Implementado Https
This commit is contained in:
Binary file not shown.
Binary file not shown.
Binary file not shown.
@@ -0,0 +1,34 @@
|
||||
from django.conf import settings
|
||||
from django.http import HttpResponsePermanentRedirect
|
||||
|
||||
class SSLRedirectMiddleware:
|
||||
"""
|
||||
Middleware para redirigir:
|
||||
1. HTTP a HTTPS.
|
||||
2. Dominio sin `www` a dominio con `www`.
|
||||
3. Añadir `/es/` si no está presente.
|
||||
"""
|
||||
def __init__(self, get_response):
|
||||
self.get_response = get_response
|
||||
|
||||
def __call__(self, request):
|
||||
host = request.get_host()
|
||||
is_https = request.is_secure() or settings.DEBUG # Para entornos locales en DEBUG
|
||||
|
||||
# Redirigir a HTTPS si no está seguro
|
||||
if not is_https:
|
||||
url = request.build_absolute_uri().replace("http://", "https://")
|
||||
return HttpResponsePermanentRedirect(url)
|
||||
|
||||
# Redirigir al dominio con `www`
|
||||
if not host.startswith("www."):
|
||||
new_host = f"www.{host}"
|
||||
url = request.build_absolute_uri().replace(host, new_host)
|
||||
return HttpResponsePermanentRedirect(url)
|
||||
|
||||
# Redirigir a `/es/` si no está incluido
|
||||
if not request.path.startswith('/es/'):
|
||||
url = f"https://{host}/es{request.get_full_path()}"
|
||||
return HttpResponsePermanentRedirect(url)
|
||||
|
||||
return self.get_response(request)
|
||||
+10
-1
@@ -25,7 +25,14 @@ SECRET_KEY = 'django-insecure-os9f6#@x_5*sfv2g6vyj*31$964_s%7(%&x0+m)crrbj^=0wus
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = True
|
||||
|
||||
ALLOWED_HOSTS = ['*']
|
||||
ALLOWED_HOSTS = ['novawow.com', 'www.novawow.com', '95.216.107.200']
|
||||
SECURE_SSL_REDIRECT = True
|
||||
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
||||
SECURE_HSTS_SECONDS = 31536000 # Habilita HSTS por 1 año
|
||||
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
|
||||
SECURE_HSTS_PRELOAD = True
|
||||
SESSION_COOKIE_SECURE = True
|
||||
CSRF_COOKIE_SECURE = True
|
||||
|
||||
# Application definition
|
||||
|
||||
@@ -38,6 +45,7 @@ INSTALLED_APPS = [
|
||||
'django.contrib.staticfiles',
|
||||
'home',
|
||||
'django_ckeditor_5',
|
||||
'django_extensions',
|
||||
]
|
||||
|
||||
# Configuración para AC SOAP
|
||||
@@ -97,6 +105,7 @@ MIDDLEWARE = [
|
||||
'django.middleware.common.CommonMiddleware',
|
||||
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
||||
'django.contrib.messages.middleware.MessageMiddleware',
|
||||
'novawow.middleware.SSLRedirectMiddleware',
|
||||
]
|
||||
|
||||
ROOT_URLCONF = 'novawow.urls'
|
||||
|
||||
@@ -14,3 +14,7 @@ urlpatterns += i18n_patterns(
|
||||
path('', include('home.urls')), # Incluye las URLs de la app `home`
|
||||
path('ckeditor5/', include('django_ckeditor_5.urls')),
|
||||
)
|
||||
|
||||
# Redirigir HTTP a HTTPS globalmente (opcional)
|
||||
if settings.SECURE_SSL_REDIRECT:
|
||||
urlpatterns = [path('', lambda request: HttpResponsePermanentRedirect('https://www.novawow.com'))] + urlpatterns
|
||||
Reference in New Issue
Block a user