secret-squirrel/settings.py

# -*- coding: utf-8 -*-
# Django settings for the secret_squirrel project.

import os
import logging

# Make filepaths relative to settings.
ROOT = os.path.dirname(os.path.abspath(__file__))
path = lambda *a: os.path.join(ROOT, *a)

ROOT_PACKAGE = os.path.basename(ROOT)


DEBUG = True
TEMPLATE_DEBUG = DEBUG
LOG_LEVEL = logging.DEBUG
SYSLOG_TAG = "http_app_sso"

ADMINS = (
    # ('Your Name', 'your_email@domain.com'),
)

MANAGERS = ADMINS

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'.
        'NAME': 'squirrel',
        'USER': '',
        'PASSWORD': '',
        'HOST': '',
        'PORT': '',
        'OPTIONS': {'init_command': 'SET storage_engine=InnoDB'},
        'TEST_CHARSET': 'utf8',
        'TEST_COLLATION': 'utf8_general_ci',
    }
}

DATABASE_ROUTERS = ('multidb.MasterSlaveRouter',)

# Put the aliases for your slave databases in this list
SLAVE_DATABASES = []

# Cache Settings
#CACHE_BACKEND = 'caching.backends.memcached://localhost:11211'
#CACHE_PREFIX = 'sumo:'


# Local time zone for this installation. Choices can be found here:
# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name
# although not all choices may be available on all operating systems.
# If running in a Windows environment this must be set to the same as your
# system time zone.
TIME_ZONE = 'America/Los_Angeles'

# Language code for this installation. All choices can be found here:
# http://www.i18nguy.com/unicode/language-identifiers.html
LANGUAGE_CODE = 'en-us'

SITE_ID = 1

# If you set this to False, Django will make some optimizations so as not
# to load the internationalization machinery.
USE_I18N = True

# Absolute path to the directory that holds media.
# Example: "/home/media/media.lawrence.com/"
MEDIA_ROOT = path('media')

# URL that handles the media served from MEDIA_ROOT. Make sure to use a
# trailing slash if there is a path component (optional in other cases).
# Examples: "http://media.lawrence.com", "http://example.com/media/"
MEDIA_URL = '/media/'

# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a
# trailing slash.
# Examples: "http://foo.com/media/", "/media/".
ADMIN_MEDIA_PREFIX = '/admin-media/'

# Make this unique, and don't share it with anybody.
SECRET_KEY = 'bi)(czxyf#e68_bg4lvx!7o*v&ggnz*@()w$z-0injzc#0&)l_'

# Templates
TEMPLATE_CONTEXT_PROCESSORS = (
    'django.core.context_processors.auth',
    'django.core.context_processors.debug',
    'django.core.context_processors.media',
    'django.core.context_processors.request',
    'django.core.context_processors.csrf',

    'sso.context_processors.now',
)

TEMPLATE_DIRS = (
    path('templates'),
)

# List of callables that know how to import templates from various sources.
TEMPLATE_LOADERS = (
    'django.template.loaders.filesystem.Loader',
    'django.template.loaders.app_directories.Loader',
#     'django.template.loaders.eggs.Loader',
)

def JINJA_CONFIG():
    import jinja2
    # TODO replace 'jinja2.ext.i18n' with 'tower.template.i18n' when we're
    # actually doing L10n.
    config = {'extensions': ['jinja2.ext.i18n', 'jinja2.ext.loopcontrols',
                             'jinja2.ext.with_'],
              'finalize': lambda x: x if x is not None else ''}
    return config


MIDDLEWARE_CLASSES = (
    'commonware.middleware.SetRemoteAddrFromForwardedFor', # First, so all others see the right IP
    'sso.middleware.HttpOnlyMiddleware',  # needs to be before AuthMiddleware
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'paranoidsessions.ParanoidSessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.middleware.csrf.CsrfResponseMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',

    'commonware.middleware.FrameOptionsHeader',
)

ROOT_URLCONF = '%s.urls' % ROOT_PACKAGE

INSTALLED_APPS = (
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    'django.contrib.messages',

    'cas_provider',
    'sso',
    'users',
)

AUTHENTICATION_BACKENDS = ('users.auth.Sha256Backend',)
AUTH_PROFILE_MODULE = 'users.UserProfile'

# Tests
TEST_RUNNER = 'test_utils.runner.RadicalTestSuiteRunner'

# Security settings
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
# Default to 1 week expiration
SESSION_COOKIE_AGE = 7 * 24 * 60 * 60
SESSION_COOKIE_SECURE = True

# Cookie names that should NOT have the HttpOnly flag set.
JAVASCRIPT_READABLE_COOKIES = ()

# CAS Service ticket expiration, in seconds, 0 means no expiration.
SERVICE_TICKET_TIMEOUT = 30

# django-paranoid-sessions settings
PSESSION_CHECK_HEADERS = ('REMOTE_ADDR',)  # Check remote IP address
PSESSION_NONCE_TIMEOUT = None  # No nonce cookies for now

# Emails
DEFAULT_FROM_EMAIL = 'nobody@mozilla.org'
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'

# Auth
LOGIN_URL = '/users/login/'
LOGOUT_URL = '/users/logout/'
LOGIN_REDIRECT_URL = '/'

ACCOUNT_ACTIVATION_DAYS = 7
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`# -- coding: utf-8 --`
			`# Django settings for the secret_squirrel project.`

			`import os`
removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00			`import logging`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00
			`# Make filepaths relative to settings.`
			`ROOT = os.path.dirname(os.path.abspath(__file__))`
			`path = lambda a: os.path.join(ROOT, a)`

			`ROOT_PACKAGE = os.path.basename(ROOT)`

initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`DEBUG = True`
			`TEMPLATE_DEBUG = DEBUG`
removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00			`LOG_LEVEL = logging.DEBUG`
			`SYSLOG_TAG = "http_app_sso"`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`ADMINS = (`
			`# ('Your Name', 'your_email@domain.com'),`
			`)`

			`MANAGERS = ADMINS`

some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`DATABASES = {`
			`'default': {`
manage.py ripped off from zamboni and kitsune 2010-04-09 19:59:59 +04:00			`'ENGINE': 'django.db.backends.mysql', # Add 'postgresql_psycopg2', 'postgresql', 'mysql', 'sqlite3' or 'oracle'.`
We don't do SQLite, so we don't need to mention it everywhere. 2010-11-22 21:49:30 +03:00			`'NAME': 'squirrel',`
			`'USER': '',`
			`'PASSWORD': '',`
			`'HOST': '',`
			`'PORT': '',`
manage.py ripped off from zamboni and kitsune 2010-04-09 19:59:59 +04:00			`'OPTIONS': {'init_command': 'SET storage_engine=InnoDB'},`
Mark all cookies HttpOnly unless specifically defined otherwise. Bug 570687. 2010-08-09 18:04:01 +04:00			`'TEST_CHARSET': 'utf8',`
			`'TEST_COLLATION': 'utf8_general_ci',`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`}`
			`}`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
manage.py ripped off from zamboni and kitsune 2010-04-09 19:59:59 +04:00			`DATABASE_ROUTERS = ('multidb.MasterSlaveRouter',)`

			`# Put the aliases for your slave databases in this list`
			`SLAVE_DATABASES = []`

			`# Cache Settings`
			`#CACHE_BACKEND = 'caching.backends.memcached://localhost:11211'`
			`#CACHE_PREFIX = 'sumo:'`


initial commit: empty django app 2010-04-09 19:09:58 +04:00			`# Local time zone for this installation. Choices can be found here:`
			`# http://en.wikipedia.org/wiki/List_of_tz_zones_by_name`
			`# although not all choices may be available on all operating systems.`
			`# If running in a Windows environment this must be set to the same as your`
			`# system time zone.`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`TIME_ZONE = 'America/Los_Angeles'`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`# Language code for this installation. All choices can be found here:`
			`# http://www.i18nguy.com/unicode/language-identifiers.html`
			`LANGUAGE_CODE = 'en-us'`

			`SITE_ID = 1`

			`# If you set this to False, Django will make some optimizations so as not`
			`# to load the internationalization machinery.`
			`USE_I18N = True`

			`# Absolute path to the directory that holds media.`
			`# Example: "/home/media/media.lawrence.com/"`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`MEDIA_ROOT = path('media')`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`# URL that handles the media served from MEDIA_ROOT. Make sure to use a`
			`# trailing slash if there is a path component (optional in other cases).`
			`# Examples: "http://media.lawrence.com", "http://example.com/media/"`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`MEDIA_URL = '/media/'`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`# URL prefix for admin media -- CSS, JavaScript and images. Make sure to use a`
			`# trailing slash.`
			`# Examples: "http://foo.com/media/", "/media/".`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`ADMIN_MEDIA_PREFIX = '/admin-media/'`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`# Make this unique, and don't share it with anybody.`
			`SECRET_KEY = 'bi)(czxyf#e68_bg4lvx!7ov&ggnz@()w$z-0injzc#0&)l_'`

removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00			`# Templates`
Using jinja2/jingo to render the front page. bug 583752. 2010-08-02 20:26:19 +04:00			`TEMPLATE_CONTEXT_PROCESSORS = (`
			`'django.core.context_processors.auth',`
			`'django.core.context_processors.debug',`
			`'django.core.context_processors.media',`
			`'django.core.context_processors.request',`
			`'django.core.context_processors.csrf',`

			`'sso.context_processors.now',`
			`)`
removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00
			`TEMPLATE_DIRS = (`
			`path('templates'),`
			`)`

initial commit: empty django app 2010-04-09 19:09:58 +04:00			`# List of callables that know how to import templates from various sources.`
			`TEMPLATE_LOADERS = (`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`'django.template.loaders.filesystem.Loader',`
			`'django.template.loaders.app_directories.Loader',`
			`# 'django.template.loaders.eggs.Loader',`
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`)`

Using jinja2/jingo to render the front page. bug 583752. 2010-08-02 20:26:19 +04:00			`def JINJA_CONFIG():`
			`import jinja2`
			`# TODO replace 'jinja2.ext.i18n' with 'tower.template.i18n' when we're`
			`# actually doing L10n.`
			`config = {'extensions': ['jinja2.ext.i18n', 'jinja2.ext.loopcontrols',`
			`'jinja2.ext.with_'],`
			`'finalize': lambda x: x if x is not None else ''}`
			`return config`

manage.py ripped off from zamboni and kitsune 2010-04-09 19:59:59 +04:00
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`MIDDLEWARE_CLASSES = (`
Using django-paranoid-sessions to tie a session to a single IP address only. Bug 570686. 2010-09-01 17:43:27 +04:00			`'commonware.middleware.SetRemoteAddrFromForwardedFor', # First, so all others see the right IP`
Mark all cookies HttpOnly unless specifically defined otherwise. Bug 570687. 2010-08-09 18:04:01 +04:00			`'sso.middleware.HttpOnlyMiddleware', # needs to be before AuthMiddleware`
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`'django.middleware.common.CommonMiddleware',`
			`'django.contrib.sessions.middleware.SessionMiddleware',`
Using django-paranoid-sessions to tie a session to a single IP address only. Bug 570686. 2010-09-01 17:43:27 +04:00			`'paranoidsessions.ParanoidSessionMiddleware',`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`'django.middleware.csrf.CsrfViewMiddleware',`
switched to Jinja2 as a template engine. bug 583752. 2010-08-03 00:41:46 +04:00			`'django.middleware.csrf.CsrfResponseMiddleware',`
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`'django.contrib.auth.middleware.AuthenticationMiddleware',`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`'django.contrib.messages.middleware.MessageMiddleware',`
Added FrameOptionsHeader middleware to forbid iframing Secret Squirrel. Bug 568768. 2010-08-24 16:59:47 +04:00
			`'commonware.middleware.FrameOptionsHeader',`
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`)`

some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`ROOT_URLCONF = '%s.urls' % ROOT_PACKAGE`
initial commit: empty django app 2010-04-09 19:09:58 +04:00
			`INSTALLED_APPS = (`
some user registration magic. login/logout still conflicts with CAS, though. 2010-04-15 20:58:43 +04:00			`'django.contrib.admin',`
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`'django.contrib.auth',`
			`'django.contrib.contenttypes',`
			`'django.contrib.sessions',`
			`'django.contrib.sites',`
some default settings and a pip requirements file 2010-04-09 19:43:56 +04:00			`'django.contrib.messages',`
removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00
			`'cas_provider',`
			`'sso',`
created users app 2010-04-21 20:04:54 +04:00			`'users',`
initial commit: empty django app 2010-04-09 19:09:58 +04:00			`)`
removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00
Monkey-patch Django auth to support SHA256. Bug 571525. 2010-10-12 20:10:27 +04:00			`AUTHENTICATION_BACKENDS = ('users.auth.Sha256Backend',)`
Bug#580284 Adding sso_uuid and UserProfile r=fwenzel 2010-08-11 21:42:08 +04:00			`AUTH_PROFILE_MODULE = 'users.UserProfile'`

Mark all cookies HttpOnly unless specifically defined otherwise. Bug 570687. 2010-08-09 18:04:01 +04:00			`# Tests`
			`TEST_RUNNER = 'test_utils.runner.RadicalTestSuiteRunner'`

			`# Security settings`
			`SESSION_EXPIRE_AT_BROWSER_CLOSE = True`
Default to 1 week cookie expiration time. bug 570685. 2010-08-09 18:45:32 +04:00			`# Default to 1 week expiration`
			`SESSION_COOKIE_AGE = 7 * 24 * 60 * 60`
Mark all cookies HttpOnly unless specifically defined otherwise. Bug 570687. 2010-08-09 18:04:01 +04:00			`SESSION_COOKIE_SECURE = True`

			`# Cookie names that should NOT have the HttpOnly flag set.`
			`JAVASCRIPT_READABLE_COOKIES = ()`

Using django-paranoid-sessions to tie a session to a single IP address only. Bug 570686. 2010-09-01 17:43:27 +04:00			`# CAS Service ticket expiration, in seconds, 0 means no expiration.`
Let service tickets expire 30 seconds after they have been issued by default. Bug 570684. 2010-08-10 19:44:45 +04:00			`SERVICE_TICKET_TIMEOUT = 30`

Using django-paranoid-sessions to tie a session to a single IP address only. Bug 570686. 2010-09-01 17:43:27 +04:00			`# django-paranoid-sessions settings`
			`PSESSION_CHECK_HEADERS = ('REMOTE_ADDR',) # Check remote IP address`
			`PSESSION_NONCE_TIMEOUT = None # No nonce cookies for now`

some user registration magic. login/logout still conflicts with CAS, though. 2010-04-15 20:58:43 +04:00			`# Emails`
			`DEFAULT_FROM_EMAIL = 'nobody@mozilla.org'`
			`EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'`
removing jinja2 and l10n for now; doing some basic setup 2010-04-09 22:33:57 +04:00
some user registration magic. login/logout still conflicts with CAS, though. 2010-04-15 20:58:43 +04:00			`# Auth`
Changed URLs and added menu links 2010-04-21 17:46:50 +04:00			`LOGIN_URL = '/users/login/'`
			`LOGOUT_URL = '/users/logout/'`
simple home page 2010-04-14 19:43:39 +04:00			`LOGIN_REDIRECT_URL = '/'`
some user registration magic. login/logout still conflicts with CAS, though. 2010-04-15 20:58:43 +04:00
			`ACCOUNT_ACTIVATION_DAYS = 7`