Mueve secretos a variables de entorno (.env)

- settings.py: SECRET_KEY, DEBUG, credenciales MySQL (x4 BBDD), SOAP,
  SumUp, Stripe y SMTP ahora se leen de variables de entorno via python-dotenv
- añade .env.example como plantilla y python-dotenv a requirements
- .gitignore: ignora .env
- verificado: manage.py check OK y settings cargan valores desde .env

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-07-12 16:01:57 +00:00
parent e1c04a92e3
commit f787b0d06e
4 changed files with 102 additions and 61 deletions
+57 -61
View File
@@ -13,18 +13,28 @@ https://docs.djangoproject.com/en/5.1/ref/settings/
from pathlib import Path
import os
from dotenv import load_dotenv
# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent
# Carga las variables de entorno desde un archivo .env (no versionado)
load_dotenv(BASE_DIR / '.env')
def _env_bool(name, default=False):
"""Lee una variable de entorno booleana ('1', 'true', 'yes', 'on')."""
return os.getenv(name, str(default)).lower() in ('1', 'true', 'yes', 'on')
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/5.1/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'django-insecure-os9f6#@x_5*sfv2g6vyj*31$964_s%7(%&x0+m)crrbj^=0wus'
SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'django-insecure-dev-key-change-me')
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
DEBUG = _env_bool('DJANGO_DEBUG', False)
if not DEBUG:
ALLOWED_HOSTS = ['novawow.com', 'www.novawow.com', '95.216.107.200', 'localhost', '127.0.0.1']
@@ -68,27 +78,27 @@ INSTALLED_APPS = [
]
# Configuración para AC SOAP
AC_SOAP_URL = "http://127.0.0.1:2079"
AC_SOAP_USER = "AC_SOAP"
AC_SOAP_PASSWORD = "Ladyamy89"
AC_SOAP_URN = "urn:AC"
AC_SOAP_URL = os.getenv('AC_SOAP_URL', 'http://127.0.0.1:2079')
AC_SOAP_USER = os.getenv('AC_SOAP_USER', 'AC_SOAP')
AC_SOAP_PASSWORD = os.getenv('AC_SOAP_PASSWORD', '')
AC_SOAP_URN = os.getenv('AC_SOAP_URN', 'urn:AC')
# Configuración de SumUp en settings.py
SUMUP_CLIENT_ID = "cc_classic_O8FbtnaHdjzOs6OyHMxyqwBo0pg1L"
SUMUP_CLIENT_SECRET = "cc_sk_classic_dFi7EwkHauWQnjN8FsC25TxlY1WAN2uVXtOBktzn4OCo8ZrMa8"
SUMUP_MERCHANT_EMAIL = "poveda.gandia@proton.me"
SUMUP_CURRENCY = "EUR" # Puedes cambiarlo si necesitas otra moneda
# Configuración de SumUp
SUMUP_CLIENT_ID = os.getenv('SUMUP_CLIENT_ID', '')
SUMUP_CLIENT_SECRET = os.getenv('SUMUP_CLIENT_SECRET', '')
SUMUP_MERCHANT_EMAIL = os.getenv('SUMUP_MERCHANT_EMAIL', '')
SUMUP_CURRENCY = os.getenv('SUMUP_CURRENCY', 'EUR') # Puedes cambiarlo si necesitas otra moneda
# Configuración del correo electrónico para SMTP de Gmail
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_PORT = 587
EMAIL_USE_TLS = True
EMAIL_USE_SSL = False
EMAIL_HOST_USER = 'inna.aldaia@gmail.com' # Reemplaza con tu dirección de correo electrónico
EMAIL_HOST_PASSWORD = 'whqa zzzs mqal vdih' # Reemplaza con tu contraseña de Gmail o App Password
EMAIL_HOST = os.getenv('EMAIL_HOST', 'smtp.gmail.com')
EMAIL_PORT = int(os.getenv('EMAIL_PORT', '587'))
EMAIL_USE_TLS = _env_bool('EMAIL_USE_TLS', True)
EMAIL_USE_SSL = _env_bool('EMAIL_USE_SSL', False)
EMAIL_HOST_USER = os.getenv('EMAIL_HOST_USER', '')
EMAIL_HOST_PASSWORD = os.getenv('EMAIL_HOST_PASSWORD', '') # App Password de Gmail
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
@@ -171,9 +181,9 @@ TEMPLATES = [
},
]
STRIPE_PUBLIC_KEY = "pk_test_51QQrdMI3Vazamytgfb8046k0AwaRR3Cu8ni80b8iglZMUlUZVJarW1azXGXl3qV5VZtr2S7Xmpgr43Zcg73Pd8eT00C8CPOnja" # Cambia según tu configuración
STRIPE_SECRET_KEY = "sk_test_51QQrdMI3VazamytgcKpxF9cQcUfZYOam8b3IYgpJnpUBdY4xYOorTHRE0AbArfZbRT4nSbY2DEAMEvgxJl6gmgjJ00OaZgiryS"
STRIPE_WEBHOOK_SECRET = ""
STRIPE_PUBLIC_KEY = os.getenv('STRIPE_PUBLIC_KEY', '')
STRIPE_SECRET_KEY = os.getenv('STRIPE_SECRET_KEY', '')
STRIPE_WEBHOOK_SECRET = os.getenv('STRIPE_WEBHOOK_SECRET', '')
WSGI_APPLICATION = 'novawow.wsgi.application'
@@ -182,48 +192,34 @@ WSGI_APPLICATION = 'novawow.wsgi.application'
# Database
# https://docs.djangoproject.com/en/5.1/ref/settings/#databases
# Credenciales MySQL compartidas por todas las bases de datos
DB_USER = os.getenv('DB_USER', '')
DB_PASSWORD = os.getenv('DB_PASSWORD', '')
DB_HOST = os.getenv('DB_HOST', '127.0.0.1')
DB_PORT = os.getenv('DB_PORT', '3306')
_ACORE_OPTIONS = {'init_command': "SET sql_mode='STRICT_TRANS_TABLES'"}
def _mysql_db(name, options=None):
conf = {
'ENGINE': 'django.db.backends.mysql',
'NAME': name,
'USER': DB_USER,
'PASSWORD': DB_PASSWORD,
'HOST': DB_HOST,
'PORT': DB_PORT,
}
if options:
conf['OPTIONS'] = options
return conf
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'django_wow',
'USER': 'Inna',
'PASSWORD': 'Ladyamy89',
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
'PORT': '35971',
},
'acore_auth': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'acore_auth',
'USER': 'Inna',
'PASSWORD': 'Ladyamy89',
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
'PORT': '35971',
'OPTIONS': {
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
},
},
'acore_characters': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'acore_characters',
'USER': 'Inna',
'PASSWORD': 'Ladyamy89',
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
'PORT': '35971',
'OPTIONS': {
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
},
},
'acore_world': {
'ENGINE': 'django.db.backends.mysql',
'NAME': 'acore_world',
'USER': 'Inna',
'PASSWORD': 'Ladyamy89',
'HOST': 'pj2049111-001.eu.clouddb.ovh.net',
'PORT': '35971',
'OPTIONS': {
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
},
},
'default': _mysql_db(os.getenv('DB_NAME_DEFAULT', 'django_wow')),
'acore_auth': _mysql_db(os.getenv('DB_NAME_AUTH', 'acore_auth'), _ACORE_OPTIONS),
'acore_characters': _mysql_db(os.getenv('DB_NAME_CHARACTERS', 'acore_characters'), _ACORE_OPTIONS),
'acore_world': _mysql_db(os.getenv('DB_NAME_WORLD', 'acore_world'), _ACORE_OPTIONS),
}