Implementado Https

This commit is contained in:
2024-12-27 08:26:10 -08:00
parent 7f1fc94fc9
commit a77cdf96b9
6 changed files with 48 additions and 1 deletions
Binary file not shown.
Binary file not shown.
Binary file not shown.
+34
View File
@@ -0,0 +1,34 @@
from django.conf import settings
from django.http import HttpResponsePermanentRedirect
class SSLRedirectMiddleware:
"""
Middleware para redirigir:
1. HTTP a HTTPS.
2. Dominio sin `www` a dominio con `www`.
3. Añadir `/es/` si no está presente.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
host = request.get_host()
is_https = request.is_secure() or settings.DEBUG # Para entornos locales en DEBUG
# Redirigir a HTTPS si no está seguro
if not is_https:
url = request.build_absolute_uri().replace("http://", "https://")
return HttpResponsePermanentRedirect(url)
# Redirigir al dominio con `www`
if not host.startswith("www."):
new_host = f"www.{host}"
url = request.build_absolute_uri().replace(host, new_host)
return HttpResponsePermanentRedirect(url)
# Redirigir a `/es/` si no está incluido
if not request.path.startswith('/es/'):
url = f"https://{host}/es{request.get_full_path()}"
return HttpResponsePermanentRedirect(url)
return self.get_response(request)
+10 -1
View File
@@ -25,7 +25,14 @@ SECRET_KEY = 'django-insecure-os9f6#@x_5*sfv2g6vyj*31$964_s%7(%&x0+m)crrbj^=0wus
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True
ALLOWED_HOSTS = ['*']
ALLOWED_HOSTS = ['novawow.com', 'www.novawow.com', '95.216.107.200']
SECURE_SSL_REDIRECT = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
SECURE_HSTS_SECONDS = 31536000 # Habilita HSTS por 1 año
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
# Application definition
@@ -38,6 +45,7 @@ INSTALLED_APPS = [
'django.contrib.staticfiles',
'home',
'django_ckeditor_5',
'django_extensions',
]
# Configuración para AC SOAP
@@ -97,6 +105,7 @@ MIDDLEWARE = [
'django.middleware.common.CommonMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'novawow.middleware.SSLRedirectMiddleware',
]
ROOT_URLCONF = 'novawow.urls'
+4
View File
@@ -14,3 +14,7 @@ urlpatterns += i18n_patterns(
path('', include('home.urls')), # Incluye las URLs de la app `home`
path('ckeditor5/', include('django_ckeditor_5.urls')),
)
# Redirigir HTTP a HTTPS globalmente (opcional)
if settings.SECURE_SSL_REDIRECT:
urlpatterns = [path('', lambda request: HttpResponsePermanentRedirect('https://www.novawow.com'))] + urlpatterns