Move sensitive information from settings.py to custom_settings.py, include distributable sample

Add .gitignore Add pip requirements file Change default password hasher to Argon
2020-03-23 15:14:44 +01:00 · 2020-03-23 15:14:44 +01:00 · f54d19a700
parent eb1dfb2f9b
commit f54d19a700
5 changed files with 36 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1,3 @@
+expephalon/custom_settings.py
+*.pyc
+__pycache__/
--- a/expephalon/custom_settings.dist.py
+++ b/expephalon/custom_settings.dist.py
@ -0,0 +1,18 @@
+# Secret Key: Replace this by a long random string. 
+# You can use django.core.management.utils.get_random_secret_key to generate one.
+
+SECRET_KEY = "changeme"
+
+# Database settings
+# This application is tested only with MariaDB/MySQL.
+# You will have to edit settings.py if you want to use Postgres, SQLite, etc.
+
+DB_HOST = "localhost"
+DB_PORT = 3306
+DB_USER = "expephalon"
+DB_PASS = "secret"
+DB_NAME = "expephalon"
+
+DEBUG = True
+
+ALLOWED_HOSTS = []
--- a/expephalon/settings.py
+++ b/expephalon/settings.py
@ -12,22 +12,11 @@ https://docs.djangoproject.com/en/3.0/ref/settings/

 import os

+from expephalon.custom_settings import * # pylint: disable=unused-wildcard-import
+
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))

-
-# Quick-start development settings - unsuitable for production
-# See https://docs.djangoproject.com/en/3.0/howto/deployment/checklist/
-
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = '!n5zzc)6p+f+!d4rs_n&+8na8j%ylc(8lu^%7)be6&@@aynf0!'
-
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
-
-ALLOWED_HOSTS = []
-
-
 # Application definition

 INSTALLED_APPS = [
@ -118,3 +107,13 @@ USE_TZ = True
 # https://docs.djangoproject.com/en/3.0/howto/static-files/

 STATIC_URL = '/static/'
+
+# Password hasher
+# https://docs.djangoproject.com/en/3.0/topics/auth/passwords/#how-django-stores-passwords
+
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.Argon2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+]
--- a/manage.py
+++ b/manage.py
@ -1,4 +1,4 @@
-#!/usr/bin/env python3
+#!/usr/bin/env python
 """Django's command-line utility for administrative tasks."""
 import os
 import sys
--- a/requirements.txt
+++ b/requirements.txt
@ -0,0 +1,2 @@
+django[argon2]
+mysqlclient