Migrate to AutoSecretKey, other fixes

config.dist.ini

@@ -0,0 +1,39 @@
+[JOURNEYJOKER]
+# SECURITY WARNING: don't run with debug turned on in production!
+Debug = 0
+Host = journeyjoker.lan
+Countries = ["AT"]
+
+CurrencySymbol = "€"
+CurrencyCode = "EUR"
+CurrencyName = "Euro"
+
+[SMTP]
+Host = "mail.server"
+# Port = 25
+Username = "mail_username"
+Password = "mail_password"
+StartTLS = 0
+SSL = 1
+
+From = "noreply@journeyjoker.lan"
+BCC = []
+
+[ADMINS]
+admin@example.com = Demo Admin
+
+[MANAGERS]
+manager@example.com = Demo Manager
+
+# [MySQL]
+# Database = journeyjoker
+# Username = journeyjoker
+# Password = secret123!
+# Host = localhost
+# Port = 3306
+
+# [S3]
+# AccessKey = journeyjoker
+# SecretKey = !!!verysecret!!!
+# Bucket = journeyjoker
+# Endpoint = https://minio.journeyjoker.lan

config.ini

@@ -0,0 +1,34 @@
+[JOURNEYJOKER]
+debug = 1
+host = journeyjoker.dev.kumi
+countries = ["AT"]
+currencysymbol = "€"
+currencycode = "EUR"
+currencyname = "Euro"
+
+[SMTP]
+host = "email.kumi"
+port = 25
+username = "noreply@journeyjoker.dev.kumi"
+password = "aiv4jeiHoa4saeH2aephaeDe2ev0urieGhahquoahihaeGh7AeSh9rohz3eethie"
+starttls = 1
+ssl = 0
+from = "noreply@journeyjoker.dev.kumi"
+bcc = []
+
+[ADMINS]
+admin@example.com = Demo Admin
+
+[MANAGERS]
+manager@example.com = Demo Manager
+
+[MySQL]
+database = journeyjoker_dev
+username = journeyjoker_dev
+password = gee7aec5zaix8RieXahshie5Soongeibee6uthashook0ipae8oobuiTuwingeek
+host = duck.mariadb.kumi
+port = 3306
+
+[AutoSecretKey]
+secretkey = 0jw5q5jh8@x))dmeq_yi9t^xqx0&60sty0^i8w8ri%bf3-^21h
+

localauth/mixins.py

@@ -3,7 +3,7 @@ from django.shortcuts import redirect
 from django.contrib import messages
 from django.contrib.auth import REDIRECT_FIELD_NAME
 from django.contrib.auth.decorators import login_required
-from django.contrib.auth.views import redirect_to_login, SuccessURLAllowedHostsMixin
+from django.contrib.auth.views import redirect_to_login, RedirectURLMixin as SuccessURLAllowedHostsMixin
 from django.conf import settings
 from django.contrib.auth.mixins import UserPassesTestMixin
 from django.urls import reverse_lazy

localsettings.dist.py

@@ -1,60 +0,0 @@
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'longsecretstring!'
-
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-
-ALLOWED_HOSTS = ["*"]
-
-# MySQL/MariaDB server settings
-
-DB_HOST = "sql.server"
-DB_PORT = 3306
-DB_NAME = "sql_database"
-DB_USER = "sql_username"
-DB_PASS = "sql_password"
-
-# Mail server settings
-
-EMAIL_HOST = "mail.server"
-EMAIL_PORT = None
-EMAIL_HOST_USER = "mail_username"
-EMAIL_HOST_PASSWORD = "mail_password"
-EMAIL_USE_TLS = False
-EMAIL_USE_SSL = True
-
-# Email address to send outgoing mail from by default
-
-DEFAULT_FROM_EMAIL = "noreply@example.com"
-
-# Email addresses of system administrators and managers
-
-ADMINS = [
-    ('Demo Admin', 'admin@example.com'),
-]
-
-MANAGERS = ADMINS + [
-    ('Demo Manager', 'manager@example.com'),
-]
-
-# Default addresses to BCC messages to
-
-DEFAULT_BCC_EMAILS = []
-
-# S3 Bucket Configuration (add options as documented at https://django-storages.readthedocs.io/en/latest/backends/amazon-S3.html)
-
-ENABLE_S3_STORAGE = False
-
-AWS_ACCESS_KEY_ID = "AWS Key ID"
-AWS_SECRET_ACCESS_KEY = "AWS Secret Key"
-AWS_STORAGE_BUCKET_NAME = "AWS Bucket"
-
-# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions)
-
-JOKER_COUNTRIES = ["AT"]
-
-# Currency to use
-
-CURRENCY_SYMBOL = "€"
-CURRENCY_CODE = "EUR"
-CURRENCY_NAME = "Euro"

payment/voucher/helpers.py

@@ -2,7 +2,7 @@ from dbsettings.functions import getValue
 
 from random import SystemRandom
 
-import fast_luhn
+import baluhn
 
 def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), length=getValue("payment.voucher.length", 16)):
     if length <= len(str(prefix)):
@@ -15,4 +15,4 @@ def generate_voucher_code(prefix=getValue("payment.voucher.prefix", "9011"), len
     for i in range(length_randpart):
         base_code += str(SystemRandom().randint(0, 9))
 
-    return fast_luhn.complete(base_code)
+    return baluhn.generate(base_code)

requirements.txt

@@ -17,11 +17,12 @@ googlemaps
 Babel
 staticmap
 django-mathfilters
-fast-luhn
+baluhn
 kumisms
 django-filtersignals
 python-magic
 bs4
 django-starfield
 pdfkit
-git+https://github.com/chrisherold/django-weekday-field.git
+git+https://github.com/chrisherold/django-weekday-field.git
+django-autosecretkey

urlaubsauktion/admin.py

@@ -1,18 +1,18 @@
 from django.contrib.admin import AdminSite
-from django.utils.translation import ugettext_lazy
+from django.utils.translation import gettext_lazy
 from django.contrib.auth import get_user_model
 
 from dbsettings.models import Setting
 
 class JokerAdmin(AdminSite):
     # Text to put at the end of each page's <title>.
-    site_title = ugettext_lazy('JourneyJoker Administration')
+    site_title = gettext_lazy('JourneyJoker Administration')
 
     # Text to put in each page's <h1> (and above login form).
-    site_header = ugettext_lazy('JourneyJoker Administration')
+    site_header = gettext_lazy('JourneyJoker Administration')
 
     # Text to put at the top of the admin index page.
-    index_title = ugettext_lazy('JourneyJoker Administration')
+    index_title = gettext_lazy('JourneyJoker Administration')
 
 joker_admin = JokerAdmin()
 

urlaubsauktion/settings.py

@@ -1,9 +1,38 @@
 from pathlib import Path
 
-from localsettings import *
+import json
+
+from autosecretkey import AutoSecretKey
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
+CONFIG_FILE = AutoSecretKey(BASE_DIR / "config.ini", template=BASE_DIR / "config.dist.ini")
+SECRET_KEY = CONFIG_FILE.secret_key
+CONFIG = CONFIG_FILE.config
+
+DEBUG = CONFIG["JOURNEYJOKER"]["Debug"]
+
+# Domain configuration
+
+ALLOWED_HOSTS = [host := CONFIG["JOURNEYJOKER"]["Host"]]
+
+if host.startswith("www."):
+    ALLOWED_HOSTS.append(host[4:])
+else:
+    ALLOWED_HOSTS.append(f"www.{host}")
+
+CSRF_TRUSTED_ORIGINS = [f"https://{host}" for host in ALLOWED_HOSTS]
+
+# Countries the app can be used in (currently no more than 5 due to Google Maps restrictions)
+
+JOKER_COUNTRIES = json.loads(CONFIG["JOURNEYJOKER"]["Countries"])
+
+# Currency to use
+
+CURRENCY_SYMBOL = CONFIG["JOURNEYJOKER"]["CurrencySymbol"]
+CURRENCY_CODE = CONFIG["JOURNEYJOKER"]["CurrencyCode"]
+CURRENCY_NAME = CONFIG["JOURNEYJOKER"]["CurrencyName"]
+
 
 # Application definition
 
@@ -66,18 +95,31 @@ WSGI_APPLICATION = 'urlaubsauktion.wsgi.application'
 
 
 # Database
-# https://docs.djangoproject.com/en/3.1/ref/settings/#databases
+# https://docs.djangoproject.com/en/4.0/ref/settings/#databases
 
-DATABASES = {
-    'default': {
-        'ENGINE': 'django.contrib.gis.db.backends.mysql',
-        'NAME': DB_NAME,
-        'USER': DB_USER,
-        'PASSWORD': DB_PASS,
-        'HOST': DB_HOST,
-        'PORT': DB_PORT,
+if "MySQL" in CONFIG_FILE.config:
+    DATABASES = {
+        'default': {
+            'ENGINE': 'django.contrib.gis.db.backends.mysql',
+            'NAME': CONFIG_FILE.config.get("MySQL", "Database"),
+            'USER': CONFIG_FILE.config.get("MySQL", "Username"),
+            'PASSWORD': CONFIG_FILE.config.get("MySQL", "Password"),
+            'HOST': CONFIG_FILE.config.get("MySQL", "Host", fallback="localhost"),
+            'PORT': CONFIG_FILE.config.getint("MySQL", "Port", fallback=3306),
+            'OPTIONS': {
+                'charset': 'utf8mb4',
+                'sql_mode': 'traditional',
+            }
+        }
+    }
+
+else:
+    DATABASES = {
+        'default': {
+            'ENGINE': 'django.contrib.gis.db.backends.spatialite',
+            'NAME': BASE_DIR / 'db.sqlite3',
+        }
     }
-}
 
 
 # Password validation
@@ -123,7 +165,18 @@ LANGUAGES = [
 
 
 # Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/3.1/howto/static-files/
+# https://docs.djangoproject.com/en/4.0/howto/static-files/
+
+
+STATIC_ROOT = None if DEBUG else CONFIG_FILE.config.get("JOURNEYJOKER", "StaticRoot", fallback=BASE_DIR / "webroot" / "static")
+
+if "S3" in CONFIG_FILE.config:
+    DEFAULT_FILE_STORAGE = 'storages.backends.s3boto3.S3Boto3Storage'
+    STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage'
+    AWS_ACCESS_KEY_ID = CONFIG_FILE.config.get("S3", "AccessKey")
+    AWS_SECRET_ACCESS_KEY = CONFIG_FILE.config.get("S3", "SecretKey")
+    AWS_STORAGE_BUCKET_NAME = CONFIG_FILE.config.get("S3", "Bucket")
+    AWS_S3_ENDPOINT_URL = CONFIG_FILE.config.get("S3", "Endpoint")
 
 STATIC_URL = '/static/'
 
@@ -135,12 +188,40 @@ AUTH_USER_MODEL = "localauth.User"
 
 REGISTER_REDIRECT_URL = "/"
 LOGIN_REDIRECT_URL = "/"
+LOGOUT_REDIRECT_URL = "/"
 
 LOGIN_URL = "localauth:login"
 LOGOUT_URL = "localauth:logout"
 
-DEFAULT_FILE_STORAGE = 'django.core.files.storage.FileSystemStorage' if not ENABLE_S3_STORAGE else 'storages.backends.s3boto3.S3Boto3Storage'
-STATICFILES_STORAGE = 'storages.backends.s3boto3.S3StaticStorage' if ENABLE_S3_STORAGE else 'django.contrib.staticfiles.storage.StaticFilesStorage'
+
+# Mail server settings
+
+EMAIL_ENABLED = False
+
+if "SMTP" in CONFIG:
+    EMAIL_ENABLED = True
+    EMAIL_HOST = CONFIG["SMTP"]["Host"]
+    EMAIL_PORT = CONFIG.get("SMTP", "Port", fallback=587)
+    EMAIL_HOST_USER = CONFIG.get("SMTP", "Username")
+    EMAIL_HOST_PASSWORD = CONFIG.get("SMTP", "Password")
+    EMAIL_USE_TLS = CONFIG.getboolean("SMTP", "TLS", fallback=True)
+    EMAIL_USE_SSL = CONFIG.getboolean("SMTP", "SSL", fallback=False)
+
+    EMAIL_FROM = CONFIG.get("SMTP", "From", fallback=EMAIL_HOST_USER)
+    EMAIL_BCC = json.loads(CONFIG.get("SMTP", "BCC", fallback=[]))
+
+# Email addresses of system administrators and managers
+
+ADMINS = [
+    (v,k) for k,v in CONFIG["ADMINS"].items()
+]
+
+MANAGERS = ADMINS + [
+    (v,k) for k,v in CONFIG["MANAGERS"].items()
+]
+
+
+# Misc settings
 
 DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
 

uwsgi.sh

@@ -1,3 +1,3 @@
 #!/bin/bash
-uwsgi  --http 127.0.0.1:8000 --module urlaubsauktion.wsgi --uid 1001 --processes 8
+uwsgi  --http 127.0.0.1:8092 --module urlaubsauktion.wsgi --uid 1001 --processes 8