diff --git a/addons/aldryn-django/aldryn_config.py b/addons/aldryn-django/aldryn_config.py index df083f2..ce2e926 100644 --- a/addons/aldryn-django/aldryn_config.py +++ b/addons/aldryn-django/aldryn_config.py @@ -75,13 +75,20 @@ class Form(forms.BaseForm): initial=False, help_text=( 'For example, http://example.com/ rather than ' - 'http://example.com/en/ if en (English) is the default language. ' - 'If multiple languages are configured, this option will be ignored ' - 'for Django versions prior to 1.10.' + 'http://example.com/en/ if en (English) is the default language.' ) ) + session_timeout = forms.NumberField( + 'Timeout for users session, in seconds.', + required=False, + initial=(60 * 60 * 24 * 7 * 2), + help_text=( + 'By default it\'s two weeks (Django default).' + ), + ) def to_settings(self, data, settings): + import django_cache_url import dj_database_url import warnings from functools import partial @@ -117,6 +124,8 @@ class Form(forms.BaseForm): ), RuntimeWarning, ) + settings['DATABASES']['default'] = dj_database_url.parse(settings['DATABASE_URL']) + if not settings['CACHE_URL']: settings['CACHE_URL'] = 'locmem://' warnings.warn( @@ -125,11 +134,9 @@ class Form(forms.BaseForm): ), RuntimeWarning, ) - - settings['DATABASES']['default'] = dj_database_url.parse(settings['DATABASE_URL']) + settings['CACHES']['default'] = django_cache_url.parse(settings['CACHE_URL']) settings['ROOT_URLCONF'] = env('ROOT_URLCONF', 'urls') - settings['ADDON_URLS'].append('aldryn_django.urls') settings['ADDON_URLS_I18N'].append('aldryn_django.i18n_urls') settings['WSGI_APPLICATION'] = 'wsgi.application' @@ -159,13 +166,13 @@ class Form(forms.BaseForm): 'context_processors': [ 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', - 'django.core.context_processors.i18n', - 'django.core.context_processors.debug', - 'django.core.context_processors.request', - 'django.core.context_processors.media', - 'django.core.context_processors.csrf', - 'django.core.context_processors.tz', - 'django.core.context_processors.static', + 'django.template.context_processors.i18n', + 'django.template.context_processors.debug', + 'django.template.context_processors.request', + 'django.template.context_processors.media', + 'django.template.context_processors.csrf', + 'django.template.context_processors.tz', + 'django.template.context_processors.static', 'aldryn_django.context_processors.debug', ], 'loaders': loader_list_class([ @@ -205,7 +212,6 @@ class Form(forms.BaseForm): self.logging_settings(settings, env=env) # Order matters, sentry settings rely on logging being configured. self.sentry_settings(settings, env=env) - self.cache_settings(settings, env=env) self.storage_settings_for_media(settings, env=env) self.storage_settings_for_static(data, settings, env=env) self.email_settings(data, settings, env=env) @@ -275,6 +281,8 @@ class Form(forms.BaseForm): 'SECURE_PROXY_SSL_HEADER', ('HTTP_X_FORWARDED_PROTO', 'https') ) + s['SESSION_COOKIE_AGE'] = env('SESSION_COOKIE_AGE', data.get('session_timeout') or 60 * 60 * 24 * 7 * 2) + # SESSION_COOKIE_HTTPONLY and SECURE_FRAME_DENY must be False for CMS # SESSION_COOKIE_HTTPONLY is handled by # django.contrib.sessions.middleware.SessionMiddleware @@ -288,47 +296,11 @@ class Form(forms.BaseForm): 'django.middleware.security.SecurityMiddleware', ) - # Add the debreach middlewares to counter CRIME/BREACH attacks. - # We always add it even if the GZipMiddleware is not enabled because - # we cannot assume that every upstream proxy implements a - # countermeasure itself. - s['RANDOM_COMMENT_EXCLUDED_VIEWS'] = set([]) - if 'django.middleware.gzip.GZipMiddleware' in s['MIDDLEWARE_CLASSES']: - index = s['MIDDLEWARE_CLASSES'].index('django.middleware.gzip.GZipMiddleware') + 1 - else: - index = 0 - s['MIDDLEWARE_CLASSES'].insert(index, 'aldryn_django.middleware.RandomCommentExclusionMiddleware') - s['MIDDLEWARE_CLASSES'].insert(index, 'debreach.middleware.RandomCommentMiddleware') - if 'django.middleware.csrf.CsrfViewMiddleware' in s['MIDDLEWARE_CLASSES']: - s['MIDDLEWARE_CLASSES'].insert( - s['MIDDLEWARE_CLASSES'].index('django.middleware.csrf.CsrfViewMiddleware'), - 'debreach.middleware.CSRFCryptMiddleware', - ) - def server_settings(self, settings, env): settings['PORT'] = env('PORT', 80) settings['BACKEND_PORT'] = env('BACKEND_PORT', 8000) - settings['ENABLE_NGINX'] = env('ENABLE_NGINX', False) - settings['ENABLE_PAGESPEED'] = env( - 'ENABLE_PAGESPEED', - env('PAGESPEED', False), - ) settings['STATICFILES_DEFAULT_MAX_AGE'] = env( - 'STATICFILES_DEFAULT_MAX_AGE', - # Keep BROWSERCACHE_MAX_AGE for backwards compatibility - env('BROWSERCACHE_MAX_AGE', 300), - ) - settings['NGINX_CONF_PATH'] = env('NGINX_CONF_PATH') - settings['NGINX_PROCFILE_PATH'] = env('NGINX_PROCFILE_PATH') - settings['PAGESPEED_ADMIN_HTPASSWD_PATH'] = env( - 'PAGESPEED_ADMIN_HTPASSWD_PATH', - os.path.join( - os.path.dirname(settings['NGINX_CONF_PATH']), - 'pagespeed_admin.htpasswd', - ) - ) - settings['PAGESPEED_ADMIN_USER'] = env('PAGESPEED_ADMIN_USER') - settings['PAGESPEED_ADMIN_PASSWORD'] = env('PAGESPEED_ADMIN_PASSWORD') + 'STATICFILES_DEFAULT_MAX_AGE', 300) settings['DJANGO_WEB_WORKERS'] = env('DJANGO_WEB_WORKERS', 3) settings['DJANGO_WEB_MAX_REQUESTS'] = env('DJANGO_WEB_MAX_REQUESTS', 500) settings['DJANGO_WEB_TIMEOUT'] = env('DJANGO_WEB_TIMEOUT', 120) @@ -387,18 +359,16 @@ class Form(forms.BaseForm): if sentry_dsn: settings['INSTALLED_APPS'].append('raven.contrib.django') - settings['RAVEN_CONFIG'] = {'dsn': sentry_dsn} + settings['RAVEN_CONFIG'] = { + 'dsn': sentry_dsn, + 'release': env('GIT_COMMIT', 'develop'), + 'environment': env('STAGE', 'local'), + } settings['LOGGING']['handlers']['sentry'] = { 'level': 'ERROR', 'class': 'raven.contrib.django.raven_compat.handlers.SentryHandler', } - def cache_settings(self, settings, env): - import django_cache_url - cache_url = env('CACHE_URL') - if cache_url: - settings['CACHES']['default'] = django_cache_url.parse(cache_url) - def storage_settings_for_media(self, settings, env): import yurl from aldryn_django.storage import parse_storage_url @@ -497,23 +467,36 @@ class Form(forms.BaseForm): def i18n_settings(self, data, settings, env): settings['ALL_LANGUAGES'] = list(settings['LANGUAGES']) settings['ALL_LANGUAGES_DICT'] = dict(settings['ALL_LANGUAGES']) - languages = [ - (code, settings['ALL_LANGUAGES_DICT'][code]) - for code in json.loads(data['languages']) - ] - settings['LANGUAGE_CODE'] = languages[0][0] + settings['USE_L10N'] = True settings['USE_I18N'] = True - settings['LANGUAGES'] = languages + + def language_codes_to_tuple(codes): + return [ + (code, settings['ALL_LANGUAGES_DICT'][code]) + for code in codes + ] + langs_from_env = env('LANGUAGES', None) + lang_codes_from_env = env('LANGUAGE_CODES', None) + langs_from_form = json.loads(data['languages']) + + if langs_from_env: + settings['LANGUAGES'] = langs_from_env + elif lang_codes_from_env: + settings['LANGUAGES'] = language_codes_to_tuple(lang_codes_from_env) + else: + settings['LANGUAGES'] = language_codes_to_tuple(langs_from_form) + + lang_code_from_env = env('LANGUAGE_CODE', None) + if lang_code_from_env: + settings['LANGUAGE_CODE'] = lang_code_from_env + else: + settings['LANGUAGE_CODE'] = settings['LANGUAGES'][0][0] + settings['LOCALE_PATHS'] = [ os.path.join(settings['BASE_DIR'], 'locale'), ] - - if len(languages) <= 1: - settings['PREFIX_DEFAULT_LANGUAGE'] = not data['disable_default_language_prefix'] - else: - # this is not supported for django versions < 1.10 - settings['PREFIX_DEFAULT_LANGUAGE'] = True + settings['PREFIX_DEFAULT_LANGUAGE'] = not data['disable_default_language_prefix'] if not settings['PREFIX_DEFAULT_LANGUAGE']: settings['MIDDLEWARE_CLASSES'].insert( diff --git a/addons/aldryn-django/settings.json b/addons/aldryn-django/settings.json index 6cd39b0..bce322c 100644 --- a/addons/aldryn-django/settings.json +++ b/addons/aldryn-django/settings.json @@ -2,5 +2,6 @@ "disable_default_language_prefix": false, "enable_gis": false, "languages": "[\"de\", \"en\"]", - "use_manifeststaticfilesstorage": false + "session_timeout": "", + "use_manifeststaticfilesstorage": true } \ No newline at end of file diff --git a/requirements.in b/requirements.in index e36e99b..a4bba8c 100644 --- a/requirements.in +++ b/requirements.in @@ -1,6 +1,6 @@ # # Warning: text inside the INSTALLED_ADDONS tags is auto-generated. Manual changes will be overwritten. https://control.divio.com/api/v1/apps/serve/aldryn-addons/1.0.2/24f5d1c8-66fe-43b2-a540-17d61045a72b/aldryn-addons-1.0.2.tar.gz#egg=aldryn-addons==1.0.2 -https://control.divio.com/api/v1/apps/serve/aldryn-django/1.9.13.1/f3389226-8772-45a9-9d46-03b304ec1352/aldryn-django-1.9.13.1.tar.gz#egg=aldryn-django==1.9.13.1 +https://control.divio.com/api/v1/apps/serve/aldryn-django/1.11.11.1/002e1533-c0b2-41c6-9384-60594e7afeed/aldryn-django-1.11.11.1.tar.gz#egg=aldryn-django==1.11.11.1 https://control.divio.com/api/v1/apps/serve/aldryn-sso/1.1.16/dbe0c45a-c981-4beb-8624-b0d2c4196aa0/aldryn-sso-1.1.16.tar.gz#egg=aldryn-sso==1.1.16 https://control.divio.com/api/v1/apps/serve/aldryn-django-cms/3.5.0.2/e147b9a0-c31c-4136-b1db-417c5ffc7193/aldryn-django-cms-3.5.0.2.tar.gz#egg=aldryn-django-cms==3.5.0.2 https://control.divio.com/api/v1/apps/serve/aldryn-forms/2.2.8/fbefab76-74bf-445a-8288-7937b5750aa4/aldryn-forms-2.2.8.tar.gz#egg=aldryn-forms==2.2.8