From 528225300ab60e7bd89151c719f228f47a931650 Mon Sep 17 00:00:00 2001 From: Cafw Date: Wed, 25 Feb 2026 17:03:59 +0800 Subject: [PATCH] feat: integrate python-decouple for environment-based configuration Replace hardcoded SECRET_KEY, DEBUG, ALLOWED_HOSTS, SITE_NAME, COPYRIGHT_TEXT with decouple.config() calls; add CSRF_TRUSTED_ORIGINS support via .env. Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 4 ++-- requirements.txt | 3 ++- yitao_gallery/settings.py | 13 ++++++++----- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/.env.example b/.env.example index 33d6990..2e5e66c 100755 --- a/.env.example +++ b/.env.example @@ -13,8 +13,8 @@ EMAIL_HOST_USER= EMAIL_HOST_PASSWORD= # Security Settings (for production) -# ALLOWED_HOSTS=yourdomain.com,www.yourdomain.com -# CSRF_TRUSTED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com +ALLOWED_HOSTS=yourdomain.com,www.yourdomain.com +CSRF_TRUSTED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com # File Upload Settings FILE_UPLOAD_MAX_MEMORY_SIZE=5242880 diff --git a/requirements.txt b/requirements.txt index 57c5b51..f2ef4f6 100755 --- a/requirements.txt +++ b/requirements.txt @@ -3,4 +3,5 @@ Pillow==10.0.0 django-cleanup==8.0.0 django-imagekit==4.1.0 django-taggit==4.0.0 -python-slugify==8.0.1 \ No newline at end of file +python-slugify==8.0.1 +python-decouple==3.8 \ No newline at end of file diff --git a/yitao_gallery/settings.py b/yitao_gallery/settings.py index d1f5b78..9730f2f 100644 --- a/yitao_gallery/settings.py +++ b/yitao_gallery/settings.py @@ -12,6 +12,7 @@ https://docs.djangoproject.com/en/4.2/ref/settings/ import os from pathlib import Path +from decouple import config, Csv # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent @@ -21,12 +22,14 @@ BASE_DIR = Path(__file__).resolve().parent.parent # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = 'django-insecure-!@#$%^&*()_+yitao-ren-gallery-secret-key-change-in-production' +SECRET_KEY = config('SECRET_KEY') # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = True +DEBUG = config('DEBUG', default=False, cast=bool) -ALLOWED_HOSTS = ["localhost", "106.15.60.252", "gallery.lizexua.com"] +ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='localhost', cast=Csv()) + +CSRF_TRUSTED_ORIGINS = config('CSRF_TRUSTED_ORIGINS', default='', cast=Csv()) # Application definition @@ -148,8 +151,8 @@ IMAGE_MAX_HEIGHT = 1080 THUMBNAIL_SIZE = (400, 400) # Site settings -SITE_NAME = "YITAO-REN GALLERY" -COPYRIGHT_TEXT = "© 2026 Yitao-Ren Gallery & iTao TV" +SITE_NAME = config('SITE_NAME', default='YITAO-REN GALLERY') +COPYRIGHT_TEXT = config('COPYRIGHT_TEXT', default='© 2026 Yitao-Ren Gallery & iTao TV') # Security settings for production (commented out for development) # SECURE_SSL_REDIRECT = True