULT_PERMISSION_CLASSES": [
        "rest_framework.permissions.IsAuthenticated",
    ],
    "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
    "PAGE_SIZE": 20,
    "DEFAULT_VERSIONING_CLASS": "rest_framework.versioning.AcceptHeaderVersioning",
    "DEFAULT_VERSION": "v1",
    "ALLOWED_VERSIONS": ["v1"],
    "DEFAULT_RENDERER_CLASSES": [
        "rest_framework.renderers.JSONRenderer",
        "rest_framework.renderers.BrowsableAPIRenderer",
    ],
    "DEFAULT_PARSER_CLASSES": [
        "rest_framework.parsers.JSONParser",
        "rest_framework.parsers.FormParser",
        "rest_framework.parsers.MultiPartParser",
    ],
    "EXCEPTION_HANDLER": "core.api.exceptions.custom_exception_handler",
    "DEFAULT_FILTER_BACKENDS": [
        "django_filters.rest_framework.DjangoFilterBackend",
        "rest_framework.filters.SearchFilter",
        "rest_framework.filters.OrderingFilter",
    ],
    "TEST_REQUEST_DEFAULT_FORMAT": "json",
    "NON_FIELD_ERRORS_KEY": "non_field_errors",
    "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
}

# CORS Settings for API
CORS_ALLOWED_ORIGINS = env("CORS_ALLOWED_ORIGINS", default=[])  # type: ignore[arg-type]
CORS_ALLOW_CREDENTIALS = True
CORS_ALLOW_ALL_ORIGINS = env(
    "CORS_ALLOW_ALL_ORIGINS", default=False
)  # type: ignore[arg-type]

# API-specific settings
API_RATE_LIMIT_PER_MINUTE = env.int(
    "API_RATE_LIMIT_PER_MINUTE", default=60
)  # type: ignore[arg-type]
API_RATE_LIMIT_PER_HOUR = env.int(
    "API_RATE_LIMIT_PER_HOUR", default=1000
)  # type: ignore[arg-type]

# drf-spectacular settings
SPECTACULAR_SETTINGS = {
    "TITLE": "ThrillWiki API",
    "DESCRIPTION": "Comprehensive theme park and ride information API",
    "VERSION": "1.0.0",
    "SERVE_INCLUDE_SCHEMA": False,
    "COMPONENT_SPLIT_REQUEST": True,
    "TAGS": [
        {"name": "parks", "description": "Theme park operations"},
        {"name": "rides", "description": "Ride information and management"},
        {"name": "locations", "description": "Geographic location services"},
        {"name": "accounts", "description": "User account management"},
        {"name": "media", "description": "Media and image management"},
        {"name": "moderation", "description": "Content moderation"},
    ],
    "SCHEMA_PATH_PREFIX": "/api/",
    "DEFAULT_GENERATOR_CLASS": "drf_spectacular.generators.SchemaGenerator",
    "SERVE_PERMISSIONS": ["rest_framework.permissions.AllowAny"],
    "SWAGGER_UI_SETTINGS": {
        "deepLinking": True,
        "persistAuthorization": True,
        "displayOperationId": False,
        "displayRequestDuration": True,
    },
    "REDOC_UI_SETTINGS": {
        "hideDownloadButton": False,
        "hideHostname": False,
        "hideLoading": False,
        "hideSchemaPattern": True,
        "scrollYOffset": 0,
        "theme": {"colors": {"primary": {"main": "#1976d2"}}},
    },
}

# Health Check Configuration
HEALTH_CHECK = {
    "DISK_USAGE_MAX": 90,  # Fail if disk usage is over 90%
    "MEMORY_MIN": 100,  # Fail if less than 100MB available memory
}

# Custom health check backends
HEALTH_CHECK_BACKENDS = [
    "health_check.db",
    "health_check.cache",
    "health_check.storage",
    "core.health_checks.custom_checks.CacheHealthCheck",
    "core.health_checks.custom_checks.DatabasePerformanceCheck",
    "core.health_checks.custom_checks.ApplicationHealthCheck",
    "core.health_checks.custom_checks.ExternalServiceHealthCheck",
    "core.health_checks.custom_checks.DiskSpaceHealthCheck",
]

# Enhanced Cache Configuration
DJANGO_REDIS_CACHE_BACKEND = "django_redis.cache.RedisCache"
DJANGO_REDIS_CLIENT_CLASS = "django_redis.client.DefaultClient"

CACHES = {
    "default": {
        "BACKEND": DJANGO_REDIS_CACHE_BACKEND,
        # type: ignore[arg-type]
        # pyright: ignore[reportArgumentType]
        # pyright: ignore[reportArgumentType]
        # type: ignore
        "LOCATION": env("REDIS_URL", default="redis://127.0.0.1:6379/1"),
        "OPTIONS": {
            "CLIENT_CLASS": DJANGO_REDIS_CLIENT_CLASS,
            "PARSER_CLASS": "redis.connection.HiredisParser",
            "CONNECTION_POOL_CLASS": "redis.BlockingConnectionPool",
            "CONNECTION_POOL_CLASS_KWARGS": {
                "max_connections": 50,
                "timeout": 20,
            },
            "COMPRESSOR": "django_redis.compressors.zlib.ZlibCompressor",
            "IGNORE_EXCEPTIONS": True,
        },
        "KEY_PREFIX": "thrillwiki",
        "VERSION": 1,
    },
    "sessions": {
        "BACKEND": DJANGO_REDIS_CACHE_BACKEND,
        # type: ignore[arg-type]
        # type: ignore
        "LOCATION": env("REDIS_URL", default="redis://127.0.0.1:6379/2"),
        "OPTIONS": {
            "CLIENT_CLASS": DJANGO_REDIS_CLIENT_CLASS,
        },
    },
    "api": {
        "BACKEND": DJANGO_REDIS_CACHE_BACKEND,
        # type: ignore[arg-type]
        "LOCATION": env("REDIS_URL", default="redis://127.0.0.1:6379/3"),
        "OPTIONS": {
            "CLIENT_CLASS": DJANGO_REDIS_CLIENT_CLASS,
        },
    },
}

# Use Redis for sessions
SESSION_ENGINE = "django.contrib.sessions.backends.cache"
SESSION_CACHE_ALIAS = "sessions"
SESSION_COOKIE_AGE = 86400  # 24 hours

# Cache middleware settings
CACHE_MIDDLEWARE_SECONDS = 300  # 5 minutes
CACHE_MIDDLEWARE_KEY_PREFIX = "thrillwiki"