import osBASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file

1. import os
2.  
3.  
4. BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
5.  
6.  
7. with open('/etc/secret_key.txt') as f:
8. SECRET_KEY = f.read().strip()
9.  
10.  
11.  
12. DEBUG = False
13.  
14. ALLOWED_HOSTS = ['xxxxxx.com']
15.  
16. SESSION_SERIALIZER = 'django.contrib.sessions.serializers.JSONSerializer'
17. SESSION_ENGINE = 'user_sessions.backends.db'
18.  
19.  
20. CSRF_COOKIE_SECURE = True
21. CSRF_COOKIE_SAMESITE = 'Strict'
22. CSRF_COOKIE_AGE = None
23. CSRF_COOKIE_DOMAIN = None
24. CSRF_USE_SESSIONS = False
25. CSRF_COOKIE_HTTPONLY = True
26. SESSION_COOKIE_PATH = '/;HttpOnly'
27. SESSION_COOKIE_HTTPONLY = True
28. SESSION_COOKIE_SECURE = True
29. SESSION_COOKIE_SAMESITE = 'Strict'
30. SESSION_EXPIRE_AT_BROWSER_CLOSE = True
31.  
32. SECURE_SSL_REDIRECT = True
33. SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
34. SECURE_BROWSER_XSS_FILTER = True
35. SECURE_CONTENT_TYPE_NOSNIFF = True
36. SECURE_HSTS_SECONDS = 15768000 #3600 # 1 day
37. SECURE_HSTS_INCLUDE_SUBDOMAINS = True
38. SECURE_HSTS_PRELOAD = True
39. SECURE_FRAME_DENY = True
40.  
41. X_FRAME_OPTIONS = 'DENY'
42.  
43.  
44.  
45.  
46. os.environ['HTTPS'] = "on"
47. os.environ['wsgi.url_scheme'] = 'https'
48.  
49.  
50.  
51.  
52. CSP_DEFAULT_SRC = ("'none'",)
53. CSP_STYLE_SRC = ("'self'", "xxxxxx.com", "fonts.googleapis.com", "'sha256-Y/OYzipjX3yzIdTnBrtEgSVTJ9PGTp7jDHMb+R3S1qI='")
54. CSP_SCRIPT_SRC = ("'self'", "xxxxxx.com", "www.googletagmanager.com", "www.google-analytics.com", "https://www.google.com/recaptcha/", "https://www.gstatic.com/recaptcha/",)
55. CSP_IMG_SRC = ("'self'", "data:", "www.googletagmanager.com", "www.google-analytics.com", "fonts.googleapis.com/")
56. CSP_FONT_SRC = ("'self'", "xxxxxx.com", "fonts.gstatic.com")
57. CSP_CONNECT_SRC = ("'self'", "xxxxxx.com",)
58. CSP_OBJECT_SRC = ("'none'", )
59. CSP_BASE_URI = ("'none'", )
60. CSP_FRAME_SRC = ("'self'", "https://www.google.com/recaptcha/",)
61. CSP_FRAME_ANCESTORS = ("'none'",)
62. CSP_FORM_ACTION = ("'self'", "xxxxxx.com",)
63. CSP_INCLUDE_NONCE_IN = ('script-src',)
64.  
65.  
66.  
67. INSTALLED_APPS = [
68. 'django.contrib.admin',
69. 'django.contrib.auth',
70. 'django.contrib.contenttypes',
71. 'user_sessions',
72. 'django.contrib.sessions',
73. 'django.contrib.messages',
74. 'django.contrib.staticfiles',
75. 'captcha',
76. 'usuario',
77. 'administrador',
78. 'base',
79. 'django_otp',
80. 'django_otp.plugins.otp_static',
81. 'django_otp.plugins.otp_totp',
82. 'two_factor',
83. 'bootstrapform',
84. ]
85.  
86. MIDDLEWARE = [
87. 'django.middleware.security.SecurityMiddleware',
88. 'django.contrib.sessions.middleware.SessionMiddleware',
89. 'django.middleware.common.CommonMiddleware',
90. 'django.middleware.csrf.CsrfViewMiddleware',
91. 'django.middleware.locale.LocaleMiddleware',
92. 'django.contrib.auth.middleware.AuthenticationMiddleware',
93. 'user_sessions.middleware.SessionMiddleware',
94. 'django.contrib.messages.middleware.MessageMiddleware',
95. 'django.middleware.clickjacking.XFrameOptionsMiddleware',
96. 'csp.middleware.CSPMiddleware',
97. 'django_otp.middleware.OTPMiddleware',
98. 'two_factor.middleware.threadlocals.ThreadLocals',
99. 'django_feature_policy.FeaturePolicyMiddleware',
100. 'django_referrer_policy.middleware.ReferrerPolicyMiddleware',
101. #'x_forwarded_for.middleware.XForwardedForMiddleware',
102. ]
103.  
104.  
105.  
106.  
107. AUTHENTICATION_BACKENDS = (
108. 'django.contrib.auth.backends.ModelBackend',
109. )
110.  
111. REFERRER_POLICY = 'same-origin'
112. FEATURE_POLICY = {
113. 'geolocation': 'none',
114. }
115.  
116.  
117. LOGOUT_REDIRECT_URL = 'login'
118. LOGIN_URL = 'login'
119. LOGIN_REDIRECT_URL = 'home_usuario'
120.  
121. RECAPTCHA_PUBLIC_KEY = 'xxxxxxxxxxxxxxxxxxx'
122. RECAPTCHA_PRIVATE_KEY = 'xxxxxxxxxxxxxxxxxxx'
123.  
124. ROOT_URLCONF = 'xxxxxxproject.urls'
125.  
126. TEMPLATES = [
127. {
128. 'BACKEND': 'django.template.backends.django.DjangoTemplates',
129. 'DIRS': ['templates'],
130. 'APP_DIRS': True,
131. 'OPTIONS': {
132. 'context_processors': [
133. 'django.template.context_processors.debug',
134. 'django.template.context_processors.request',
135. 'django.contrib.auth.context_processors.auth',
136. 'django.contrib.messages.context_processors.messages',
137. ],
138. },
139. },
140. ]
141.  
142. WSGI_APPLICATION = 'xxxxxxproject.wsgi.application'
143.  
144.  
145. DATABASES = {
146. 'default': {
147. 'ENGINE': 'django.db.backends.postgresql_psycopg2',
148. 'NAME': 'xxxxxxproject',
149. 'USER': 'xxxxxxprojectuser',
150. 'PASSWORD': 'xxxxxxxxxxxxx',
151. 'HOST': 'xxxxxxxxxxxx',
152. 'PORT': '5432',
153. }
154. }
155.  
156.  
157.  
158. AUTH_PASSWORD_VALIDATORS = [
159. {
160. 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
161. },
162. {
163. 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
164. },
165. {
166. 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
167. },
168. {
169. 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
170. },
171. ]
172.  
173.  
174.  
175.  
176. LANGUAGE_CODE = 'en-us'
177.  
178. TIME_ZONE = 'UTC'
179.  
180. USE_I18N = True
181.  
182. USE_L10N = True
183.  
184. USE_TZ = True
185.  
186. EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
187. EMAIL_USE_TLS = True
188. EMAIL_HOST = 'smtp.1and1.es'
189. EMAIL_HOST_USER = 'xxxxxxxx@xxxxxxx.xxx'
190. EMAIL_HOST_PASSWORD = 'xxxxxxxxxxxxxxxxxxxxx'
191. EMAIL_PORT = 587
192.  
193.  
194.  
195. STATIC_URL = '/static/'
196. STATIC_ROOT = os.path.join(BASE_DIR, 'static/')
197.  
198. os.environ['HTTPS'] = "on"
199. os.environ['wsgi.url_scheme'] = 'https'
200.  
201. try:
202. from .settings_private import * # noqa
203. except ImportError:
204. pass