nofusscomputing/centurion_erp
1
0
Fork 0
Code Issues Wiki Activity

feat(base): build CSRF trusted origins from configuration

Browse Source 
!20
This commit is contained in:
Jon Lockwood
2024-06-07 20:36:59 +09:30
parent 3b743a847c
commit d8d75c7db0
2 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
app/app/settings.py
View File

@ -33,11 +33,13 @@ SECRET_KEY = 'django-insecure-b*41-$afq0yl)1e#qpz^-nbt-opvjwb#avv++b9rfdxa@b55sk
# #
# Defaults # Defaults
# #
ALLOWED_HOSTS = [ '*' ] # Site host to serve
DEBUG = False # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False # SECURITY WARNING: don't run with debug turned on in production!
SITE_URL = 'http://127.0.0.1' # domain with HTTP method for the sites URL
SSO_ENABLED = False # Enable SSO SSO_ENABLED = False # Enable SSO
SSO_LOGIN_ONLY_BACKEND = None # Use specified SSO backend as the ONLY method to login. (builting login form will not be used) SSO_LOGIN_ONLY_BACKEND = None # Use specified SSO backend as the ONLY method to login. (builting login form will not be used)
TRUSTED_ORIGINS = [] # list of trusted domains for CSRF
ALLOWED_HOSTS = [ '*' ]
# Application definition # Application definition
@ -225,6 +227,9 @@ if API_ENABLED:
DATETIME_FORMAT = 'j N Y H:i:s' DATETIME_FORMAT = 'j N Y H:i:s'
#
# Load user settings files
#
if os.path.isdir(SETTINGS_DIR): if os.path.isdir(SETTINGS_DIR):
settings_files = os.path.join(SETTINGS_DIR, '*.py') settings_files = os.path.join(SETTINGS_DIR, '*.py')
@ -237,6 +242,11 @@ AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend', 'django.contrib.auth.backends.ModelBackend',
) )
CSRF_TRUSTED_ORIGINS = [
SITE_URL,
*TRUSTED_ORIGINS
]
if DEBUG: if DEBUG:
INSTALLED_APPS += [ INSTALLED_APPS += [
'debug_toolbar', 'debug_toolbar',

11
docs/projects/django-template/configuration.md
View File

@ -9,6 +9,11 @@ about: https://gitlab.com/nofusscomputing/infrastructure/configuration-managemen
This page details the configuration for setting up the application. This page details the configuration for setting up the application.
## Config file
Configuration for this application is stored within a python file `.py` in directory `/etc/istm/`. Any python file placed within this directory will be dynamically loaded at runtime. It's important to ensure that the file remains a valid python file. Failing to do so will prevent the application from restarting.
## Single Sign-On ## Single Sign-On
- `SSO_ENABLED`, boolean - `SSO_ENABLED`, boolean
@ -43,13 +48,17 @@ SOCIAL_AUTH_OIDC_SECRET = '<client secret>'
``` ```
## Available Settings ## Available Configuration Settings
Below are the available configuration values along with their default value. Below are the available configuration values along with their default value.
``` py ``` py
ALLOWED_HOSTS = [ '*' ]
DEBUG = False # SECURITY WARNING: don't run with debug turned on in production! DEBUG = False # SECURITY WARNING: don't run with debug turned on in production!
SITE_URL = 'http://127.0.0.1' # domain with HTTP method for the URL to access the site
SSO_ENABLED = False # Enable SSO SSO_ENABLED = False # Enable SSO
SSO_LOGIN_ONLY_BACKEND = None # Use specified SSO backend as the ONLY method to login. (builting login form will not be used)
TRUSTED_ORIGINS = [] # list of trusted domains for CSRF
``` ```