web_framework: Separate out Django settings into module

This allows for many cases of having to deal with Django objects such as models. - Allows all modules including ones with models to be imported by Sphinx. - Run most of the management commands using django-admin. - Make it simpler to import all modules on REPL interactive Python shells. Does not change any of the settings that we are passing to Django for configuration. Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2026-01-21 07:55:00 +00:00 · 2020-02-11 20:59:02 -08:00 · 2020-02-11 20:59:02 -08:00 · 837e8fc6e1
commit 837e8fc6e1
parent 60d997b15a
2 changed files with 207 additions and 126 deletions
--- a/plinth/settings.py
+++ b/plinth/settings.py
@ -0,0 +1,184 @@
+#
+# This file is part of FreedomBox.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as
+# published by the Free Software Foundation, either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+"""
+Basic settings for Django web framework.
+
+During initialization of the service, these settings are overridden before
+Django is initialized. However, this file has been written in this format to
+let Django initialization easier in other situations such as test cases,
+documentation generation, debugging etc.
+
+See: https://docs.djangoproject.com/en/dev/ref/settings/
+
+"""
+
+ALLOWED_HOSTS = ['*']
+
+_pwd = 'django.contrib.auth.password_validation'
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        'NAME': '{}.UserAttributeSimilarityValidator'.format(_pwd),
+    },
+    {
+        'NAME': '{}.MinimumLengthValidator'.format(_pwd),
+        'OPTIONS': {
+            'min_length': 8,
+        }
+    },
+    {
+        'NAME': '{}.CommonPasswordValidator'.format(_pwd),
+    },
+    {
+        'NAME': '{}.NumericPasswordValidator'.format(_pwd),
+    },
+]
+
+AXES_LOCKOUT_URL = 'locked/'
+
+AXES_RESET_ON_SUCCESS = True  # Only used with axes >= 4.4.3
+
+CACHES = {
+    'default': {
+        'BACKEND': 'django.core.cache.backends.dummy.DummyCache'
+    }
+}
+
+CAPTCHA_FONT_PATH = ['/usr/share/fonts/truetype/ttf-bitstream-vera/Vera.ttf']
+
+CAPTCHA_LENGTH = 6
+
+CAPTCHA_FLITE_PATH = '/usr/bin/flite'
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        # Overridden based on the configuration key store_file
+        'NAME': '/var/lib/plinth/plinth.sqlite3'
+    }
+}
+
+# Overridden based on command line argument --develop
+DEBUG = False
+
+# Overridden based on the configuration key server_dir
+FORCE_SCRIPT_NAME = '/plinth'
+
+# FreedomBox apps are appended to this list
+INSTALLED_APPS = [
+    'axes',
+    'captcha',
+    'bootstrapform',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.messages',
+    'stronghold',
+    'plinth',
+]
+
+# Overridden based on configuration key use_x_forwarded_host
+IPWARE_META_PRECEDENCE_ORDER = ('REMOTE_ADDR', )
+
+# Overridden by get_languages()
+LANGUAGES = [('en', 'English')]
+
+# Overridden by log configuration in log.py
+LOGGING = {'version': 1}
+
+LOGIN_URL = 'users:login'
+
+LOGIN_REDIRECT_URL = 'index'
+
+# Overridden before initialization
+MESSAGE_TAGS = {}
+
+MIDDLEWARE = (
+    'django.middleware.security.SecurityMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.locale.LocaleMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'stronghold.middleware.LoginRequiredMiddleware',
+    'plinth.middleware.AdminRequiredMiddleware',
+    'plinth.middleware.FirstSetupMiddleware',
+    'plinth.modules.first_boot.middleware.FirstBootMiddleware',
+    'plinth.middleware.SetupMiddleware',
+)
+
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.Argon2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+]
+
+ROOT_URLCONF = 'plinth.urls'
+
+SECURE_BROWSER_XSS_FILTER = True
+
+SECURE_CONTENT_TYPE_NOSNIFF = True
+
+# Overridden based configuration key secure_proxy_ssl_header
+SECURE_PROXY_SSL_HEADER = None
+
+SESSION_ENGINE = 'django.contrib.sessions.backends.file'
+
+SESSION_FILE_PATH = '/var/lib/plinth/sessions'
+
+# Overridden based on configuration key server_dir
+STATIC_URL = '/plinth/static/'
+
+# STRONGHOLD_PUBLIC_URLS=(r'^captcha/', )
+
+STRONGHOLD_PUBLIC_NAMED_URLS = (
+    'captcha-image',
+    'captcha-image-2x',
+    'captcha-audio',
+    'captcha-refresh',
+)
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.contrib.auth.context_processors.auth',
+                'django.template.context_processors.debug',
+                'django.template.context_processors.i18n',
+                'django.template.context_processors.media',
+                'django.template.context_processors.request',
+                'django.template.context_processors.static',
+                'django.template.context_processors.tz',
+                'django.contrib.messages.context_processors.messages',
+                'plinth.context_processors.common',
+            ],
+        },
+    },
+]
+
+TIME_ZONE = 'UTC'
+
+USE_L10N = True
+
+USE_TZ = True
+
+# Overridden by configuration setting use_x_forwarded_host
+USE_X_FORWARDED_HOST = False
--- a/plinth/web_framework.py
+++ b/plinth/web_framework.py
@ -13,145 +13,42 @@ import django.core.wsgi
 from django.conf import global_settings
 from django.contrib.messages import constants as message_constants

-from . import cfg, log, module_loader
+from . import cfg, log, module_loader, settings

 logger = logging.getLogger(__name__)


 def init():
    """Setup Django configuration in the absence of .settings file"""
-    templates = [
-        {
-            'BACKEND': 'django.template.backends.django.DjangoTemplates',
-            'APP_DIRS': True,
-            'OPTIONS': {
-                'context_processors': [
-                    'django.contrib.auth.context_processors.auth',
-                    'django.template.context_processors.debug',
-                    'django.template.context_processors.i18n',
-                    'django.template.context_processors.media',
-                    'django.template.context_processors.request',
-                    'django.template.context_processors.static',
-                    'django.template.context_processors.tz',
-                    'django.contrib.messages.context_processors.messages',
-                    'plinth.context_processors.common',
-                ],
-            },
-        },
-    ]
-
-    applications = [
-        'axes',
-        'captcha',
-        'bootstrapform',
-        'django.contrib.auth',
-        'django.contrib.contenttypes',
-        'django.contrib.messages',
-        'stronghold',
-        'plinth',
-    ]
-    applications += module_loader.get_modules_to_load()
-    sessions_directory = os.path.join(cfg.data_dir, 'sessions')
-
-    secure_proxy_ssl_header = None
    if cfg.secure_proxy_ssl_header:
-        secure_proxy_ssl_header = (cfg.secure_proxy_ssl_header, 'https')
+        settings.SECURE_PROXY_SSL_HEADER = (cfg.secure_proxy_ssl_header,
+                                            'https')

-    ipware_meta_precedence_order = ('REMOTE_ADDR', )
    if cfg.use_x_forwarded_for:
-        ipware_meta_precedence_order = ('HTTP_X_FORWARDED_FOR', )
+        settings.IPWARE_META_PRECEDENCE_ORDER = ('HTTP_X_FORWARDED_FOR', )

-    pwd = 'django.contrib.auth.password_validation'
+    settings.DATABASES['default']['NAME'] = cfg.store_file
+    settings.DEBUG = cfg.develop
+    settings.FORCE_SCRIPT_NAME = cfg.server_dir
+    settings.INSTALLED_APPS += module_loader.get_modules_to_load()
+    settings.LANGUAGES = get_languages()
+    settings.LOGGING = log.get_configuration()
+    settings.MESSAGE_TAGS = {message_constants.ERROR: 'danger'}
+    settings.SESSION_FILE_PATH = os.path.join(cfg.data_dir, 'sessions')
+    settings.STATIC_URL = '/'.join([cfg.server_dir,
+                                    'static/']).replace('//', '/')
+    settings.USE_X_FORWARDED_HOST = cfg.use_x_forwarded_host

-    django.conf.settings.configure(
-        ALLOWED_HOSTS=['*'],
-        AUTH_PASSWORD_VALIDATORS=[
-            {
-                'NAME': '{}.UserAttributeSimilarityValidator'.format(pwd),
-            },
-            {
-                'NAME': '{}.MinimumLengthValidator'.format(pwd),
-                'OPTIONS': {
-                    'min_length': 8,
-                }
-            },
-            {
-                'NAME': '{}.CommonPasswordValidator'.format(pwd),
-            },
-            {
-                'NAME': '{}.NumericPasswordValidator'.format(pwd),
-            },
-        ],
-        AXES_LOCKOUT_URL='locked/',
-        AXES_RESET_ON_SUCCESS=True,  # Only used with axes >= 4.4.3
-        CACHES={
-            'default': {
-                'BACKEND': 'django.core.cache.backends.dummy.DummyCache'
-            }
-        },
-        CAPTCHA_FONT_PATH=[
-            '/usr/share/fonts/truetype/ttf-bitstream-vera/Vera.ttf'
-        ],
-        CAPTCHA_LENGTH=6,
-        CAPTCHA_FLITE_PATH='/usr/bin/flite',
-        DATABASES={
-            'default': {
-                'ENGINE': 'django.db.backends.sqlite3',
-                'NAME': cfg.store_file
-            }
-        },
-        DEBUG=cfg.develop,
-        FORCE_SCRIPT_NAME=cfg.server_dir,
-        INSTALLED_APPS=applications,
-        IPWARE_META_PRECEDENCE_ORDER=ipware_meta_precedence_order,
-        LANGUAGES=get_languages(),
-        LOGGING=log.get_configuration(),
-        LOGIN_URL='users:login',
-        LOGIN_REDIRECT_URL='index',
-        MESSAGE_TAGS={message_constants.ERROR: 'danger'},
-        MIDDLEWARE=(
-            'django.middleware.security.SecurityMiddleware',
-            'django.contrib.sessions.middleware.SessionMiddleware',
-            'django.middleware.locale.LocaleMiddleware',
-            'django.middleware.common.CommonMiddleware',
-            'django.middleware.csrf.CsrfViewMiddleware',
-            'django.contrib.auth.middleware.AuthenticationMiddleware',
-            'django.contrib.messages.middleware.MessageMiddleware',
-            'django.middleware.clickjacking.XFrameOptionsMiddleware',
-            'stronghold.middleware.LoginRequiredMiddleware',
-            'plinth.middleware.AdminRequiredMiddleware',
-            'plinth.middleware.FirstSetupMiddleware',
-            'plinth.modules.first_boot.middleware.FirstBootMiddleware',
-            'plinth.middleware.SetupMiddleware',
-        ),
-        PASSWORD_HASHERS=[
-            'django.contrib.auth.hashers.Argon2PasswordHasher',
-            'django.contrib.auth.hashers.PBKDF2PasswordHasher',
-            'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
-            'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
-        ],
-        ROOT_URLCONF='plinth.urls',
-        SECURE_BROWSER_XSS_FILTER=True,
-        SECURE_CONTENT_TYPE_NOSNIFF=True,
-        SECURE_PROXY_SSL_HEADER=secure_proxy_ssl_header,
-        SESSION_ENGINE='django.contrib.sessions.backends.file',
-        SESSION_FILE_PATH=sessions_directory,
-        STATIC_URL='/'.join([cfg.server_dir, 'static/']).replace('//', '/'),
-        # STRONGHOLD_PUBLIC_URLS=(r'^captcha/', ),
-        STRONGHOLD_PUBLIC_NAMED_URLS=(
-            'captcha-image',
-            'captcha-image-2x',
-            'captcha-audio',
-            'captcha-refresh',
-        ),
-        TEMPLATES=templates,
-        TIME_ZONE='UTC',
-        USE_L10N=True,
-        USE_TZ=True,
-        USE_X_FORWARDED_HOST=cfg.use_x_forwarded_host)
+    kwargs = {}
+    for setting in dir(settings):
+        if setting.isupper():
+            kwargs[setting] = getattr(settings, setting)
+
+    django.conf.settings.configure(**kwargs)
    django.setup(set_prefix=True)

-    logger.debug('Configured Django with applications - %s', applications)
+    logger.debug('Configured Django with applications - %s',
+                 settings.INSTALLED_APPS)

    logger.debug('Creating or adding new tables to data file')
    verbosity = 1 if cfg.develop else 0