Mueve secretos a variables de entorno (.env)
- settings.py: SECRET_KEY, DEBUG, credenciales MySQL (x4 BBDD), SOAP, SumUp, Stripe y SMTP ahora se leen de variables de entorno via python-dotenv - añade .env.example como plantilla y python-dotenv a requirements - .gitignore: ignora .env - verificado: manage.py check OK y settings cargan valores desde .env Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
@@ -0,0 +1,43 @@
|
||||
# Copia este archivo a .env y rellena los valores reales.
|
||||
# El archivo .env NO debe subirse al repositorio.
|
||||
|
||||
# === Django ===
|
||||
# Genera una clave nueva, p.ej.:
|
||||
# python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())"
|
||||
DJANGO_SECRET_KEY=cambia-esta-clave
|
||||
DJANGO_DEBUG=False
|
||||
|
||||
# === Base de datos MySQL (compartida) ===
|
||||
DB_USER=
|
||||
DB_PASSWORD=
|
||||
DB_HOST=127.0.0.1
|
||||
DB_PORT=3306
|
||||
DB_NAME_DEFAULT=django_wow
|
||||
DB_NAME_AUTH=acore_auth
|
||||
DB_NAME_CHARACTERS=acore_characters
|
||||
DB_NAME_WORLD=acore_world
|
||||
|
||||
# === AzerothCore SOAP ===
|
||||
AC_SOAP_URL=http://127.0.0.1:2079
|
||||
AC_SOAP_USER=AC_SOAP
|
||||
AC_SOAP_PASSWORD=
|
||||
AC_SOAP_URN=urn:AC
|
||||
|
||||
# === SumUp ===
|
||||
SUMUP_CLIENT_ID=
|
||||
SUMUP_CLIENT_SECRET=
|
||||
SUMUP_MERCHANT_EMAIL=
|
||||
SUMUP_CURRENCY=EUR
|
||||
|
||||
# === Stripe ===
|
||||
STRIPE_PUBLIC_KEY=
|
||||
STRIPE_SECRET_KEY=
|
||||
STRIPE_WEBHOOK_SECRET=
|
||||
|
||||
# === Email (Gmail SMTP) ===
|
||||
EMAIL_HOST=smtp.gmail.com
|
||||
EMAIL_PORT=587
|
||||
EMAIL_USE_TLS=True
|
||||
EMAIL_USE_SSL=False
|
||||
EMAIL_HOST_USER=
|
||||
EMAIL_HOST_PASSWORD=
|
||||
@@ -5,3 +5,4 @@ home/__pycache__
|
||||
home/migrations/__pycache__
|
||||
**/__pycache__/*.pyc
|
||||
.venv/
|
||||
.env
|
||||
|
||||
+57
-61
@@ -13,18 +13,28 @@ https://docs.djangoproject.com/en/5.1/ref/settings/
|
||||
from pathlib import Path
|
||||
import os
|
||||
|
||||
from dotenv import load_dotenv
|
||||
|
||||
# Build paths inside the project like this: BASE_DIR / 'subdir'.
|
||||
BASE_DIR = Path(__file__).resolve().parent.parent
|
||||
|
||||
# Carga las variables de entorno desde un archivo .env (no versionado)
|
||||
load_dotenv(BASE_DIR / '.env')
|
||||
|
||||
|
||||
def _env_bool(name, default=False):
|
||||
"""Lee una variable de entorno booleana ('1', 'true', 'yes', 'on')."""
|
||||
return os.getenv(name, str(default)).lower() in ('1', 'true', 'yes', 'on')
|
||||
|
||||
|
||||
# Quick-start development settings - unsuitable for production
|
||||
# See https://docs.djangoproject.com/en/5.1/howto/deployment/checklist/
|
||||
|
||||
# SECURITY WARNING: keep the secret key used in production secret!
|
||||
SECRET_KEY = 'django-insecure-os9f6#@x_5*sfv2g6vyj*31$964_s%7(%&x0+m)crrbj^=0wus'
|
||||
SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'django-insecure-dev-key-change-me')
|
||||
|
||||
# SECURITY WARNING: don't run with debug turned on in production!
|
||||
DEBUG = False
|
||||
DEBUG = _env_bool('DJANGO_DEBUG', False)
|
||||
|
||||
if not DEBUG:
|
||||
ALLOWED_HOSTS = ['novawow.com', 'www.novawow.com', '95.216.107.200', 'localhost', '127.0.0.1']
|
||||
@@ -68,27 +78,27 @@ INSTALLED_APPS = [
|
||||
]
|
||||
|
||||
# Configuración para AC SOAP
|
||||
AC_SOAP_URL = "http://127.0.0.1:2079"
|
||||
AC_SOAP_USER = "AC_SOAP"
|
||||
AC_SOAP_PASSWORD = "Ladyamy89"
|
||||
AC_SOAP_URN = "urn:AC"
|
||||
AC_SOAP_URL = os.getenv('AC_SOAP_URL', 'http://127.0.0.1:2079')
|
||||
AC_SOAP_USER = os.getenv('AC_SOAP_USER', 'AC_SOAP')
|
||||
AC_SOAP_PASSWORD = os.getenv('AC_SOAP_PASSWORD', '')
|
||||
AC_SOAP_URN = os.getenv('AC_SOAP_URN', 'urn:AC')
|
||||
|
||||
|
||||
# Configuración de SumUp en settings.py
|
||||
SUMUP_CLIENT_ID = "cc_classic_O8FbtnaHdjzOs6OyHMxyqwBo0pg1L"
|
||||
SUMUP_CLIENT_SECRET = "cc_sk_classic_dFi7EwkHauWQnjN8FsC25TxlY1WAN2uVXtOBktzn4OCo8ZrMa8"
|
||||
SUMUP_MERCHANT_EMAIL = "poveda.gandia@proton.me"
|
||||
SUMUP_CURRENCY = "EUR" # Puedes cambiarlo si necesitas otra moneda
|
||||
# Configuración de SumUp
|
||||
SUMUP_CLIENT_ID = os.getenv('SUMUP_CLIENT_ID', '')
|
||||
SUMUP_CLIENT_SECRET = os.getenv('SUMUP_CLIENT_SECRET', '')
|
||||
SUMUP_MERCHANT_EMAIL = os.getenv('SUMUP_MERCHANT_EMAIL', '')
|
||||
SUMUP_CURRENCY = os.getenv('SUMUP_CURRENCY', 'EUR') # Puedes cambiarlo si necesitas otra moneda
|
||||
|
||||
|
||||
# Configuración del correo electrónico para SMTP de Gmail
|
||||
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
|
||||
EMAIL_HOST = 'smtp.gmail.com'
|
||||
EMAIL_PORT = 587
|
||||
EMAIL_USE_TLS = True
|
||||
EMAIL_USE_SSL = False
|
||||
EMAIL_HOST_USER = 'inna.aldaia@gmail.com' # Reemplaza con tu dirección de correo electrónico
|
||||
EMAIL_HOST_PASSWORD = 'whqa zzzs mqal vdih' # Reemplaza con tu contraseña de Gmail o App Password
|
||||
EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.gmail.com')
|
||||
EMAIL_PORT = int(os.getenv('EMAIL_PORT', '587'))
|
||||
EMAIL_USE_TLS = _env_bool('EMAIL_USE_TLS', True)
|
||||
EMAIL_USE_SSL = _env_bool('EMAIL_USE_SSL', False)
|
||||
EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '')
|
||||
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '') # App Password de Gmail
|
||||
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
|
||||
|
||||
|
||||
@@ -171,9 +181,9 @@ TEMPLATES = [
|
||||
},
|
||||
]
|
||||
|
||||
STRIPE_PUBLIC_KEY = "pk_test_51QQrdMI3Vazamytgfb8046k0AwaRR3Cu8ni80b8iglZMUlUZVJarW1azXGXl3qV5VZtr2S7Xmpgr43Zcg73Pd8eT00C8CPOnja" # Cambia según tu configuración
|
||||
STRIPE_SECRET_KEY = "sk_test_51QQrdMI3VazamytgcKpxF9cQcUfZYOam8b3IYgpJnpUBdY4xYOorTHRE0AbArfZbRT4nSbY2DEAMEvgxJl6gmgjJ00OaZgiryS"
|
||||
STRIPE_WEBHOOK_SECRET = ""
|
||||
STRIPE_PUBLIC_KEY = os.getenv('STRIPE_PUBLIC_KEY', '')
|
||||
STRIPE_SECRET_KEY = os.getenv('STRIPE_SECRET_KEY', '')
|
||||
STRIPE_WEBHOOK_SECRET = os.getenv('STRIPE_WEBHOOK_SECRET', '')
|
||||
|
||||
|
||||
WSGI_APPLICATION = 'novawow.wsgi.application'
|
||||
@@ -182,48 +192,34 @@ WSGI_APPLICATION = 'novawow.wsgi.application'
|
||||
# Database
|
||||
# https://docs.djangoproject.com/en/5.1/ref/settings/#databases
|
||||
|
||||
# Credenciales MySQL compartidas por todas las bases de datos
|
||||
DB_USER = os.getenv('DB_USER', '')
|
||||
DB_PASSWORD = os.getenv('DB_PASSWORD', '')
|
||||
DB_HOST = os.getenv('DB_HOST', '127.0.0.1')
|
||||
DB_PORT = os.getenv('DB_PORT', '3306')
|
||||
|
||||
_ACORE_OPTIONS = {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"}
|
||||
|
||||
|
||||
def _mysql_db(name, options=None):
|
||||
conf = {
|
||||
'ENGINE': 'django.db.backends.mysql',
|
||||
'NAME': name,
|
||||
'USER': DB_USER,
|
||||
'PASSWORD': DB_PASSWORD,
|
||||
'HOST': DB_HOST,
|
||||
'PORT': DB_PORT,
|
||||
}
|
||||
if options:
|
||||
conf['OPTIONS'] = options
|
||||
return conf
|
||||
|
||||
|
||||
DATABASES = {
|
||||
'default': {
|
||||
'ENGINE': 'django.db.backends.mysql',
|
||||
'NAME': 'django_wow',
|
||||
'USER': 'Inna',
|
||||
'PASSWORD': 'Ladyamy89',
|
||||
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
|
||||
'PORT': '35971',
|
||||
},
|
||||
'acore_auth': {
|
||||
'ENGINE': 'django.db.backends.mysql',
|
||||
'NAME': 'acore_auth',
|
||||
'USER': 'Inna',
|
||||
'PASSWORD': 'Ladyamy89',
|
||||
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
|
||||
'PORT': '35971',
|
||||
'OPTIONS': {
|
||||
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
|
||||
},
|
||||
},
|
||||
'acore_characters': {
|
||||
'ENGINE': 'django.db.backends.mysql',
|
||||
'NAME': 'acore_characters',
|
||||
'USER': 'Inna',
|
||||
'PASSWORD': 'Ladyamy89',
|
||||
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
|
||||
'PORT': '35971',
|
||||
'OPTIONS': {
|
||||
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
|
||||
},
|
||||
},
|
||||
'acore_world': {
|
||||
'ENGINE': 'django.db.backends.mysql',
|
||||
'NAME': 'acore_world',
|
||||
'USER': 'Inna',
|
||||
'PASSWORD': 'Ladyamy89',
|
||||
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
|
||||
'PORT': '35971',
|
||||
'OPTIONS': {
|
||||
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
|
||||
},
|
||||
},
|
||||
'default': _mysql_db(os.getenv('DB_NAME_DEFAULT', 'django_wow')),
|
||||
'acore_auth': _mysql_db(os.getenv('DB_NAME_AUTH', 'acore_auth'), _ACORE_OPTIONS),
|
||||
'acore_characters': _mysql_db(os.getenv('DB_NAME_CHARACTERS', 'acore_characters'), _ACORE_OPTIONS),
|
||||
'acore_world': _mysql_db(os.getenv('DB_NAME_WORLD', 'acore_world'), _ACORE_OPTIONS),
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -13,3 +13,4 @@ sqlparse==0.5.5
|
||||
stripe==15.3.0
|
||||
typing_extensions==4.16.0
|
||||
urllib3==2.7.0
|
||||
python-dotenv==1.2.2
|
||||
|
||||
Reference in New Issue
Block a user