From 648cae81d53b3cc98c00151d58530b0fd298dd03 Mon Sep 17 00:00:00 2001 From: Alexandre Iooss Date: Sun, 30 Jan 2022 19:13:42 +0100 Subject: [PATCH] Use secure cookies --- photo21/settings.py | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) diff --git a/photo21/settings.py b/photo21/settings.py index e6773ec..92965ca 100644 --- a/photo21/settings.py +++ b/photo21/settings.py @@ -23,7 +23,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = 'CHANGE_ME' +SECRET_KEY = '' # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False @@ -36,15 +36,13 @@ ALLOWED_HOSTS = [ ] # Admins receive server errors, this is useful to be notified of potential bugs +# By default MANAGERS=ADMINS, so admins also receive upload notifications ADMINS = [ ('admin', 'photos-admin@lists.crans.org'), ] -# Managers receive notifications about new photos upload -MANAGERS = [ - ('moderation', 'photos-admin@lists.crans.org'), -] - +# Use secure cookies in production +SESSION_COOKIE_SECURE = not DEBUG # Application definition @@ -144,14 +142,8 @@ PASSWORD_HASHERS = [ # Internationalization # https://docs.djangoproject.com/en/2.2/topics/i18n/ -LANGUAGE_CODE = 'en-us' - TIME_ZONE = 'UTC' -USE_I18N = True - -USE_L10N = True - USE_TZ = True # Limit available languages to this subset @@ -185,16 +177,10 @@ LOCALE_PATHS = [os.path.join(BASE_DIR, 'photo21/locale')] FIXTURE_DIRS = [os.path.join(BASE_DIR, 'photo21/fixtures')] -# Email settings +# Do not send email during debug +# By default Django sends mails to localhost:25 without authentification if DEBUG: EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' -else: - EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' -EMAIL_USE_SSL = os.getenv('EMAIL_USE_SSL', False) -EMAIL_HOST = os.getenv('EMAIL_HOST', 'localhost') -EMAIL_PORT = os.getenv('EMAIL_PORT', 25) -EMAIL_HOST_USER = os.getenv('EMAIL_USER', None) -EMAIL_HOST_PASSWORD = os.getenv('EMAIL_PASSWORD', None) # Mail will be sent from this address SERVER_EMAIL = "photos@crans.org"