summaryrefslogtreecommitdiff
path: root/food_project/settings.py
diff options
context:
space:
mode:
Diffstat (limited to 'food_project/settings.py')
-rw-r--r--food_project/settings.py25
1 files changed, 23 insertions, 2 deletions
diff --git a/food_project/settings.py b/food_project/settings.py
index 05035af..96dcfd0 100644
--- a/food_project/settings.py
+++ b/food_project/settings.py
@@ -10,6 +10,7 @@ For the full list of settings and their values, see
https://docs.djangoproject.com/en/5.2/ref/settings/
"""
+import os
from pathlib import Path
# Build paths inside the project like this: BASE_DIR / 'subdir'.
@@ -20,10 +21,16 @@ BASE_DIR = Path(__file__).resolve().parent.parent
# See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-4v$$nwxx6)+2yz%$8c@+kocm#op1cjm*688np#)z$b_6crvub*'
+# Set DJANGO_SECRET_KEY in the environment for production; the literal below is
+# only a development fallback.
+SECRET_KEY = os.environ.get(
+ "DJANGO_SECRET_KEY",
+ "django-insecure-4v$$nwxx6)+2yz%$8c@+kocm#op1cjm*688np#)z$b_6crvub*",
+)
# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+# Off by default (prod-safe); set DJANGO_DEBUG=1 for local development.
+DEBUG = os.environ.get("DJANGO_DEBUG", "0") == "1"
ALLOWED_HOSTS = ['localhost', '127.0.0.1', 'food.jihakuz.xyz', 'food.tomflux.xyz']
@@ -60,6 +67,7 @@ MIDDLEWARE = [
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
+ 'kitchen.middleware.AppLoginRequiredMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
@@ -141,3 +149,16 @@ STORAGES = {
# https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+
+# --- Auth / sessions ---
+# Goal: log in once, then effectively never again on that device.
+# A long cookie age + sliding expiry (re-saved each request) means an active
+# user stays logged in indefinitely.
+SESSION_COOKIE_AGE = 60 * 60 * 24 * 365 # ~1 year, in seconds
+SESSION_EXPIRE_AT_BROWSER_CLOSE = False
+SESSION_SAVE_EVERY_REQUEST = True
+
+LOGIN_URL = 'login'
+LOGIN_REDIRECT_URL = 'app-pantry'
+LOGOUT_REDIRECT_URL = 'login'