config/settings.py

from datetime import timedelta
from pathlib import Path

import environ

BASE_DIR = Path(__file__).resolve().parent.parent

env = environ.Env(
    DEBUG=(bool, False),
)
environ.Env.read_env(BASE_DIR / '.env')

SECRET_KEY = env('SECRET_KEY')
DEBUG = env('DEBUG')
ALLOWED_HOSTS = env.list('ALLOWED_HOSTS', default=['*'])

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.sites',
    # Third-party
    'rest_framework',
    'rest_framework.authtoken',
    'rest_framework_simplejwt.token_blacklist',
    'django_filters',
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    'allauth.socialaccount.providers.google',
    'allauth.socialaccount.providers.apple',
    'dj_rest_auth',
    'dj_rest_auth.registration',
    # Local
    'apps.users',
    'apps.gears',
    'apps.tools',
    'apps.photos',
    'apps.sessions',
    'apps.calibers',
    'apps.social',
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.locale.LocaleMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'allauth.account.middleware.AccountMiddleware',
]

ROOT_URLCONF = 'config.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
            ],
        },
    },
]

WSGI_APPLICATION = 'config.wsgi.application'

DATABASES = {
    'default': env.db(
        'DATABASE_URL',
        default='postgresql://shooter:shooter_secret@db:5432/shooter_hub',
    )
}

AUTH_USER_MODEL = 'users.User'

AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'allauth.account.auth_backends.AuthenticationBackend',
]

AUTH_PASSWORD_VALIDATORS = [
    {'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},
    {'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},
    {'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
    {'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
]

LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_TZ = True

LANGUAGES = [
    ('en', 'English'),
    ('fr', 'Français'),
    ('de', 'Deutsch'),
    ('es', 'Español'),
]

LOCALE_PATHS = [BASE_DIR / 'locale']

STATIC_URL = '/static/'
STATIC_ROOT = BASE_DIR / 'staticfiles'

MEDIA_URL = '/media/'
MEDIA_ROOT = BASE_DIR / 'media'

DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'

# ── Django REST Framework ──────────────────────────────────────────────────────
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': [
        'rest_framework_simplejwt.authentication.JWTAuthentication',
    ],
    'DEFAULT_PERMISSION_CLASSES': [
        'rest_framework.permissions.IsAuthenticated',
    ],
    'DEFAULT_FILTER_BACKENDS': [
        'django_filters.rest_framework.DjangoFilterBackend',
        'rest_framework.filters.SearchFilter',
        'rest_framework.filters.OrderingFilter',
    ],
    'DEFAULT_PAGINATION_CLASS': 'config.pagination.StandardPagination',
    'PAGE_SIZE': 20,
}

# ── SimpleJWT ─────────────────────────────────────────────────────────────────
SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=30),
    'ROTATE_REFRESH_TOKENS': True,
    'BLACKLIST_AFTER_ROTATION': True,
    'AUTH_HEADER_TYPES': ('Bearer',),
}

# ── dj-rest-auth ──────────────────────────────────────────────────────────────
REST_AUTH = {
    'USE_JWT': True,
    'JWT_AUTH_HTTPONLY': False,  # expose refresh token to mobile clients
}

# ── django-allauth ────────────────────────────────────────────────────────────
SITE_ID = 1
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_USERNAME_REQUIRED = False
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_VERIFICATION = 'none'  # change to 'mandatory' in production

SOCIALACCOUNT_PROVIDERS = {
    'google': {
        'APP': {
            'client_id': env('GOOGLE_CLIENT_ID', default=''),
            'secret': env('GOOGLE_CLIENT_SECRET', default=''),
        },
        'SCOPE': ['profile', 'email'],
        'AUTH_PARAMS': {'access_type': 'online'},
    },
    'apple': {
        'APP': {
            'client_id': env('APPLE_CLIENT_ID', default=''),
            'secret': env('APPLE_CLIENT_SECRET', default=''),
        },
    },
}

# Development: print emails to console
EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
First commit of claude's rework in django + vanillajs fronted 2026-04-02 11:24:30 +02:00			`from datetime import timedelta`
			`from pathlib import Path`

			`import environ`

			`BASE_DIR = Path(__file__).resolve().parent.parent`

			`env = environ.Env(`
			`DEBUG=(bool, False),`
			`)`
			`environ.Env.read_env(BASE_DIR / '.env')`

			`SECRET_KEY = env('SECRET_KEY')`
			`DEBUG = env('DEBUG')`
			`ALLOWED_HOSTS = env.list('ALLOWED_HOSTS', default=['*'])`

			`INSTALLED_APPS = [`
			`'django.contrib.admin',`
			`'django.contrib.auth',`
			`'django.contrib.contenttypes',`
			`'django.contrib.sessions',`
			`'django.contrib.messages',`
			`'django.contrib.staticfiles',`
			`'django.contrib.sites',`
			`# Third-party`
			`'rest_framework',`
			`'rest_framework.authtoken',`
			`'rest_framework_simplejwt.token_blacklist',`
			`'django_filters',`
			`'allauth',`
			`'allauth.account',`
			`'allauth.socialaccount',`
			`'allauth.socialaccount.providers.google',`
			`'allauth.socialaccount.providers.apple',`
			`'dj_rest_auth',`
			`'dj_rest_auth.registration',`
			`# Local`
			`'apps.users',`
			`'apps.gears',`
			`'apps.tools',`
			`'apps.photos',`
			`'apps.sessions',`
			`'apps.calibers',`
			`'apps.social',`
			`]`

			`MIDDLEWARE = [`
			`'django.middleware.security.SecurityMiddleware',`
			`'django.contrib.sessions.middleware.SessionMiddleware',`
			`'django.middleware.locale.LocaleMiddleware',`
			`'django.middleware.common.CommonMiddleware',`
			`'django.middleware.csrf.CsrfViewMiddleware',`
			`'django.contrib.auth.middleware.AuthenticationMiddleware',`
			`'django.contrib.messages.middleware.MessageMiddleware',`
			`'django.middleware.clickjacking.XFrameOptionsMiddleware',`
			`'allauth.account.middleware.AccountMiddleware',`
			`]`

			`ROOT_URLCONF = 'config.urls'`

			`TEMPLATES = [`
			`{`
			`'BACKEND': 'django.template.backends.django.DjangoTemplates',`
			`'DIRS': [],`
			`'APP_DIRS': True,`
			`'OPTIONS': {`
			`'context_processors': [`
			`'django.template.context_processors.debug',`
			`'django.template.context_processors.request',`
			`'django.contrib.auth.context_processors.auth',`
			`'django.contrib.messages.context_processors.messages',`
			`],`
			`},`
			`},`
			`]`

			`WSGI_APPLICATION = 'config.wsgi.application'`

			`DATABASES = {`
			`'default': env.db(`
			`'DATABASE_URL',`
			`default='postgresql://shooter:shooter_secret@db:5432/shooter_hub',`
			`)`
			`}`

			`AUTH_USER_MODEL = 'users.User'`

			`AUTHENTICATION_BACKENDS = [`
			`'django.contrib.auth.backends.ModelBackend',`
			`'allauth.account.auth_backends.AuthenticationBackend',`
			`]`

			`AUTH_PASSWORD_VALIDATORS = [`
			`{'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},`
			`{'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},`
			`{'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},`
			`{'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},`
			`]`

			`LANGUAGE_CODE = 'en-us'`
			`TIME_ZONE = 'UTC'`
			`USE_I18N = True`
			`USE_TZ = True`

			`LANGUAGES = [`
			`('en', 'English'),`
			`('fr', 'Français'),`
			`('de', 'Deutsch'),`
			`('es', 'Español'),`
			`]`

			`LOCALE_PATHS = [BASE_DIR / 'locale']`

			`STATIC_URL = '/static/'`
			`STATIC_ROOT = BASE_DIR / 'staticfiles'`

			`MEDIA_URL = '/media/'`
			`MEDIA_ROOT = BASE_DIR / 'media'`

			`DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'`

			`# ── Django REST Framework ──────────────────────────────────────────────────────`
			`REST_FRAMEWORK = {`
			`'DEFAULT_AUTHENTICATION_CLASSES': [`
			`'rest_framework_simplejwt.authentication.JWTAuthentication',`
			`],`
			`'DEFAULT_PERMISSION_CLASSES': [`
			`'rest_framework.permissions.IsAuthenticated',`
			`],`
			`'DEFAULT_FILTER_BACKENDS': [`
			`'django_filters.rest_framework.DjangoFilterBackend',`
			`'rest_framework.filters.SearchFilter',`
			`'rest_framework.filters.OrderingFilter',`
			`],`
			`'DEFAULT_PAGINATION_CLASS': 'config.pagination.StandardPagination',`
			`'PAGE_SIZE': 20,`
			`}`

			`# ── SimpleJWT ─────────────────────────────────────────────────────────────────`
			`SIMPLE_JWT = {`
			`'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),`
			`'REFRESH_TOKEN_LIFETIME': timedelta(days=30),`
			`'ROTATE_REFRESH_TOKENS': True,`
			`'BLACKLIST_AFTER_ROTATION': True,`
			`'AUTH_HEADER_TYPES': ('Bearer',),`
			`}`

			`# ── dj-rest-auth ──────────────────────────────────────────────────────────────`
			`REST_AUTH = {`
			`'USE_JWT': True,`
			`'JWT_AUTH_HTTPONLY': False, # expose refresh token to mobile clients`
			`}`

			`# ── django-allauth ────────────────────────────────────────────────────────────`
			`SITE_ID = 1`
			`ACCOUNT_EMAIL_REQUIRED = True`
			`ACCOUNT_USERNAME_REQUIRED = False`
			`ACCOUNT_AUTHENTICATION_METHOD = 'email'`
			`ACCOUNT_EMAIL_VERIFICATION = 'none' # change to 'mandatory' in production`

			`SOCIALACCOUNT_PROVIDERS = {`
			`'google': {`
			`'APP': {`
			`'client_id': env('GOOGLE_CLIENT_ID', default=''),`
			`'secret': env('GOOGLE_CLIENT_SECRET', default=''),`
			`},`
			`'SCOPE': ['profile', 'email'],`
			`'AUTH_PARAMS': {'access_type': 'online'},`
			`},`
			`'apple': {`
			`'APP': {`
			`'client_id': env('APPLE_CLIENT_ID', default=''),`
			`'secret': env('APPLE_CLIENT_SECRET', default=''),`
			`},`
			`},`
			`}`

			`# Development: print emails to console`
			`EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'`