Skip to content

Commit

Permalink
Merge branch 'main' into teams
Browse files Browse the repository at this point in the history
  • Loading branch information
tsu-ki authored Jan 2, 2025
2 parents 0f05811 + bc04622 commit b251cee
Show file tree
Hide file tree
Showing 23 changed files with 2,565 additions and 1,358 deletions.
2 changes: 1 addition & 1 deletion Procfile
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
release: python manage.py migrate --noinput
web: bin/start-pgbouncer uvicorn blt.asgi:application --host 0.0.0.0 --port ${PORT}
web: newrelic-admin run-program bin/start-pgbouncer uvicorn blt.asgi:application --host 0.0.0.0 --port ${PORT}
3 changes: 3 additions & 0 deletions blt/asgi.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
# asgi.py

import os
import tracemalloc

import django

Expand All @@ -12,6 +13,8 @@
from django.core.asgi import get_asgi_application
from django.urls import path

tracemalloc.start()

from website import consumers # You will define a consumer for handling WebSockets

application = ProtocolTypeRouter(
Expand Down
182 changes: 64 additions & 118 deletions blt/settings.py
Original file line number Diff line number Diff line change
@@ -1,13 +1,3 @@
"""
Django settings for gettingstarted project, on Heroku. For more info, see:
https://github.com/heroku/heroku-django-template
For more information on this file, see
https://docs.djangoproject.com/en/1.8/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/1.8/ref/settings/
"""

# from google.oauth2 import service_account
import json
import os
import sys
Expand All @@ -17,15 +7,16 @@
from django.utils.translation import gettext_lazy as _
from google.oauth2 import service_account

# reading .env file
environ.Env.read_env()

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
env = environ.Env()
env_file = os.path.join(BASE_DIR, ".env")
environ.Env.read_env(env_file)

print(f"Reading .env file from {env_file}")
print(f"DATABASE_URL: {os.environ.get('DATABASE_URL', 'not set')}")

PROJECT_ROOT = os.path.dirname(os.path.abspath(__file__))
GITHUB_TOKEN = os.environ.get("GITHUB_TOKEN", "blank")

Expand All @@ -34,44 +25,40 @@
DOMAIN_NAME = "blt.owasp.org"
FQDN = "blt.owasp.org"
DOMAIN_NAME_PREVIOUS = os.environ.get("DOMAIN_NAME_PREVIOUS", "BLT")
# else:
# # Default values if hostname does not match
# PROJECT_NAME = os.environ.get("PROJECT_NAME", "BLT")
# DOMAIN_NAME = os.environ.get("DOMAIN_NAME", "127.0.0.1")
# FQDN = "www." + DOMAIN_NAME

PROJECT_NAME_LOWER = PROJECT_NAME.lower()
PROJECT_NAME_UPPER = PROJECT_NAME.upper()

ADMIN_URL = os.environ.get("ADMIN_URL", "admin")
PORT = os.environ.get("PORT", "8000")
DEFAULT_FROM_EMAIL = os.environ.get("FROM_EMAIL", "test@localhost")
SERVER_EMAIL = os.environ.get("FROM_EMAIL", "test@localhost")
DEFAULT_FROM_EMAIL = os.environ.get("FROM_EMAIL", "blt-support@owasp.org")
SERVER_EMAIL = os.environ.get("FROM_EMAIL", "blt-support@owasp.org")


EMAIL_TO_STRING = PROJECT_NAME + " <" + SERVER_EMAIL + ">"
BLOG_URL = os.environ.get("BLOG_URL", "https://owasp.org/www-project-bug-logging-tool/")
BLOG_URL = os.environ.get("BLOG_URL", FQDN + "/blog/")
FACEBOOK_URL = os.environ.get("FACEBOOK_URL", "https://www.facebook.com/groups/owaspfoundation/")
TWITTER_URL = os.environ.get("TWITTER_URL", "https://twitter.com/owasp")
TWITTER_URL = os.environ.get("TWITTER_URL", "https://twitter.com/owasp_blt")
GITHUB_URL = os.environ.get("GITHUB_URL", "https://github.com/OWASP/BLT")
EXTENSION_URL = os.environ.get("EXTENSION_URL", "https://github.com/OWASP/BLT")
EXTENSION_URL = os.environ.get("EXTENSION_URL", "https://github.com/OWASP/BLT-Extension")

ADMINS = (("Admin", DEFAULT_FROM_EMAIL),)

# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/1.8/howto/deployment/checklist/

# SECURITY WARNING: change this before deploying to production!
SECRET_KEY = "i+acxn5(akgsn!sr4^qgf(^m&*@+g1@u^t@=8s@axc41ml*f=s"

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
TESTING = sys.argv[1:2] == ["test"]

SITE_ID = 1
# Application definition

# Scout settings
SCOUT_MONITOR = True
SCOUT_KEY = os.environ.get("SCOUT_KEY")
SCOUT_NAME = PROJECT_NAME


INSTALLED_APPS = (
"scout_apm.django",
"django.contrib.admin",
"django.contrib.auth",
"django.contrib.contenttypes",
Expand All @@ -95,11 +82,8 @@
"rest_framework",
"django_filters",
"rest_framework.authtoken",
# "django_cron",
"mdeditor",
# "bootstrap_datepicker_plus",
"tz_detect",
# "tellme",
"star_ratings",
"drf_yasg",
"captcha",
Expand Down Expand Up @@ -187,34 +171,12 @@
"allauth.account.auth_backends.AuthenticationBackend",
)

# SESSION_ENGINE = 'django.contrib.sessions.backends.cached_db'

# CACHES = {
# 'default': {
# 'BACKEND': 'django.core.cache.backends.db.DatabaseCache',
# 'LOCATION': 'cache_table',
# }
# }


REST_AUTH = {"SESSION_LOGIN": False}
CONN_MAX_AGE = None

WSGI_APPLICATION = "blt.wsgi.application"

# Database
# https://docs.djangoproject.com/en/1.9/ref/settings/#databases

DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": os.path.join(BASE_DIR, "db.sqlite3"),
}
}

# Password validation
# https://docs.djangoproject.com/en/1.9/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
{
"NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
Expand All @@ -230,8 +192,6 @@
},
]

# Internationalization
# https://docs.djangoproject.com/en/1.8/topics/i18n/

LANGUAGE_CODE = "en-us"
TIME_ZONE = "UTC"
Expand All @@ -253,22 +213,17 @@

MEDIA_ROOT = "media"
MEDIA_URL = "/media/"
# Update database configuration with $DATABASE_URL.
db_from_env = dj_database_url.config(conn_max_age=500)
DATABASES["default"].update(db_from_env)


EMAIL_HOST = "localhost"
EMAIL_PORT = 1025
# python -m smtpd -n -c DebuggingServer localhost:1025
# if DEBUG:
# EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'


REPORT_EMAIL = os.environ.get("REPORT_EMAIL", "blank")
REPORT_EMAIL_PASSWORD = os.environ.get("REPORT_PASSWORD", "blank")

# these settings are only for production / Heroku
if "DYNO" in os.environ:
print("database url detected in settings")
if "DYNO" in os.environ: # for Heroku
DEBUG = False
EMAIL_HOST = "smtp.sendgrid.net"
EMAIL_HOST_USER = os.environ.get("SENDGRID_USERNAME", "blank")
Expand All @@ -278,26 +233,11 @@
if not TESTING:
SECURE_SSL_REDIRECT = True

import logging
# import logging

logging.basicConfig(level=logging.DEBUG)
# GS_ACCESS_KEY_ID = os.environ.get("GS_ACCESS_KEY_ID", "blank")
# GS_SECRET_ACCESS_KEY = os.environ.get("GS_SECRET_ACCESS_KEY", "blank")
# GOOGLE_APPLICATION_CREDENTIALS = "/app/google-credentials.json"
# logging.basicConfig(level=logging.DEBUG)

GS_BUCKET_NAME = "bhfiles"
# DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage"

# GS_CREDENTIALS = None

# # Ensure credentials file is valid
# try:
# GS_CREDENTIALS = service_account.Credentials.from_service_account_file(
# GOOGLE_APPLICATION_CREDENTIALS
# )
# print("Google Cloud Storage credentials loaded successfully.")
# except Exception as e:
# print(f"Error loading Google Cloud Storage credentials: {e}")

GOOGLE_CREDENTIALS = os.getenv("GOOGLE_CREDENTIALS")

Expand Down Expand Up @@ -325,7 +265,6 @@
GS_QUERYSTRING_AUTH = False
GS_DEFAULT_ACL = None
MEDIA_URL = "https://bhfiles.storage.googleapis.com/"
# add debugging info for google storage

import sentry_sdk
from sentry_sdk.integrations.django import DjangoIntegration
Expand All @@ -349,24 +288,34 @@
},
}
DEFAULT_FILE_STORAGE = "storages.backends.gcloud.GoogleCloudStorage"
# DEFAULT_FILE_STORAGE = "django.core.files.storage.FileSystemStorage"
print("no database url detected in settings, using sqlite")
if not TESTING:
DEBUG = True

# local dev needs to set SMTP backend or fail at startup
if DEBUG:
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
# use this to debug emails locally
# python -m smtpd -n -c DebuggingServer localhost:1025
if DEBUG:
EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"

DATABASES = {
"default": {
"ENGINE": "django.db.backends.sqlite3",
"NAME": os.path.join(BASE_DIR, "db.sqlite3"),
}
}

if not db_from_env:
print("no database url detected in settings, using sqlite")
else:
print("using database url: ", db_from_env)
DATABASES["default"].update(db_from_env)


ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = True
ACCOUNT_EMAIL_VERIFICATION = "optional"

# Honor the 'X-Forwarded-Proto' header for request.is_secure()

SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")

# Allow all host headers
ALLOWED_HOSTS = [
"." + DOMAIN_NAME,
"127.0.0.1",
Expand All @@ -376,23 +325,16 @@
"." + DOMAIN_NAME_PREVIOUS,
]

# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/1.8/howto/static-files/

STATIC_ROOT = os.path.join(PROJECT_ROOT, "staticfiles")
STATIC_URL = "/static/"

# Extra places for collectstatic to find static files.
STATICFILES_DIRS = (os.path.join(BASE_DIR, "website", "static"),)

ABSOLUTE_URL_OVERRIDES = {
"auth.user": lambda u: "/profile/%s/" % u.username,
}

# Simplified static file serving.
# https://warehouse.python.org/project/whitenoise/
# STATICFILES_STORAGE = "whitenoise.storage.CompressedStaticFilesStorage"

LOGIN_REDIRECT_URL = "/"

LOGGING = {
Expand All @@ -413,6 +355,16 @@
},
},
}
# disable logging unless critical

# LOGGING = {
# "version": 1,
# "disable_existing_loggers": True, # Disable all existing loggers
# "handlers": {}, # No handlers defined
# "loggers": {}, # No loggers defined
# }


USERS_AVATAR_PATH = "avatars"
AVATAR_PATH = os.path.join(MEDIA_ROOT, USERS_AVATAR_PATH)

Expand Down Expand Up @@ -457,16 +409,24 @@
}
}
else:
# temp to check memory usage
CACHES = {
"default": {
"BACKEND": "django_redis.cache.RedisCache",
"LOCATION": os.environ.get("REDISCLOUD_URL"),
"OPTIONS": {
"CLIENT_CLASS": "django_redis.client.DefaultClient",
},
"BACKEND": "django.core.cache.backends.locmem.LocMemCache",
"LOCATION": "unique-snowflake",
}
}

# CACHES = {
# "default": {
# "BACKEND": "django_redis.cache.RedisCache",
# "LOCATION": os.environ.get("REDISCLOUD_URL"),
# "OPTIONS": {
# "CLIENT_CLASS": "django_redis.client.DefaultClient",
# },
# }
# }

if DEBUG or TESTING:
anon_throttle = 100000
user_throttle = 100000
Expand Down Expand Up @@ -579,37 +539,22 @@
"STRIPE_TEST_SECRET_KEY",
"sk_test_12345",
)
STRIPE_LIVE_MODE = False # Change to True in production

STRIPE_LIVE_MODE = False # TODO: remove stripe
DEFAULT_AUTO_FIELD = "django.db.models.AutoField"

# CALLBACK_URL_FOR_GITHUB = os.environ.get(
# "CALLBACK_URL_FOR_GITHUB", default="https://www." + DOMAIN_NAME +"/")

# CALLBACK_URL_FOR_GOOGLE = os.environ.get(
# "CALLBACK_URL_FOR_GOOGLE", default="https://www." + DOMAIN_NAME +"/")

# CALLBACK_URL_FOR_FACEBOOK = os.environ.get(
# "CALLBACK_URL_FOR_FACEBOOK", default="https://www." + DOMAIN_NAME +"/")


# allow captcha bypass during test
IS_TEST = False
if "test" in sys.argv:
CAPTCHA_TEST_MODE = True
IS_TEST = True


# Twitter

# Twitter API - we can remove these - update names to have twitter_x or bluesky_x
BEARER_TOKEN = os.environ.get("BEARER_TOKEN")
APP_KEY = os.environ.get("APP_KEY")
APP_KEY_SECRET = os.environ.get("APP_KEY_SECRET")
ACCESS_TOKEN = os.environ.get("ACCESS_TOKEN")
ACCESS_TOKEN_SECRET = os.environ.get("ACCESS_TOKEN_SECRET")

# USPTO

USPTO_API = os.environ.get("USPTO_API")


Expand All @@ -625,6 +570,7 @@
"BACKEND": "channels_redis.core.RedisChannelLayer",
"CONFIG": {
"hosts": [os.environ.get("REDISCLOUD_URL")],
# "hosts": [("127.0.0.1", 6379)],
},
},
}
Loading

0 comments on commit b251cee

Please sign in to comment.