174 lines
5.3 KiB
Python
174 lines
5.3 KiB
Python
import os
|
||
from pathlib import Path
|
||
from dotenv import load_dotenv
|
||
from datetime import timedelta
|
||
|
||
BASE_DIR = Path(__file__).resolve().parent.parent
|
||
load_dotenv(dotenv_path=BASE_DIR / './.env')
|
||
|
||
SECRET_KEY = os.environ.get("SECRET_KEY")
|
||
DEBUG = os.environ.get("DEBUG_MODE")
|
||
|
||
BASE_URL = os.environ.get("BASE_URL", "http://127.0.0.1:8000")
|
||
MEDIA_URL = '/media/'
|
||
MEDIA_ROOT = os.environ.get("MEDIA_ROOT", os.path.join(BASE_DIR.parent, 'media'))
|
||
STATIC_ROOT = os.environ.get("STATIC_ROOT")
|
||
|
||
ALLOWED_HOSTS = os.environ.get("ALLOWED_HOSTS", "").split(",")
|
||
CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_TRUSTED_ORIGINS", "").split(",")
|
||
|
||
CORS_ALLOW_CREDENTIALS = True # для разрешения cookie
|
||
CORS_ALLOW_ALL_ORIGINS = False # запрет всех доменов, кроме whitelist
|
||
CORS_ALLOWED_ORIGINS = os.environ.get("CORS_ALLOWED_ORIGINS", "").split(",")
|
||
|
||
CORS_ALLOW_METHODS = [
|
||
"GET",
|
||
"POST",
|
||
"HEAD",
|
||
"PUT",
|
||
"DELETE",
|
||
"OPTIONS",
|
||
"PATCH"
|
||
]
|
||
|
||
CORS_ALLOW_HEADERS = [
|
||
'x-api-key',
|
||
'content-type',
|
||
'authorization',
|
||
'accept',
|
||
'cookie'
|
||
]
|
||
|
||
REST_FRAMEWORK = {
|
||
'DEFAULT_AUTHENTICATION_CLASSES': [
|
||
'rest_framework_simplejwt.authentication.JWTAuthentication',
|
||
'rest_framework.authentication.SessionAuthentication',
|
||
],
|
||
'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
|
||
}
|
||
|
||
|
||
SIMPLE_JWT = {
|
||
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=15),
|
||
'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
|
||
'ROTATE_REFRESH_TOKENS': True,
|
||
'BLACKLIST_AFTER_ROTATION': True,
|
||
'UPDATE_LAST_LOGIN': True,
|
||
'ALGORITHM': 'HS256',
|
||
'SIGNING_KEY': SECRET_KEY,
|
||
'VERIFYING_KEY': None,
|
||
'AUTH_HEADER_TYPES': ('Bearer',),
|
||
'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
|
||
}
|
||
|
||
INSTALLED_APPS = [
|
||
'django.contrib.admin',
|
||
'django.contrib.auth',
|
||
'django.contrib.contenttypes',
|
||
'django.contrib.sessions',
|
||
'django.contrib.messages',
|
||
'django.contrib.staticfiles',
|
||
'corsheaders',
|
||
'api.apps.ApiConfig',
|
||
'sitemanagement.apps.SitemanagementConfig',
|
||
'rest_framework',
|
||
'drf_spectacular',
|
||
]
|
||
|
||
#!OpenAPI
|
||
SPECTACULAR_SETTINGS = {
|
||
'TITLE': 'AERBIM API',
|
||
'DESCRIPTION': 'AERBIM - документация по API',
|
||
'VERSION': '1.0.0',
|
||
'SERVE_INCLUDE_SCHEMA': False,
|
||
'SCHEMA_PATH_PREFIX': '/api/v[0-9]',
|
||
'COMPONENT_SPLIT_REQUEST': False, # не создавать автоматически *Request схемы
|
||
|
||
'COMPONENT_NO_READ_ONLY_REQUIRED': True, # не требовать read_only поля
|
||
'COMPONENT_SPLIT_PATCHES': False, # не создавать отдельные схемы для PATCH
|
||
|
||
# настройки безопасности
|
||
'SECURITY': [{'Bearer': []}],
|
||
'SWAGGER_UI_SETTINGS': {
|
||
'persistAuthorization': True,
|
||
},
|
||
|
||
# сортировка тегов и операций
|
||
'TAGS': [
|
||
{'name': 'Логаут', 'description': 'Метод для работы с логаутом'},
|
||
{'name': 'Логин', 'description': 'Методы для работы с логином'},
|
||
{'name': 'Профиль', 'description': 'Методы для получения данных профиля пользователя'},
|
||
{'name': 'Объекты', 'description': 'Метод для получения данных об объектах'},
|
||
{'name': 'Датчики', 'description': 'Методы для работы с датчиками'},
|
||
{'name': 'Алерты', 'description': 'Методы для работы с алертами'},
|
||
],
|
||
}
|
||
|
||
MIDDLEWARE = [
|
||
'corsheaders.middleware.CorsMiddleware',
|
||
'django.middleware.security.SecurityMiddleware',
|
||
'django.contrib.sessions.middleware.SessionMiddleware',
|
||
'django.middleware.common.CommonMiddleware',
|
||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||
'django.contrib.messages.middleware.MessageMiddleware',
|
||
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
||
]
|
||
|
||
ROOT_URLCONF = 'base.urls'
|
||
|
||
TEMPLATES = [
|
||
{
|
||
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
||
'DIRS': [],
|
||
'APP_DIRS': True,
|
||
'OPTIONS': {
|
||
'context_processors': [
|
||
'django.template.context_processors.request',
|
||
'django.contrib.auth.context_processors.auth',
|
||
'django.contrib.messages.context_processors.messages',
|
||
],
|
||
},
|
||
},
|
||
]
|
||
|
||
WSGI_APPLICATION = 'base.wsgi.application'
|
||
|
||
|
||
DATABASES = {
|
||
"default": {
|
||
"ENGINE": "django.db.backends.postgresql",
|
||
"NAME": os.environ.get("DB_NAME"),
|
||
"USER": os.environ.get("DB_USER"),
|
||
"PASSWORD": os.environ.get("DB_PASSWORD"),
|
||
"HOST": os.environ.get("DB_HOST"),
|
||
"PORT": os.environ.get("DB_PORT"),
|
||
}
|
||
}
|
||
|
||
|
||
AUTH_PASSWORD_VALIDATORS = [
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
|
||
},
|
||
{
|
||
'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
|
||
},
|
||
]
|
||
|
||
LANGUAGE_CODE = 'ru-ru'
|
||
TIME_ZONE = 'Europe/Minsk'
|
||
USE_TZ = True
|
||
USE_I18N = True
|
||
USE_L10N = True
|
||
|
||
|
||
STATIC_URL = 'static/'
|
||
|
||
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|