From f787b0d06e37bc63d2bb34deaf326cf2c143661d Mon Sep 17 00:00:00 2001 From: adevopg Date: Sun, 12 Jul 2026 16:01:57 +0000 Subject: [PATCH] Mueve secretos a variables de entorno (.env) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - settings.py: SECRET_KEY, DEBUG, credenciales MySQL (x4 BBDD), SOAP, SumUp, Stripe y SMTP ahora se leen de variables de entorno via python-dotenv - añade .env.example como plantilla y python-dotenv a requirements - .gitignore: ignora .env - verificado: manage.py check OK y settings cargan valores desde .env Co-Authored-By: Claude Opus 4.8 (1M context) --- .env.example | 43 ++++++++++++++++ .gitignore | 1 + novawow/settings.py | 118 +++++++++++++++++++++----------------------- requirements.txt | 1 + 4 files changed, 102 insertions(+), 61 deletions(-) create mode 100644 .env.example diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..8016f80 --- /dev/null +++ b/.env.example @@ -0,0 +1,43 @@ +# Copia este archivo a .env y rellena los valores reales. +# El archivo .env NO debe subirse al repositorio. + +# === Django === +# Genera una clave nueva, p.ej.: +# python -c "from django.core.management.utils import get_random_secret_key; print(get_random_secret_key())" +DJANGO_SECRET_KEY=cambia-esta-clave +DJANGO_DEBUG=False + +# === Base de datos MySQL (compartida) === +DB_USER= +DB_PASSWORD= +DB_HOST=127.0.0.1 +DB_PORT=3306 +DB_NAME_DEFAULT=django_wow +DB_NAME_AUTH=acore_auth +DB_NAME_CHARACTERS=acore_characters +DB_NAME_WORLD=acore_world + +# === AzerothCore SOAP === +AC_SOAP_URL=http://127.0.0.1:2079 +AC_SOAP_USER=AC_SOAP +AC_SOAP_PASSWORD= +AC_SOAP_URN=urn:AC + +# === SumUp === +SUMUP_CLIENT_ID= +SUMUP_CLIENT_SECRET= +SUMUP_MERCHANT_EMAIL= +SUMUP_CURRENCY=EUR + +# === Stripe === +STRIPE_PUBLIC_KEY= +STRIPE_SECRET_KEY= +STRIPE_WEBHOOK_SECRET= + +# === Email (Gmail SMTP) === +EMAIL_HOST=smtp.gmail.com +EMAIL_PORT=587 +EMAIL_USE_TLS=True +EMAIL_USE_SSL=False +EMAIL_HOST_USER= +EMAIL_HOST_PASSWORD= diff --git a/.gitignore b/.gitignore index 5c8da86..cec6485 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ home/__pycache__ home/migrations/__pycache__ **/__pycache__/*.pyc .venv/ +.env diff --git a/novawow/settings.py b/novawow/settings.py index 5f2df6b..f8a51ac 100644 --- a/novawow/settings.py +++ b/novawow/settings.py @@ -13,18 +13,28 @@ https://docs.djangoproject.com/en/5.1/ref/settings/ from pathlib import Path import os +from dotenv import load_dotenv + # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent +# Carga las variables de entorno desde un archivo .env (no versionado) +load_dotenv(BASE_DIR / '.env') + + +def _env_bool(name, default=False): + """Lee una variable de entorno booleana ('1', 'true', 'yes', 'on').""" + return os.getenv(name, str(default)).lower() in ('1', 'true', 'yes', 'on') + # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/5.1/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! -SECRET_KEY = 'django-insecure-os9f6#@x_5*sfv2g6vyj*31$964_s%7(%&x0+m)crrbj^=0wus' +SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'django-insecure-dev-key-change-me') # SECURITY WARNING: don't run with debug turned on in production! -DEBUG = False +DEBUG = _env_bool('DJANGO_DEBUG', False) if not DEBUG: ALLOWED_HOSTS = ['novawow.com', 'www.novawow.com', '95.216.107.200', 'localhost', '127.0.0.1'] @@ -68,27 +78,27 @@ INSTALLED_APPS = [ ] # Configuración para AC SOAP -AC_SOAP_URL = "http://127.0.0.1:2079" -AC_SOAP_USER = "AC_SOAP" -AC_SOAP_PASSWORD = "Ladyamy89" -AC_SOAP_URN = "urn:AC" +AC_SOAP_URL = os.getenv('AC_SOAP_URL', 'http://127.0.0.1:2079') +AC_SOAP_USER = os.getenv('AC_SOAP_USER', 'AC_SOAP') +AC_SOAP_PASSWORD = os.getenv('AC_SOAP_PASSWORD', '') +AC_SOAP_URN = os.getenv('AC_SOAP_URN', 'urn:AC') -# Configuración de SumUp en settings.py -SUMUP_CLIENT_ID = "cc_classic_O8FbtnaHdjzOs6OyHMxyqwBo0pg1L" -SUMUP_CLIENT_SECRET = "cc_sk_classic_dFi7EwkHauWQnjN8FsC25TxlY1WAN2uVXtOBktzn4OCo8ZrMa8" -SUMUP_MERCHANT_EMAIL = "poveda.gandia@proton.me" -SUMUP_CURRENCY = "EUR" # Puedes cambiarlo si necesitas otra moneda +# Configuración de SumUp +SUMUP_CLIENT_ID = os.getenv('SUMUP_CLIENT_ID', '') +SUMUP_CLIENT_SECRET = os.getenv('SUMUP_CLIENT_SECRET', '') +SUMUP_MERCHANT_EMAIL = os.getenv('SUMUP_MERCHANT_EMAIL', '') +SUMUP_CURRENCY = os.getenv('SUMUP_CURRENCY', 'EUR') # Puedes cambiarlo si necesitas otra moneda # Configuración del correo electrónico para SMTP de Gmail EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend' -EMAIL_HOST = 'smtp.gmail.com' -EMAIL_PORT = 587 -EMAIL_USE_TLS = True -EMAIL_USE_SSL = False -EMAIL_HOST_USER = 'inna.aldaia@gmail.com' # Reemplaza con tu dirección de correo electrónico -EMAIL_HOST_PASSWORD = 'whqa zzzs mqal vdih' # Reemplaza con tu contraseña de Gmail o App Password +EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.gmail.com') +EMAIL_PORT = int(os.getenv('EMAIL_PORT', '587')) +EMAIL_USE_TLS = _env_bool('EMAIL_USE_TLS', True) +EMAIL_USE_SSL = _env_bool('EMAIL_USE_SSL', False) +EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '') +EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '') # App Password de Gmail DEFAULT_FROM_EMAIL = EMAIL_HOST_USER @@ -171,9 +181,9 @@ TEMPLATES = [ }, ] -STRIPE_PUBLIC_KEY = "pk_test_51QQrdMI3Vazamytgfb8046k0AwaRR3Cu8ni80b8iglZMUlUZVJarW1azXGXl3qV5VZtr2S7Xmpgr43Zcg73Pd8eT00C8CPOnja" # Cambia según tu configuración -STRIPE_SECRET_KEY = "sk_test_51QQrdMI3VazamytgcKpxF9cQcUfZYOam8b3IYgpJnpUBdY4xYOorTHRE0AbArfZbRT4nSbY2DEAMEvgxJl6gmgjJ00OaZgiryS" -STRIPE_WEBHOOK_SECRET = "" +STRIPE_PUBLIC_KEY = os.getenv('STRIPE_PUBLIC_KEY', '') +STRIPE_SECRET_KEY = os.getenv('STRIPE_SECRET_KEY', '') +STRIPE_WEBHOOK_SECRET = os.getenv('STRIPE_WEBHOOK_SECRET', '') WSGI_APPLICATION = 'novawow.wsgi.application' @@ -182,48 +192,34 @@ WSGI_APPLICATION = 'novawow.wsgi.application' # Database # https://docs.djangoproject.com/en/5.1/ref/settings/#databases +# Credenciales MySQL compartidas por todas las bases de datos +DB_USER = os.getenv('DB_USER', '') +DB_PASSWORD = os.getenv('DB_PASSWORD', '') +DB_HOST = os.getenv('DB_HOST', '127.0.0.1') +DB_PORT = os.getenv('DB_PORT', '3306') + +_ACORE_OPTIONS = {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"} + + +def _mysql_db(name, options=None): + conf = { + 'ENGINE': 'django.db.backends.mysql', + 'NAME': name, + 'USER': DB_USER, + 'PASSWORD': DB_PASSWORD, + 'HOST': DB_HOST, + 'PORT': DB_PORT, + } + if options: + conf['OPTIONS'] = options + return conf + + DATABASES = { - 'default': { - 'ENGINE': 'django.db.backends.mysql', - 'NAME': 'django_wow', - 'USER': 'Inna', - 'PASSWORD': 'Ladyamy89', - 'HOST': 'pj2049111-001.eu.clouddb.ovh.net', - 'PORT': '35971', - }, - 'acore_auth': { - 'ENGINE': 'django.db.backends.mysql', - 'NAME': 'acore_auth', - 'USER': 'Inna', - 'PASSWORD': 'Ladyamy89', - 'HOST': 'pj2049111-001.eu.clouddb.ovh.net', - 'PORT': '35971', - 'OPTIONS': { - 'init_command': "SET sql_mode='STRICT_TRANS_TABLES'", - }, - }, - 'acore_characters': { - 'ENGINE': 'django.db.backends.mysql', - 'NAME': 'acore_characters', - 'USER': 'Inna', - 'PASSWORD': 'Ladyamy89', - 'HOST': 'pj2049111-001.eu.clouddb.ovh.net', - 'PORT': '35971', - 'OPTIONS': { - 'init_command': "SET sql_mode='STRICT_TRANS_TABLES'", - }, - }, - 'acore_world': { - 'ENGINE': 'django.db.backends.mysql', - 'NAME': 'acore_world', - 'USER': 'Inna', - 'PASSWORD': 'Ladyamy89', - 'HOST': 'pj2049111-001.eu.clouddb.ovh.net', - 'PORT': '35971', - 'OPTIONS': { - 'init_command': "SET sql_mode='STRICT_TRANS_TABLES'", - }, - }, + 'default': _mysql_db(os.getenv('DB_NAME_DEFAULT', 'django_wow')), + 'acore_auth': _mysql_db(os.getenv('DB_NAME_AUTH', 'acore_auth'), _ACORE_OPTIONS), + 'acore_characters': _mysql_db(os.getenv('DB_NAME_CHARACTERS', 'acore_characters'), _ACORE_OPTIONS), + 'acore_world': _mysql_db(os.getenv('DB_NAME_WORLD', 'acore_world'), _ACORE_OPTIONS), } diff --git a/requirements.txt b/requirements.txt index 62225cb..2f51b1d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -13,3 +13,4 @@ sqlparse==0.5.5 stripe==15.3.0 typing_extensions==4.16.0 urllib3==2.7.0 +python-dotenv==1.2.2