import os from pathlib import Path from dotenv import load_dotenv from datetime import timedelta BASE_DIR = Path(__file__).resolve().parent.parent load_dotenv(dotenv_path=BASE_DIR / './.env') SECRET_KEY = os.environ.get("SECRET_KEY") DEBUG = os.environ.get("DEBUG_MODE") BASE_URL = os.environ.get("BASE_URL", "http://127.0.0.1:8000") MEDIA_URL = '/media/' MEDIA_ROOT = os.environ.get("MEDIA_ROOT", os.path.join(BASE_DIR.parent, 'media')) STATIC_ROOT = os.environ.get("STATIC_ROOT") ALLOWED_HOSTS = os.environ.get("ALLOWED_HOSTS", "").split(",") CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_TRUSTED_ORIGINS", "").split(",") CORS_ALLOW_CREDENTIALS = True # для разрешения cookie CORS_ALLOW_ALL_ORIGINS = False # запрет всех доменов, кроме whitelist CORS_ALLOWED_ORIGINS = os.environ.get("CORS_ALLOWED_ORIGINS", "").split(",") CORS_ALLOW_METHODS = [ "GET", "POST", "HEAD", "PUT", "DELETE", "OPTIONS", "PATCH" ] CORS_ALLOW_HEADERS = [ 'x-api-key', 'content-type', 'authorization', 'accept', 'cookie' ] REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': [ 'rest_framework_simplejwt.authentication.JWTAuthentication', 'rest_framework.authentication.SessionAuthentication', ], 'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema', } SIMPLE_JWT = { 'ACCESS_TOKEN_LIFETIME': timedelta(minutes=15), 'REFRESH_TOKEN_LIFETIME': timedelta(days=7), 'ROTATE_REFRESH_TOKENS': True, 'BLACKLIST_AFTER_ROTATION': True, 'UPDATE_LAST_LOGIN': True, 'ALGORITHM': 'HS256', 'SIGNING_KEY': SECRET_KEY, 'VERIFYING_KEY': None, 'AUTH_HEADER_TYPES': ('Bearer',), 'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',), } INSTALLED_APPS = [ 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'corsheaders', 'api.apps.ApiConfig', 'sitemanagement.apps.SitemanagementConfig', 'rest_framework', 'drf_spectacular', ] #!OpenAPI SPECTACULAR_SETTINGS = { 'TITLE': 'AERBIM API', 'DESCRIPTION': 'AERBIM - документация по API', 'VERSION': '1.0.0', 'SERVE_INCLUDE_SCHEMA': False, 'SCHEMA_PATH_PREFIX': '/api/v[0-9]', 'COMPONENT_SPLIT_REQUEST': False, # не создавать автоматически *Request схемы 'COMPONENT_NO_READ_ONLY_REQUIRED': True, # не требовать read_only поля 'COMPONENT_SPLIT_PATCHES': False, # не создавать отдельные схемы для PATCH # настройки безопасности 'SECURITY': [{'Bearer': []}], 'SWAGGER_UI_SETTINGS': { 'persistAuthorization': True, }, # сортировка тегов и операций 'TAGS': [ {'name': 'Логаут', 'description': 'Метод для работы с логаутом'}, {'name': 'Логин', 'description': 'Методы для работы с логином'}, {'name': 'Профиль', 'description': 'Методы для получения данных профиля пользователя'}, ], } MIDDLEWARE = [ 'corsheaders.middleware.CorsMiddleware', 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] ROOT_URLCONF = 'base.urls' TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', ], }, }, ] WSGI_APPLICATION = 'base.wsgi.application' DATABASES = { "default": { "ENGINE": "django.db.backends.postgresql", "NAME": os.environ.get("DB_NAME"), "USER": os.environ.get("DB_USER"), "PASSWORD": os.environ.get("DB_PASSWORD"), "HOST": os.environ.get("DB_HOST"), "PORT": os.environ.get("DB_PORT"), } } AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', }, { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', }, ] LANGUAGE_CODE = 'ru-ru' TIME_ZONE = 'Europe/Minsk' USE_TZ = True USE_I18N = True USE_L10N = True STATIC_URL = 'static/' DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'