Coverage for product_risk_suite / product_risk_suite / settings.py: 94%
34 statements
« prev ^ index » next coverage.py v7.14.0, created at 2026-05-13 23:42 +0000
1"""
2Django settings for product_risk_suite project.
4Generated by 'django-admin startproject' using Django 6.0.3.
6For more information on this file, see
7https://docs.djangoproject.com/en/6.0/topics/settings/
9For the full list of settings and their values, see
10https://docs.djangoproject.com/en/6.0/ref/settings/
11"""
13from pathlib import Path
14import os
15import logging
17# Build paths inside the project like this: BASE_DIR / 'subdir'.
18BASE_DIR = Path(__file__).resolve().parent.parent
20# enforce it even if its true by default
21APPEND_SLASH = True
23# Quick-start development settings - unsuitable for production
24# See https://docs.djangoproject.com/en/6.0/howto/deployment/checklist/
26# SECURITY WARNING: keep the secret key used in production secret!
27SECRET_KEY = os.environ.get("DJANGO_SECRET_KEY", 'django-insecure-scwz(sj+*te-dbfuc)vnkju5y1=p1en^d#8mz5*keg2(fj^mn-dudi-bla%')
29# SECURITY WARNING: don't run with debug turned on in production!
30DEBUG = bool(os.environ.get("DJANGO_DEBUG", default=False))
32ALLOWED_HOSTS = os.environ.get("DJANGO_ALLOWED_HOSTS","127.0.0.1,localhost").split(",")
33CSRF_TRUSTED_ORIGINS = os.environ.get("DJANGO_CSRF_TRUSTED_ORIGINS", "https://localhost:8443,http://localhost:80").split(",")
35# Application definition
36INSTALLED_APPS = [
37 'django.contrib.admin',
38 'django.contrib.auth',
39 'django.contrib.contenttypes',
40 'django.contrib.sessions',
41 'django.contrib.messages',
42 'django.contrib.staticfiles',
43 'django_summernote',
44 "graphene_django",
45 'guardian',
46 'product_risk_suite',
47 'risk_assessment',
48 'threat_model',
49 'product',
50 'api',
51]
53GRAPHENE = {
54 "SCHEMA": "api.schema.schema",
55}
57MIDDLEWARE = [
58 'django.middleware.security.SecurityMiddleware',
59 'django.contrib.sessions.middleware.SessionMiddleware',
60 'django.middleware.common.CommonMiddleware',
61 'django.middleware.csrf.CsrfViewMiddleware',
62 'django.contrib.auth.middleware.AuthenticationMiddleware',
63 'django.contrib.messages.middleware.MessageMiddleware',
64 'django.middleware.clickjacking.XFrameOptionsMiddleware',
65]
67ROOT_URLCONF = 'product_risk_suite.urls'
69TEMPLATES = [
70 {
71 'BACKEND': 'django.template.backends.django.DjangoTemplates',
72 'DIRS': [],
73 'APP_DIRS': True,
74 'OPTIONS': {
75 'context_processors': [
76 'django.template.context_processors.request',
77 'django.contrib.auth.context_processors.auth',
78 'django.contrib.messages.context_processors.messages',
79 ],
80 },
81 },
82]
84WSGI_APPLICATION = 'product_risk_suite.wsgi.application'
86SUMMERNOTE_CONFIG = {
87 # Using SummernoteWidget - iframe mode, default
88 'iframe': True,
89 'summernote': {
90 'lang': 'en-US',
92 # Toolbar customization
93 # https://summernote.org/deep-dive/#custom-toolbar-popover
94 'toolbar': [
95 ['font', ['bold', 'italic', 'underline', 'clear']],
96 ['para', ['ul', 'ol', 'paragraph']],
97 ['insert', ['link']],
98 ['view', ['fullscreen', 'codeview', 'help']],
99 ],
100 }
101}
103# Database
104# https://docs.djangoproject.com/en/6.0/ref/settings/#databases
106DATABASES = {
107 'default': {
108 'ENGINE': f"django.db.backends.{os.getenv('DATABASE_ENGINE', 'sqlite3')}",
109 'NAME': os.getenv('DATABASE_NAME', BASE_DIR / 'db.sqlite3'),
110 'USER': os.getenv('DATABASE_USERNAME'),
111 'PASSWORD': os.getenv('DATABASE_PASSWORD'),
112 'HOST': os.getenv('DATABASE_HOST'),
113 'PORT': os.getenv('DATABASE_PORT'),
114 }
115}
117# Password validation
118# https://docs.djangoproject.com/en/6.0/ref/settings/#auth-password-validators
120AUTH_PASSWORD_VALIDATORS = [
121 {
122 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
123 },
124 {
125 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
126 },
127 {
128 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
129 },
130 {
131 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
132 },
133]
135LOGGING = {
136 'version': 1,
137 'disable_existing_loggers': False,
138 'formatters': {
139 'verbose': {
140 'format': '{levelname} {asctime} {module} {message}',
141 'style': '{',
142 },
143 },
144 'handlers': {
145 'console': {
146 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"),
147 'class': 'logging.StreamHandler',
148 'formatter': 'verbose',
149 },
150 },
151 'root': {
152 'handlers': ['console'],
153 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"),
154 },
155 'loggers': {
156 'django': {
157 'handlers': ['console'],
158 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"),
159 'propagate': True,
160 },
161 # For your app-specific logs (e.g., `myapp`)
162 'myapp': {
163 'handlers': ['console'],
164 'level': os.getenv("DJANGO_LOG_LEVEL", "INFO"),
165 'propagate': True,
166 },
167 },
168}
170AUTHENTICATION_BACKENDS = (
171 'django.contrib.auth.backends.ModelBackend', # Default backend
172 'guardian.backends.ObjectPermissionBackend', # For object permissions
173)
175# Internationalization
176# https://docs.djangoproject.com/en/6.0/topics/i18n/
178LANGUAGE_CODE = 'en-us'
180TIME_ZONE = 'UTC'
182USE_I18N = True
184USE_TZ = True
186LOGIN_URL = '/login'
188# Static files (CSS, JavaScript, Images)
189# https://docs.djangoproject.com/en/6.0/howto/static-files/
191STATIC_URL = '/static/'
192if DEBUG:
193 STATIC_ROOT = BASE_DIR / "staticfiles"
194else:
195 STATIC_ROOT = "/app/staticfiles"
196STATICFILES_DIRS = [
197 BASE_DIR / "static",
198]
200# uploaded files
201MEDIA_URL = '/media/'
202if DEBUG:
203 MEDIA_ROOT = BASE_DIR / "media"
204else:
205 MEDIA_ROOT = "/data/media"