Move sensitive information from settings.py to custom_settings.py, include distributable sample
Add .gitignore Add pip requirements file Change default password hasher to Argon
This commit is contained in:
parent
eb1dfb2f9b
commit
f54d19a700
5 changed files with 36 additions and 14 deletions
3
.gitignore
vendored
Normal file
3
.gitignore
vendored
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
expephalon/custom_settings.py
|
||||||
|
*.pyc
|
||||||
|
__pycache__/
|
18
expephalon/custom_settings.dist.py
Normal file
18
expephalon/custom_settings.dist.py
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
# Secret Key: Replace this by a long random string.
|
||||||
|
# You can use django.core.management.utils.get_random_secret_key to generate one.
|
||||||
|
|
||||||
|
SECRET_KEY = "changeme"
|
||||||
|
|
||||||
|
# Database settings
|
||||||
|
# This application is tested only with MariaDB/MySQL.
|
||||||
|
# You will have to edit settings.py if you want to use Postgres, SQLite, etc.
|
||||||
|
|
||||||
|
DB_HOST = "localhost"
|
||||||
|
DB_PORT = 3306
|
||||||
|
DB_USER = "expephalon"
|
||||||
|
DB_PASS = "secret"
|
||||||
|
DB_NAME = "expephalon"
|
||||||
|
|
||||||
|
DEBUG = True
|
||||||
|
|
||||||
|
ALLOWED_HOSTS = []
|
|
@ -12,22 +12,11 @@ https://docs.djangoproject.com/en/3.0/ref/settings/
|
||||||
|
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
from expephalon.custom_settings import * # pylint: disable=unused-wildcard-import
|
||||||
|
|
||||||
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
|
||||||
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
|
||||||
|
|
||||||
|
|
||||||
# Quick-start development settings - unsuitable for production
|
|
||||||
# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
|
|
||||||
|
|
||||||
# SECURITY WARNING: keep the secret key used in production secret!
|
|
||||||
SECRET_KEY = '!n5zzc)6p+f+!d4rs_n&+8na8j%ylc(8lu^%7)be6&@@aynf0!'
|
|
||||||
|
|
||||||
# SECURITY WARNING: don't run with debug turned on in production!
|
|
||||||
DEBUG = True
|
|
||||||
|
|
||||||
ALLOWED_HOSTS = []
|
|
||||||
|
|
||||||
|
|
||||||
# Application definition
|
# Application definition
|
||||||
|
|
||||||
INSTALLED_APPS = [
|
INSTALLED_APPS = [
|
||||||
|
@ -118,3 +107,13 @@ USE_TZ = True
|
||||||
# https://docs.djangoproject.com/en/3.0/howto/static-files/
|
# https://docs.djangoproject.com/en/3.0/howto/static-files/
|
||||||
|
|
||||||
STATIC_URL = '/static/'
|
STATIC_URL = '/static/'
|
||||||
|
|
||||||
|
# Password hasher
|
||||||
|
# https://docs.djangoproject.com/en/3.0/topics/auth/passwords/#how-django-stores-passwords
|
||||||
|
|
||||||
|
PASSWORD_HASHERS = [
|
||||||
|
'django.contrib.auth.hashers.Argon2PasswordHasher',
|
||||||
|
'django.contrib.auth.hashers.PBKDF2PasswordHasher',
|
||||||
|
'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
|
||||||
|
'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
|
||||||
|
]
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
#!/usr/bin/env python3
|
#!/usr/bin/env python
|
||||||
"""Django's command-line utility for administrative tasks."""
|
"""Django's command-line utility for administrative tasks."""
|
||||||
import os
|
import os
|
||||||
import sys
|
import sys
|
||||||
|
|
2
requirements.txt
Normal file
2
requirements.txt
Normal file
|
@ -0,0 +1,2 @@
|
||||||
|
django[argon2]
|
||||||
|
mysqlclient
|
Loading…
Reference in a new issue