feat: integrate python-decouple for environment-based configuration

Replace hardcoded SECRET_KEY, DEBUG, ALLOWED_HOSTS, SITE_NAME, COPYRIGHT_TEXT with decouple.config() calls; add CSRF_TRUSTED_ORIGINS support via .env. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-25 17:03:59 +08:00
parent 8b57a7b66a
commit 528225300a
3 changed files with 12 additions and 8 deletions
--- a/.env.example
+++ b/.env.example
@@ -13,8 +13,8 @@ EMAIL_HOST_USER=
 EMAIL_HOST_PASSWORD=

 # Security Settings (for production)
-# ALLOWED_HOSTS=yourdomain.com,www.yourdomain.com
-# CSRF_TRUSTED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com
+ALLOWED_HOSTS=yourdomain.com,www.yourdomain.com
+CSRF_TRUSTED_ORIGINS=https://yourdomain.com,https://www.yourdomain.com

 # File Upload Settings
 FILE_UPLOAD_MAX_MEMORY_SIZE=5242880
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,4 +3,5 @@ Pillow==10.0.0
 django-cleanup==8.0.0
 django-imagekit==4.1.0
 django-taggit==4.0.0
-python-slugify==8.0.1
+python-slugify==8.0.1
+python-decouple==3.8
--- a/yitao_gallery/settings.py
+++ b/yitao_gallery/settings.py
@@ -12,6 +12,7 @@ https://docs.djangoproject.com/en/4.2/ref/settings/

 import os
 from pathlib import Path
+from decouple import config, Csv

 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent
@@ -21,12 +22,14 @@ BASE_DIR = Path(__file__).resolve().parent.parent
 # See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/

 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-!@#$%^&*()_+yitao-ren-gallery-secret-key-change-in-production'
+SECRET_KEY = config('SECRET_KEY')

 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG = config('DEBUG', default=False, cast=bool)

-ALLOWED_HOSTS = ["localhost", "106.15.60.252", "gallery.lizexua.com"]
+ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='localhost', cast=Csv())
+
+CSRF_TRUSTED_ORIGINS = config('CSRF_TRUSTED_ORIGINS', default='', cast=Csv())


 # Application definition
@@ -148,8 +151,8 @@ IMAGE_MAX_HEIGHT = 1080
 THUMBNAIL_SIZE = (400, 400)

 # Site settings
-SITE_NAME = "YITAO-REN GALLERY"
-COPYRIGHT_TEXT = "© 2026 Yitao-Ren Gallery & iTao TV"
+SITE_NAME = config('SITE_NAME', default='YITAO-REN GALLERY')
+COPYRIGHT_TEXT = config('COPYRIGHT_TEXT', default='© 2026 Yitao-Ren Gallery & iTao TV')

 # Security settings for production (commented out for development)
 # SECURE_SSL_REDIRECT = True