From a77cdf96b9f1127d7bdc2d48222b4e1f89c99dd6 Mon Sep 17 00:00:00 2001 From: Inna Hoover Brown Date: Fri, 27 Dec 2024 08:26:10 -0800 Subject: [PATCH] Implementado Https --- .../__pycache__/middleware.cpython-313.pyc | Bin 0 -> 1882 bytes novawow/__pycache__/settings.cpython-313.pyc | Bin 4883 -> 5260 bytes novawow/__pycache__/urls.cpython-313.pyc | Bin 822 -> 1118 bytes novawow/middleware.py | 34 ++++++++++++++++++ novawow/settings.py | 11 +++++- novawow/urls.py | 4 +++ 6 files changed, 48 insertions(+), 1 deletion(-) create mode 100644 novawow/__pycache__/middleware.cpython-313.pyc create mode 100644 novawow/middleware.py diff --git a/novawow/__pycache__/middleware.cpython-313.pyc b/novawow/__pycache__/middleware.cpython-313.pyc new file mode 100644 index 0000000000000000000000000000000000000000..be44c57a1dfde49e6470dbb03f3788b06201877c GIT binary patch literal 1882 zcmb6a&u`OK_}Ot%leV}^+CdQ%vz4gskjsXGrZSiq1u7U7ikpE%q*ph7O+7hwc+V!H zV(Ly)Ik8Kn9=l_uNn@v7C-Dz7icl(RNSk&UH=ts>?t6AzMB8oJC*^zJd*AP0&USx) z76JU!a%+D`2>s443BWyq?bC3qA_E!1b#zUjg34*}x_B)`Qz|-)-a|&}2r{Ii7%Nbz zmew-Q`9%{#nGxT&-5LY>*tG9AN`y5$myw%<)=ihVeu-E%B~`x~tH)UAUbaVpSVa{? z1p`sh5NOH}sl+|fv>^e`7-`y5%V<5}kYRkD7`tIxmP48*CC_;x!7`xin@6=_Qd6be zvt6_4WcEW{ot~Y&shZJY=-H2Sb;_&TuI;JJcGbCNvpEM`tNT{0Z|H*f1gAxWw5#}2%y{?A zTi&gT3un`7R_Z&|(Hr+e8DmiPF%C!et)QOpd%15J(AQ||=-5+vcpGT+R$gg%i1HF4 z##K}nN=YZVXcvmz(-ncwrFTKXKQD}RITn;jMR$^!M5W9w6}Y;oa%xBZ1H^qF*ejLT zF7ae`fgu=TGR3ZRr$1qrrD8XWQB)R7O7i~ZG*XGgP6QJO_M$8vL}x@d{r_XReeype z5lVb`cEP^U?Zm$m-3f?J(Xn8D^v!P(t}^gz2fvpOvqMx%t3$ENsp* z&k1~j18Rpolr$W(N+=(UFw1_h`O#K>w4E<>@*jUc_Jh8mugHI9(7@rX+;As%s+Bv{&gq@p*;elCuS>z)-jobJQ;ZeTiHj)L)mO_}f5@CV=ly9Z;-t71&~&e0J- z;Sk2qPv5R$)Ay-84?SlXZ=l#4?*-+(i4bo;dk4@r=%tuW%dh%`wDvkPm>!R%x!{bJ z4tuRHO}FOh@bzAZhbwvEy^p3SHd^48qqO3te-bBhfoj0u-vY)5|3yj=gl9;7hKhel MBf|JA1SnGb8yKXh%K!iX literal 0 HcmV?d00001 diff --git a/novawow/__pycache__/settings.cpython-313.pyc b/novawow/__pycache__/settings.cpython-313.pyc index c887cea560318423955fe55e3738f28d151914b4..e4c3bbd5ffc160041d84af4e370d22d4051571ed 100644 GIT binary patch delta 973 zcmZvZ%WoT16vpQ|ek6A6_z^$iB#zTG4>#`E&f7_B>Ut)`GrSqG6zxmEN_vo5)Une|& zy4_BR*Zzyf=?CLaJrNOqI{)cKN`mb`&=9QTgq>V)&@k`a93GAl4ljEK+2g|y`QfAh zTr`Sd3c^hxcqoh!im-1CUW&p;?PRY>#u>8BEh{+@e{`&>U{lJZ5Qu+a=g@2XnLtf%yl?w~~~M zOUFt5J#$Y?UL5yky}2lbg=0GscU_W{60qV9cUbISC@EW0g3`E48OXGR6fGl-43@Br z6|7=Sw)1)Y-}45tJiw;xV0G(%)a@O4fL4&BRpjvoTl2WrXQ9vgX_2zh8j9R>9bwvl zLRlVZlVb}iZDWUWr@6$NZQ1gbI7$pWb~T!xowS-Q`C;?X-%$l4@ zuggp6bi&dN?N%!L#*wk3>F*SDMOBP_U8`ta+lS}ppPbb%mwy$BA@k>f9|B!p^`n!< zY162EeqL*w)tikovu6EExXt%%apo7c73NR2Z$#AGwI2va`&;{>m|A$<|53eK{kYaT zp_&Zr>9uN|Y7fub&mF%EOl|N3P_~E79=3Ye?jhGh#{AJ0@$q9wl<(mlqfFWMOIJXM znECr~UgXWB+qeioEgtHs!SxMYRZ6;AtaQWIBF}a7ZvWS=T2NHI``W#W3Jf-BWd+^X zwYx8t%Ei4yh3g&OSG2bar7~_N?d$5ER#3V@s6a`ZDH}yidr;zp{yn<>BJ`b`TKkFn zr4Wnl>d2OGe#wIfj9D*Lq~4BL%O5 lV;#x=$Dq@1x%9k>ntyx0a}0Vcm(EwC?PtEauwHP{e*k~s0Ji`D delta 603 zcmZvZxo;Cu5XL>ude_%(d?sthR}RNnJKl8?A4zNs;VK}CWWLq{i6$Z)V+qm45(N|# zgq3KhsVP?c7bz%FK!TPo0?|-0>jDXhk>>Yip1$|yeR?k~cis4@>(PM3=NBi(A9H7h zNx`$)<5Pqj;)oM~IwFoj;~2smM}&1m*+7iv5$6PSPD0@n3{GR7Ge~fDoZ$r|E_z~M*Vbfr??1cyx9vG@qR%!4xFXU4hBIEB z@mh-Q>mTDev9y$}ft!Uqcm& zy;j>&cGNdyy65ses#nq)O<1KA+_SprB*Wr&8$1v8pL*(wa0 zOnz1386_nJ#a8lpidHH3D<@x1$$@#gOjJISxfKoxJ#Rd6!#i;?QMY)N2sd*(q zsVSL7smUck1?)wsg{7&*CB+~U85JhSFu7>tB<3ciB-#}L-OV5Z#Kqh|qJiOxj^_oh z%c#0R;$cm}yThpc2M5&)_x;sX-5IBatB zQ%ZAE?TVy1+J(%Li$W!h N-XEA5SQNl!0RTm*S%Clm delta 88 zcmcb|v5k%IGcPX}0}$Nq$VyLVn#d=?^n+od#t)WsK283~DU9ox{WSR||7WUaU&-(p mq;B$LCKsXH{FKt1RJ$TEpa3Hf7uQVQ!d%PV$Xz4?8is diff --git a/novawow/middleware.py b/novawow/middleware.py new file mode 100644 index 0000000..4f75d78 --- /dev/null +++ b/novawow/middleware.py @@ -0,0 +1,34 @@ +from django.conf import settings +from django.http import HttpResponsePermanentRedirect + +class SSLRedirectMiddleware: + """ + Middleware para redirigir: + 1. HTTP a HTTPS. + 2. Dominio sin `www` a dominio con `www`. + 3. Añadir `/es/` si no está presente. + """ + def __init__(self, get_response): + self.get_response = get_response + + def __call__(self, request): + host = request.get_host() + is_https = request.is_secure() or settings.DEBUG # Para entornos locales en DEBUG + + # Redirigir a HTTPS si no está seguro + if not is_https: + url = request.build_absolute_uri().replace("http://", "https://") + return HttpResponsePermanentRedirect(url) + + # Redirigir al dominio con `www` + if not host.startswith("www."): + new_host = f"www.{host}" + url = request.build_absolute_uri().replace(host, new_host) + return HttpResponsePermanentRedirect(url) + + # Redirigir a `/es/` si no está incluido + if not request.path.startswith('/es/'): + url = f"https://{host}/es{request.get_full_path()}" + return HttpResponsePermanentRedirect(url) + + return self.get_response(request) diff --git a/novawow/settings.py b/novawow/settings.py index f848e40..63c6018 100644 --- a/novawow/settings.py +++ b/novawow/settings.py @@ -25,7 +25,14 @@ SECRET_KEY = 'django-insecure-os9f6#@x_5*sfv2g6vyj*31$964_s%7(%&x0+m)crrbj^=0wus # SECURITY WARNING: don't run with debug turned on in production! DEBUG = True -ALLOWED_HOSTS = ['*'] +ALLOWED_HOSTS = ['novawow.com', 'www.novawow.com', '95.216.107.200'] +SECURE_SSL_REDIRECT = True +SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') +SECURE_HSTS_SECONDS = 31536000 # Habilita HSTS por 1 año +SECURE_HSTS_INCLUDE_SUBDOMAINS = True +SECURE_HSTS_PRELOAD = True +SESSION_COOKIE_SECURE = True +CSRF_COOKIE_SECURE = True # Application definition @@ -38,6 +45,7 @@ INSTALLED_APPS = [ 'django.contrib.staticfiles', 'home', 'django_ckeditor_5', + 'django_extensions', ] # Configuración para AC SOAP @@ -97,6 +105,7 @@ MIDDLEWARE = [ 'django.middleware.common.CommonMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', + 'novawow.middleware.SSLRedirectMiddleware', ] ROOT_URLCONF = 'novawow.urls' diff --git a/novawow/urls.py b/novawow/urls.py index 5fe5c1b..065a928 100644 --- a/novawow/urls.py +++ b/novawow/urls.py @@ -14,3 +14,7 @@ urlpatterns += i18n_patterns( path('', include('home.urls')), # Incluye las URLs de la app `home` path('ckeditor5/', include('django_ckeditor_5.urls')), ) + +# Redirigir HTTP a HTTPS globalmente (opcional) +if settings.SECURE_SSL_REDIRECT: + urlpatterns = [path('', lambda request: HttpResponsePermanentRedirect('https://www.novawow.com'))] + urlpatterns \ No newline at end of file