fureunoir/schon
fureunoir/schon
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
schon/schon/settings/constance.py
Egor fureunoir Gorbunov adec5503b2 feat(core/auth): enable encryption for sensitive fields and token handling 
Add encryption for user PII fields (phone number, name, attributes) and address fields to enhance data security. Introduced timestamped activation tokens for improved validation. Included migrations to encrypt existing plaintext data.

Refactored GraphQL settings to limit query depth and optionally disable introspection for enhanced API defense. Implemented throttling to safeguard API rates.

Improved Dockerfiles for better user management and restored media migration tools for smooth instance upgrades.
2026-03-02 00:11:57 +03:00

204 lines
6 KiB
Python
Raw Blame History

from collections import OrderedDict
from os import getenv
from django.utils.translation import gettext_noop as _
from unfold.contrib.constance.settings import UNFOLD_CONSTANCE_ADDITIONAL_FIELDS
CONSTANCE_BACKEND = "constance.backends.database.DatabaseBackend"
CONSTANCE_SUPERUSER_ONLY = False
CONSTANCE_ADDITIONAL_FIELDS = {
**UNFOLD_CONSTANCE_ADDITIONAL_FIELDS,
"json": [
"django.forms.fields.JSONField",
{
"required": False,
"widget": "engine.core.widgets.JSONTableWidget",
},
],
"password": [
"django.forms.CharField",
{
"required": False,
"widget": "django.forms.PasswordInput",
"widget_attrs": {"render_value": True},
},
],
}
CONSTANCE_CONFIG = OrderedDict(
[
### Legal Options ###
("COMPANY_NAME", (getenv("COMPANY_NAME"), _("Name of the company"))),
("COMPANY_ADDRESS", (getenv("COMPANY_ADDRESS"), _("Address of the company"))),
(
"COMPANY_PHONE_NUMBER",
(getenv("COMPANY_PHONE_NUMBER"), _("Phone number of the company")),
),
(
"TAX_RATE",
(
0,
_(
"Tax rate in jurisdiction of your company. Leave 0 if you don't want to process taxes."
),
),
),
(
"TAX_INCLUDED",
(
True,
_(
"Shows if the taxes are already included in product's selling prices"
),
),
),
(
"EXCHANGE_RATE_API_KEY",
(
getenv("EXCHANGE_RATE_API_KEY", "example token"),
_("Exchange rate API key"),
),
),
### Email Options ###
(
"EMAIL_BACKEND",
("django.core.mail.backends.smtp.EmailBackend", _("!!!DO NOT CHANGE!!!")),
),
("EMAIL_HOST", (getenv("EMAIL_HOST", "smtp.404.org"), _("SMTP host"))),
("EMAIL_PORT", (int(getenv("EMAIL_PORT", "465")), _("SMTP port"))),
("EMAIL_USE_TLS", (bool(int(getenv("EMAIL_USE_TLS", 0))), _("Use TLS"))),
("EMAIL_USE_SSL", (bool(int(getenv("EMAIL_USE_SSL", 1))), _("Use SSL"))),
(
"EMAIL_HOST_USER",
(getenv("EMAIL_HOST_USER", "no-user@fix.this"), _("SMTP username")),
),
(
"EMAIL_HOST_PASSWORD",
(
getenv("EMAIL_HOST_PASSWORD", "SUPERsecretPASSWORD"),
_("SMTP password"),
"password",
),
),
("EMAIL_FROM", (getenv("EMAIL_FROM", "Schon"), _("Mail from option"))),
### Features Options ###
(
"EXPORT_TO_MARKETPLACES",
(
"",
_(
"Export products to specified marketplaces. Comma-separated list from <yandex_products/yandex_market/amazon_seller/google_merchant>"
),
),
),
(
"DAYS_TO_STORE_ANON_MSGS",
(1, _("How many days we store messages from anonymous users")),
),
(
"DAYS_TO_STORE_AUTH_MSGS",
(365, _("How many days we store messages from authenticated users")),
),
(
"DISABLED_COMMERCE",
(getenv("DISABLED_COMMERCE", False), _("Disable buy functionality")),
),
(
"NOMINATIM_URL",
(getenv("NOMINATIM_URL", ""), _("OpenStreetMap Nominatim API URL")),
),
(
"OPENAI_API_KEY",
(getenv("OPENAI_API_KEY", "example key"), _("OpenAI API Key")),
),
(
"ABSTRACT_API_KEY",
(getenv("ABSTRACT_API_KEY", "example key"), _("Abstract API Key")),
),
(
"HTTP_PROXY",
(
getenv(
"DJANGO_HTTP_PROXY", "http://username:password@proxy_address:port"
),
_("HTTP Proxy"),
),
),
### SEO Options ###
(
"ADVERTSIMENT",
(
getenv("SCHON_ADVERTISIMENT", ""),
_("An entity for storing advertisiment data"),
"json",
),
),
(
"ANALYTICS",
(
getenv("SCHON_ANALYTICS", ""),
_("An entity for storing analytics data"),
"json",
),
),
### System Options ###
("SAVE_VENDORS_RESPONSES", (False, _("Save responses from vendors' APIs"))),
("BACKUP_DATABASE", (True, _("Backup database"))),
("BACKUP_MEDIA", (False, _("Backup media"))),
]
)
CONSTANCE_CONFIG_FIELDSETS = OrderedDict(
{
_("Legal Options"): (
"COMPANY_NAME",
"COMPANY_ADDRESS",
"COMPANY_PHONE_NUMBER",
"TAX_RATE",
"TAX_INCLUDED",
"EXCHANGE_RATE_API_KEY",
),
_("Email Options"): (
"EMAIL_BACKEND",
"EMAIL_HOST",
"EMAIL_PORT",
"EMAIL_USE_TLS",
"EMAIL_USE_SSL",
"EMAIL_HOST_USER",
"EMAIL_HOST_PASSWORD",
"EMAIL_FROM",
),
_("Features Options"): (
"EXPORT_TO_MARKETPLACES",
"DAYS_TO_STORE_ANON_MSGS",
"DAYS_TO_STORE_AUTH_MSGS",
"DISABLED_COMMERCE",
"NOMINATIM_URL",
"OPENAI_API_KEY",
"ABSTRACT_API_KEY",
"HTTP_PROXY",
),
_("SEO Options"): (
"ADVERTSIMENT",
"ANALYTICS",
),
_("System Options"): (
"SAVE_VENDORS_RESPONSES",
"BACKUP_DATABASE",
"BACKUP_MEDIA",
),
}
)
EXPOSABLE_KEYS = [
"COMPANY_NAME",
"COMPANY_ADDRESS",
"COMPANY_PHONE_NUMBER",
"EMAIL_HOST_USER",
"EMAIL_FROM",
"DAYS_TO_STORE_ANON_MSGS",
"DAYS_TO_STORE_AUTH_MSGS",
"ADVERTSIMENT",
"ANALYTICS",
]
Reference in a new issue View git blame Copy permalink