Merge remote-tracking branch 'upstream/master'

CONTRIBUTORS.rst

@@ -107,11 +107,13 @@ Listed in alphabetical order.
   Lyla Fischer
   Martin Blech
   Mathijs Hoogland         `@MathijsHoogland`_
+  Matt Braymer-Hayes       `@mattayes`_                  @mattayes
   Matt Linares
   Matt Menzenski           `@menzenski`_
   Matt Warren              `@mfwarren`_
   Matthew Sisley           `@mjsisley`_
   Meghan Heintz            `@dot2dotseurat`_
+  Mesut Yılmaz             `@myilmaz`_
   Michael Gecht            `@mimischi`_                  @_mischi
   mozillazg                `@mozillazg`_
   Pablo                    `@oubiga`_
@@ -124,9 +126,10 @@ Listed in alphabetical order.
   Roman Osipenko           `@romanosipenko`_
   Russell Davies
   Sam Collins              `@MightySCollins`_
-  stepmr                   `@stepmr`_
+  Shupeyko Nikita          `@webyneter`_
   Sławek Ehlert            `@slafs`_
   Srinivas Nyayapati       `@shireenrao`_
+  stepmr                   `@stepmr`_
   Steve Steiner            `@ssteinerX`_
   Sule Marshall            `@suledev`_
   Taylor Baldwin
@@ -138,6 +141,7 @@ Listed in alphabetical order.
   Vitaly Babiy
   Vivian Guillen           `@viviangb`_
   Will Farley              `@goldhand`_                 @g01dhand
+  William Archinal         `@archinal`_
   Yaroslav Halchenko
 ========================== ============================ ==============
 
@@ -149,6 +153,7 @@ Listed in alphabetical order.
 .. _@amjith: https://github.com/amjith
 .. _@andor-pierdelacabeza: https://github.com/andor-pierdelacabeza
 .. _@antoniablair: https://github.com/antoniablair
+.. _@archinal: https://github.com/archinal
 .. _@areski: https://github.com/areski
 .. _@arruda: https://github.com/arruda
 .. _@bittner: https://github.com/bittner
@@ -193,10 +198,12 @@ Listed in alphabetical order.
 .. _@knitatoms: https://github.com/knitatoms
 .. _@krzysztofzuraw: https://github.com/krzysztofzuraw
 .. _@MathijsHoogland: https://github.com/MathijsHoogland
+.. _@mattayes: https://github.com/mattayes
 .. _@menzenski: https://github.com/menzenski
 .. _@mfwarren: https://github.com/mfwarren
 .. _@mimischi: https://github.com/mimischi
 .. _@mjsisley: https://github.com/mjsisley
+.. _@myilmaz: https://github.com/myilmaz
 .. _@mozillazg: https://github.com/mozillazg
 .. _@noisy: https://github.com/noisy
 .. _@originell: https://github.com/originell
@@ -206,6 +213,7 @@ Listed in alphabetical order.
 .. _@rm--: https://github.com/rm--
 .. _@romanosipenko: https://github.com/romanosipenko
 .. _@shireenrao: https://github.com/shireenrao
+.. _@webyneter: https://github.com/webyneter
 .. _@show0k: https://github.com/show0k
 .. _@shultz: https://github.com/shultz
 .. _@siauPatrick: https://github.com/siauPatrick

README.rst

@@ -32,6 +32,7 @@ Features
 * Renders Django projects with 100% starting test coverage
 * Twitter Bootstrap_ v4.0.0 - `alpha 4`_ (`maintained Foundation fork`_ also available)
 * 12-Factor_ based settings via django-environ_
+* Secure by default. We believe in SSL.
 * Optimized development and production settings
 * Registration via django-allauth_
 * Comes with custom user model ready to go
@@ -140,8 +141,7 @@ Answer the prompts with your own desired options_. For example::
     Select js_task_runner:
     1 - Gulp
     2 - Grunt
-    3 - Webpack
+    3 - None
-    4 - None
     Choose from 1, 2, 3, 4 [1]: 1
     use_lets_encrypt [n]: n
     Select open_source_license:
@@ -193,6 +193,13 @@ For Readers of Two Scoops of Django 1.8
 
 You may notice that some elements of this project do not exactly match what we describe in chapter 3. The reason for that is this project, amongst other things, serves as a test bed for trying out new ideas and concepts. Sometimes they work, sometimes they don't, but the end result is that it won't necessarily match precisely what is described in the book I co-authored.
 
+For pyup.io Users
+-----------------
+
+If you are using `pyup.io`_ to keep your dependencies updated and secure, use the code *cookiecutter* during checkout to get 15% off every month.
+
+.. _`pyup.io`: https://pyup.io
+
 "Your Stuff"
 -------------
 
@@ -258,10 +265,26 @@ Support This Project
 
 This project is maintained by volunteers. Support their efforts by spreading the word about:
 
-.. image:: https://s3.amazonaws.com/tsacademy/images/tsa-logo-250x60-transparent-01.png
+Two Scoops Press
-   :name: Two Scoops Academy
+~~~~~~~~~~~~~~~~~~
+
+.. image:: https://cdn.shopify.com/s/files/1/0304/6901/t/2/assets/logo.png?11985289740589874793
+   :name: Two Scoops Press
    :align: center
-   :alt: Two Scoops Academy
+   :alt: Two Scoops Press
-   :target: https://twoscoops.academy/
+   :target: https://twoscoopspress.com
+   
+Two Scoops Press brings you the best dairy-themed Django references in the universe   
+   
+pyup
+~~~~~~~~~~~~~~~~~~   
+   
+.. image:: https://pyup.io/static/images/logo.png
+   :name: pyup
+   :align: center
+   :alt: pyup
+   :target: https://pyup.io/
+   
+Pyup brings you automated security and dependency updates used by Google and other organizations. Free for open source projects!
 
 .. _`PyPA Code of Conduct`: https://www.pypa.io/en/latest/code-of-conduct/

cookiecutter.json

@@ -15,7 +15,7 @@
     "use_pycharm": "n",
     "windows": "n",
     "use_python3": "y",
-    "use_docker": "y",
+    "use_docker": "n",
     "use_heroku": "n",
     "use_elasticbeanstalk_experimental": "n",
     "use_compressor": "n",

docs/deployment-on-heroku.rst

@@ -3,7 +3,7 @@ Deployment on Heroku
 
 .. index:: Heroku
 
-You can either push the 'deploy' button in your generated README.rst or run these commands to deploy the project to Heroku:
+Run these commands to deploy the project to Heroku:
 
 .. code-block:: bash
 

docs/deployment-on-pythonanywhere.rst

@@ -47,7 +47,7 @@ Generate a secret key for yourself, eg like this:
 
 .. code-block:: bash
 
-    python -c 'import random; print("".join(random.SystemRandom().choice("abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)") for _ in range(50)))'
+    python -c 'import random;import string; print("".join(random.SystemRandom().choice(string.digits + string.ascii_letters + string.punctuation) for _ in range(50)))'
 
 Make a note of it, since we'll need it here in the console and later on in the web app config tab.
 
@@ -140,6 +140,7 @@ Click through to the **WSGI configuration file** link (near the top) and edit th
     os.environ['DJANGO_ADMIN_URL'] = '<as above>'
     os.environ['DJANGO_MAILGUN_API_KEY'] = '<as above>'
     os.environ['DJANGO_MAILGUN_SERVER_NAME'] = '<as above>'
+    os.environ['MAILGUN_SENDER_DOMAIN'] = '<as above>'
     os.environ['DJANGO_AWS_ACCESS_KEY_ID'] = ''
     os.environ['DJANGO_AWS_SECRET_ACCESS_KEY'] = ''
     os.environ['DJANGO_AWS_STORAGE_BUCKET_NAME'] = ''
@@ -179,5 +180,3 @@ For subsequent deployments, the procedure is much simpler.  In a Bash console:
 And then go to the Web tab and hit **Reload**
 
 **TIP:** *if you're really keen, you can set up git-push based deployments:  https://blog.pythonanywhere.com/87/*
-
-

docs/deployment-with-docker.rst

@@ -37,6 +37,19 @@ root directory of this project as a starting point. Add your own variables to th
 file won't be tracked by git by default so you'll have to make sure to use some other mechanism to copy your secret if
 you are relying solely on git.
 
+HTTPS is on by default
+----------------------
+
+SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client, typically in this case, a web server (website) and a browser. Not having HTTPS means that malicious network users can sniff authentication credentials between your website and end users' browser.
+
+It is always better to deploy a site behind HTTPS and will become crucial as the web services extend to the IoT (Internet of Things). For this reason, we have set up a number of security defaults to help make your website secure:
+
+* In the `.env.example`, we have made it simpler for you to change the default `Django Admin` into a custom name through an environmental variable. This should make it harder to guess the access to the admin panel.
+
+* If you are not using a subdomain of the domain name set in the project, then remember to put the your staging/production IP address in the  ``ALLOWED_HOSTS``_ environment variable before you deploy your website. Failure to do this will mean you will not have access to your website through the HTTP protocol.
+
+* Access to the Django admin is set up by default to require HTTPS in production or once *live*. We recommend that you look into setting up the *Certbot and Let's Encrypt Setup* mentioned below or another HTTPS certification service.
+
 Optional: nginx-proxy Setup
 ---------------------------
 
@@ -52,8 +65,7 @@ This pass all incoming requests on `nginx-proxy`_ to the nginx service your appl
 Optional: Postgres Data Volume Modifications
 ---------------------------------------------
 
-Postgres is saving its database files to the `postgres_data` volume by default. Change that if you wan't
+Postgres is saving its database files to the `postgres_data` volume by default. Change that if you want something else and make sure to make backups since this is not done automatically.
-something else and make sure to make backups since this is not done automatically.
 
 Optional: Certbot and Let's Encrypt Setup
 ------------------------------------------
@@ -143,7 +155,7 @@ If you have errors, you can always check your stack with `docker-compose`. Switc
 Supervisor Example
 -------------------
 
-Once you are ready with your initial setup, you wan't to make sure that your application is run by a process manager to
+Once you are ready with your initial setup, you want to make sure that your application is run by a process manager to
 survive reboots and auto restarts in case of an error. You can use the process manager you are most familiar with. All
 it needs to do is to run `docker-compose up` in your projects root directory.
 

docs/developing-locally-docker.rst

@@ -73,6 +73,11 @@ To migrate your app and to create a superuser, run::
 
 Here we specify the ``django`` container as the location to run our management commands.
 
+Add your Docker development server IP
+------------------------------------
+
+When ``DEBUG`` is set to `True`, the host is validated against ``['localhost', '127.0.0.1', '[::1]']``. This is adequate when running a ``virtualenv``. For Docker, in the ``config.settings.local``, add your host development server IP to ``INTERNAL_IPS`` or ``ALLOWED_HOSTS`` if the variable exists.
+
 Production Mode
 ~~~~~~~~~~~~~~~
 

docs/developing-locally.rst

@@ -50,7 +50,7 @@ Setup your email backend
 
 django-allauth sends an email to verify users (and superusers) after signup and login (if they are still not verified). To send email you need to `configure your email backend`_
 
-.. _configure your email backend: http://docs.djangoproject.com/en/1.9/topics/email/#smtp-backend
+.. _configure your email backend: https://docs.djangoproject.com/en/dev/topics/email/#smtp-backend
 
 In development you can (optionally) use MailHog_ for email testing. MailHog is built with Go so there are no dependencies. To use MailHog:
 

docs/project-generation-options.rst

@@ -25,7 +25,7 @@ version [0.1.0]
     The starting version number for your project.
 
 timezone [UTC]
-    Used in the common settings file for the `TIME_ZONE` value.
+    Used in the base settings file for the `TIME_ZONE` value.
 
 use_whitenoise [y]
     Whether to use WhiteNoise_ for static file serving.
@@ -74,8 +74,7 @@ js_task_runner [1]
 
     1. Gulp_
     2. Grunt_
-    3. Webpack_
+    3. None
-    4. None
 
 use_lets_encrypt [n]
     Use `Let's Encrypt`_ as the certificate authority for this project.

docs/settings.rst

@@ -3,7 +3,14 @@ Settings
 
 This project relies extensively on environment settings which **will not work with Apache/mod_wsgi setups**. It has been deployed successfully with both Gunicorn/Nginx and even uWSGI/Nginx.
 
-For configuration purposes, the following table maps environment variables to their Django setting:
+For configuration purposes, the following table maps environment variables to their Django setting and project settings:
+
+
+======================================= =========================== ============================================== ======================================================================
+Environment Variable                    Django Setting              Development Default                            Production Default
+======================================= =========================== ============================================== ======================================================================
+DJANGO_READ_DOT_ENV_FILE                READ_DOT_ENV_FILE           False                                          False
+======================================= =========================== ============================================== ======================================================================
 
 
 ======================================= =========================== ============================================== ======================================================================

hooks/post_gen_project.py

@@ -16,6 +16,7 @@ from __future__ import print_function
 import os
 import random
 import shutil
+import string
 
 # Get the root project directory
 PROJECT_DIRECTORY = os.path.realpath(os.path.curdir)
@@ -28,16 +29,19 @@ except NotImplementedError:
     using_sysrandom = False
 
 
-def get_random_string(
+def get_random_string(length=50):
-        length=50,
-        allowed_chars='abcdefghijklmnopqrstuvwxyz0123456789!@#%^&*(-_=+)'):
     """
     Returns a securely generated random string.
     The default length of 12 with the a-z, A-Z, 0-9 character set returns
     a 71-bit value. log_2((26+26+10)^12) =~ 71 bits
     """
+    punctuation = string.punctuation.replace('"', '').replace("'", '')
+    punctuation = punctuation.replace('\\', '')
     if using_sysrandom:
-        return ''.join(random.choice(allowed_chars) for i in range(length))
+        return ''.join(random.choice(
+            string.digits + string.ascii_letters + punctuation
+        ) for i in range(length))
+
     print(
         "Cookiecutter Django couldn't find a secure pseudo-random number generator on your system."
         " Please change change your SECRET_KEY variables in conf/settings/local.py and env.example"

requirements.txt

@@ -1,11 +1,11 @@
-cookiecutter==1.5.0
+cookiecutter==1.5.1
-flake8==3.2.1 # pyup: != 2.6.0
+flake8==3.3.0 # pyup: != 2.6.0
-sh==1.12.9
+sh==1.12.13
 binaryornot==0.4.0
 
 # Testing
-pytest==3.0.6
+pytest==3.0.7
 pep8==1.7.0
 pyflakes==1.5.0
-tox==2.5.0
+tox==2.6.0
 pytest-cookies==0.2.0

requirements_to_watch.txt

@@ -1,4 +1,4 @@
 # These requirements prevented an upgrade to Django 1.10.
-django-coverage-plugin==1.4.1
+django-coverage-plugin==1.5.0
 django-autoslug==1.9.3
 

tests/test_docker.sh

@@ -11,7 +11,7 @@ mkdir -p .cache/docker
 cd .cache/docker
 
 # create the project using the default settings in cookiecutter.json
-cookiecutter ../../ --no-input --overwrite-if-exists
+cookiecutter ../../ --no-input --overwrite-if-exists use_docker=y js_task_runner=None
 cd project_name
 
 # run the project's tests

{{cookiecutter.project_slug}}/.ebextensions/20_elasticcache.config

@@ -24,7 +24,7 @@ Resources:
       CacheNodeType:
         Fn::GetOptionSetting:
           OptionName : "CacheNodeType"
-          DefaultValue : "cache.t1.micro"
+          DefaultValue : "cache.t2.micro"
       NumCacheNodes:
         Fn::GetOptionSetting:
           OptionName : "NumCacheNodes"

{{cookiecutter.project_slug}}/.ebextensions/30_options.config

@@ -1,6 +1,6 @@
 option_settings:
   "aws:elasticbeanstalk:customoption":
-    CacheNodeType : cache.t1.micro
+    CacheNodeType : cache.t2.micro
     NumCacheNodes : 1
     Engine : redis
     CachePort : 6379

{{cookiecutter.project_slug}}/.idea/runConfigurations/Docker__tests___all.xml

@@ -4,7 +4,7 @@
     <option name="PARENT_ENVS" value="true" />
     <envs>
       <env name="PYTHONUNBUFFERED" value="1" />
-      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.local" />
+      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.test" />
     </envs>
     <option name="SDK_HOME" value="docker-compose://$PROJECT_DIR$/dev.yml:pycharm/python" />
     <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />

{{cookiecutter.project_slug}}/.idea/runConfigurations/Docker__tests___class__TestUser.xml

@@ -4,7 +4,7 @@
     <option name="PARENT_ENVS" value="true" />
     <envs>
       <env name="PYTHONUNBUFFERED" value="1" />
-      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.local" />
+      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.test" />
     </envs>
     <option name="SDK_HOME" value="docker-compose://$PROJECT_DIR$/dev.yml:pycharm/python" />
     <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />

{{cookiecutter.project_slug}}/.idea/runConfigurations/Docker__tests___file__test_models.xml

@@ -4,7 +4,7 @@
     <option name="PARENT_ENVS" value="true" />
     <envs>
       <env name="PYTHONUNBUFFERED" value="1" />
-      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.local" />
+      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.test" />
     </envs>
     <option name="SDK_HOME" value="docker-compose://$PROJECT_DIR$/dev.yml:pycharm/python" />
     <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />

{{cookiecutter.project_slug}}/.idea/runConfigurations/Docker__tests___module__users.xml

@@ -4,7 +4,7 @@
     <option name="PARENT_ENVS" value="true" />
     <envs>
       <env name="PYTHONUNBUFFERED" value="1" />
-      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.local" />
+      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.test" />
     </envs>
     <option name="SDK_HOME" value="docker-compose://$PROJECT_DIR$/dev.yml:pycharm/python" />
     <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />

{{cookiecutter.project_slug}}/.idea/runConfigurations/Docker__tests___specific__test_get_absolute_url.xml

@@ -4,7 +4,7 @@
     <option name="PARENT_ENVS" value="true" />
     <envs>
       <env name="PYTHONUNBUFFERED" value="1" />
-      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.local" />
+      <env name="DJANGO_SETTINGS_MODULE" value="config.settings.test" />
     </envs>
     <option name="SDK_HOME" value="docker-compose://$PROJECT_DIR$/dev.yml:pycharm/python" />
     <option name="WORKING_DIRECTORY" value="$PROJECT_DIR$" />

{{cookiecutter.project_slug}}/config/settings/base.py

@@ -12,15 +12,27 @@ from __future__ import absolute_import, unicode_literals
 
 import environ
 
-ROOT_DIR = environ.Path(__file__) - 3  # ({{ cookiecutter.project_slug }}/config/settings/common.py - 3 = {{ cookiecutter.project_slug }}/)
+ROOT_DIR = environ.Path(__file__) - 3  # ({{ cookiecutter.project_slug }}/config/settings/base.py - 3 = {{ cookiecutter.project_slug }}/)
 APPS_DIR = ROOT_DIR.path('{{ cookiecutter.project_slug }}')
 
+# Load operating system environment variables and then prepare to use them
 env = environ.Env()
-env.read_env()
+
+# .env file, should load only in development environment
+READ_DOT_ENV_FILE = env.bool('DJANGO_READ_DOT_ENV_FILE', default=False)
+
+if READ_DOT_ENV_FILE:
+    # Operating System Environment variables have precedence over variables defined in the .env file,
+    # that is to say variables from the .env files will only be used if not defined
+    # as environment variables.
+    env_file = str(ROOT_DIR.path('.env'))
+    print('Loading : {}'.format(env_file))
+    env.read_env(env_file)
+    print('The .env file has been loaded. See base.py for more information')
 
 # APP CONFIGURATION
 # ------------------------------------------------------------------------------
-DJANGO_APPS = (
+DJANGO_APPS = [
     # Default Django apps:
     'django.contrib.auth',
     'django.contrib.contenttypes',
@@ -34,27 +46,27 @@ DJANGO_APPS = (
 
     # Admin
     'django.contrib.admin',
-)
+]
-THIRD_PARTY_APPS = (
+THIRD_PARTY_APPS = [
     'crispy_forms',  # Form layouts
     'allauth',  # registration
     'allauth.account',  # registration
     'allauth.socialaccount',  # registration
-)
+]
 
 # Apps specific for this project go here.
-LOCAL_APPS = (
+LOCAL_APPS = [
     # custom users app
     '{{ cookiecutter.project_slug }}.users.apps.UsersConfig',
     # Your stuff: custom apps go here
-)
+]
 
 # See: https://docs.djangoproject.com/en/dev/ref/settings/#installed-apps
 INSTALLED_APPS = DJANGO_APPS + THIRD_PARTY_APPS + LOCAL_APPS
 
 # MIDDLEWARE CONFIGURATION
 # ------------------------------------------------------------------------------
-MIDDLEWARE = (
+MIDDLEWARE = [
     'django.middleware.security.SecurityMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
@@ -62,7 +74,7 @@ MIDDLEWARE = (
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
-)
+]
 
 # MIGRATIONS CONFIGURATION
 # ------------------------------------------------------------------------------
@@ -89,9 +101,9 @@ EMAIL_BACKEND = env('DJANGO_EMAIL_BACKEND', default='django.core.mail.backends.s
 # MANAGER CONFIGURATION
 # ------------------------------------------------------------------------------
 # See: https://docs.djangoproject.com/en/dev/ref/settings/#admins
-ADMINS = (
+ADMINS = [
     ("""{{cookiecutter.author_name}}""", '{{cookiecutter.email}}'),
-)
+]
 
 # See: https://docs.djangoproject.com/en/dev/ref/settings/#managers
 MANAGERS = ADMINS
@@ -176,15 +188,15 @@ STATIC_ROOT = str(ROOT_DIR('staticfiles'))
 STATIC_URL = '/static/'
 
 # See: https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#std:setting-STATICFILES_DIRS
-STATICFILES_DIRS = (
+STATICFILES_DIRS = [
     str(APPS_DIR.path('static')),
-)
+]
 
 # See: https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#staticfiles-finders
-STATICFILES_FINDERS = (
+STATICFILES_FINDERS = [
     'django.contrib.staticfiles.finders.FileSystemFinder',
     'django.contrib.staticfiles.finders.AppDirectoriesFinder',
-)
+]
 
 # MEDIA CONFIGURATION
 # ------------------------------------------------------------------------------
@@ -201,6 +213,16 @@ ROOT_URLCONF = 'config.urls'
 # See: https://docs.djangoproject.com/en/dev/ref/settings/#wsgi-application
 WSGI_APPLICATION = 'config.wsgi.application'
 
+# PASSWORD STORAGE SETTINGS
+# ------------------------------------------------------------------------------
+# See https://docs.djangoproject.com/en/dev/topics/auth/passwords/#using-argon2-with-django
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.Argon2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2PasswordHasher',
+    'django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher',
+    'django.contrib.auth.hashers.BCryptSHA256PasswordHasher',
+    'django.contrib.auth.hashers.BCryptPasswordHasher',
+]
 
 # PASSWORD VALIDATION
 # https://docs.djangoproject.com/en/dev/ref/settings/#auth-password-validators
@@ -223,10 +245,10 @@ AUTH_PASSWORD_VALIDATORS = [
 
 # AUTHENTICATION CONFIGURATION
 # ------------------------------------------------------------------------------
-AUTHENTICATION_BACKENDS = (
+AUTHENTICATION_BACKENDS = [
     'django.contrib.auth.backends.ModelBackend',
     'allauth.account.auth_backends.AuthenticationBackend',
-)
+]
 
 # Some really nice defaults
 ACCOUNT_AUTHENTICATION_METHOD = 'username'
@@ -247,9 +269,7 @@ LOGIN_URL = 'account_login'
 AUTOSLUG_SLUGIFY_FUNCTION = 'slugify.slugify'
 {% if cookiecutter.use_celery == 'y' %}
 ########## CELERY
-INSTALLED_APPS += ('{{cookiecutter.project_slug}}.taskapp.celery.CeleryConfig',)
+INSTALLED_APPS += ['{{cookiecutter.project_slug}}.taskapp.celery.CeleryConfig']
-# if you are not using the django database broker (e.g. rabbitmq, redis, memcached), you can remove the next line.
-INSTALLED_APPS += ('kombu.transport.django',)
 BROKER_URL = env('CELERY_BROKER_URL', default='django://')
 if BROKER_URL == 'django://':
     CELERY_RESULT_BACKEND = 'redis://'
@@ -261,8 +281,8 @@ else:
 {%- if cookiecutter.use_compressor == 'y'-%}
 # django-compressor
 # ------------------------------------------------------------------------------
-INSTALLED_APPS += ("compressor", )
+INSTALLED_APPS += ['compressor']
-STATICFILES_FINDERS += ("compressor.finders.CompressorFinder", )
+STATICFILES_FINDERS += ['compressor.finders.CompressorFinder']
 {%- endif %}
 
 # Location of root django.contrib.admin URL, use {% raw %}{% url 'admin:index' %}{% endraw %}

{{cookiecutter.project_slug}}/config/settings/local.py

@@ -14,7 +14,7 @@ Local settings
 
 import socket
 import os
-from .common import *  # noqa
+from .base import *  # noqa
 
 # DEBUG
 # ------------------------------------------------------------------------------
@@ -32,7 +32,7 @@ SECRET_KEY = env('DJANGO_SECRET_KEY', default='CHANGEME!!!')
 
 EMAIL_PORT = 1025
 {% if cookiecutter.use_mailhog == 'y' and cookiecutter.use_docker == 'y' %}
-EMAIL_HOST = env("EMAIL_HOST", default='mailhog')
+EMAIL_HOST = env('EMAIL_HOST', default='mailhog')
 {% else %}
 EMAIL_HOST = 'localhost'
 EMAIL_BACKEND = env('DJANGO_EMAIL_BACKEND',
@@ -50,14 +50,14 @@ CACHES = {
 
 # django-debug-toolbar
 # ------------------------------------------------------------------------------
-MIDDLEWARE += ('debug_toolbar.middleware.DebugToolbarMiddleware',)
+MIDDLEWARE += ['debug_toolbar.middleware.DebugToolbarMiddleware', ]
-INSTALLED_APPS += ('debug_toolbar', )
+INSTALLED_APPS += ['debug_toolbar', ]
 
 INTERNAL_IPS = ['127.0.0.1', '10.0.2.2', ]
 # tricks to have debug toolbar when developing with docker
 if os.environ.get('USE_DOCKER') == 'yes':
     ip = socket.gethostbyname(socket.gethostname())
-    INTERNAL_IPS += [ip[:-1] + "1"]
+    INTERNAL_IPS += [ip[:-1] + '1']
 
 DEBUG_TOOLBAR_CONFIG = {
     'DISABLE_PANELS': [
@@ -68,7 +68,7 @@ DEBUG_TOOLBAR_CONFIG = {
 
 # django-extensions
 # ------------------------------------------------------------------------------
-INSTALLED_APPS += ('django_extensions', )
+INSTALLED_APPS += ['django_extensions', ]
 
 # TESTING
 # ------------------------------------------------------------------------------

{{cookiecutter.project_slug}}/config/settings/production.py

@@ -20,7 +20,7 @@ from django.utils import six
 import logging
 {% endif %}
 
-from .common import *  # noqa
+from .base import *  # noqa
 
 # SECRET CONFIGURATION
 # ------------------------------------------------------------------------------
@@ -36,36 +36,34 @@ SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
 {%- if cookiecutter.use_sentry_for_error_reporting == 'y' %}
 # raven sentry client
 # See https://docs.sentry.io/clients/python/integrations/django/
-INSTALLED_APPS += ('raven.contrib.django.raven_compat', )
+INSTALLED_APPS += ['raven.contrib.django.raven_compat', ]
 {% endif %}
 {%- if cookiecutter.use_whitenoise == 'y' %}
 # Use Whitenoise to serve static files
 # See: https://whitenoise.readthedocs.io/
-WHITENOISE_MIDDLEWARE = ('whitenoise.middleware.WhiteNoiseMiddleware', )
+WHITENOISE_MIDDLEWARE = ['whitenoise.middleware.WhiteNoiseMiddleware', ]
 MIDDLEWARE = WHITENOISE_MIDDLEWARE + MIDDLEWARE
 {% endif %}
 {%- if cookiecutter.use_sentry_for_error_reporting == 'y' -%}
-RAVEN_MIDDLEWARE = ('raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware', )
+RAVEN_MIDDLEWARE = ['raven.contrib.django.raven_compat.middleware.SentryResponseErrorIdMiddleware']
 MIDDLEWARE = RAVEN_MIDDLEWARE + MIDDLEWARE
 {% endif %}
 {%- if cookiecutter.use_opbeat == 'y' -%}
 # opbeat integration
 # See https://opbeat.com/languages/django/
-INSTALLED_APPS += ('opbeat.contrib.django',)
+INSTALLED_APPS += ['opbeat.contrib.django', ]
 OPBEAT = {
     'ORGANIZATION_ID': env('DJANGO_OPBEAT_ORGANIZATION_ID'),
     'APP_ID': env('DJANGO_OPBEAT_APP_ID'),
     'SECRET_TOKEN': env('DJANGO_OPBEAT_SECRET_TOKEN')
 }
-MIDDLEWARE = (
+MIDDLEWARE = ['opbeat.contrib.django.middleware.OpbeatAPMMiddleware', ] + MIDDLEWARE
-    'opbeat.contrib.django.middleware.OpbeatAPMMiddleware',
-) + MIDDLEWARE
 {% endif %}
 
 # SECURITY CONFIGURATION
 # ------------------------------------------------------------------------------
-# See https://docs.djangoproject.com/en/1.9/ref/middleware/#module-django.middleware.security
+# See https://docs.djangoproject.com/en/dev/ref/middleware/#module-django.middleware.security
-# and https://docs.djangoproject.com/ja/1.9/howto/deployment/checklist/#run-manage-py-check-deploy
+# and https://docs.djangoproject.com/en/dev/howto/deployment/checklist/#run-manage-py-check-deploy
 
 # set this to 60 seconds and then to 518400 when you can prove it works
 SECURE_HSTS_SECONDS = 60
@@ -84,11 +82,11 @@ X_FRAME_OPTIONS = 'DENY'
 # SITE CONFIGURATION
 # ------------------------------------------------------------------------------
 # Hosts/domain names that are valid for this site
-# See https://docs.djangoproject.com/en/1.6/ref/settings/#allowed-hosts
+# See https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['{{cookiecutter.domain_name}}'])
+ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['{{cookiecutter.domain_name}}', ])
 # END SITE CONFIGURATION
 
-INSTALLED_APPS += ('gunicorn', )
+INSTALLED_APPS += ['gunicorn', ]
 
 
 # STORAGE CONFIGURATION
@@ -96,9 +94,7 @@ INSTALLED_APPS += ('gunicorn', )
 # Uploaded Media Files
 # ------------------------
 # See: http://django-storages.readthedocs.io/en/latest/index.html
-INSTALLED_APPS += (
+INSTALLED_APPS += ['storages', ]
-    'storages',
-)
 
 AWS_ACCESS_KEY_ID = env('DJANGO_AWS_ACCESS_KEY_ID')
 AWS_SECRET_ACCESS_KEY = env('DJANGO_AWS_SECRET_ACCESS_KEY')
@@ -143,7 +139,7 @@ STATICFILES_STORAGE = 'config.settings.production.StaticRootS3BotoStorage'
 # For Django 1.7+, 'collectfast' should come before
 # 'django.contrib.staticfiles'
 AWS_PRELOAD_METADATA = True
-INSTALLED_APPS = ('collectfast', ) + INSTALLED_APPS
+INSTALLED_APPS = ['collectfast', ] + INSTALLED_APPS
 {%- endif %}
 {% if cookiecutter.use_compressor == 'y'-%}
 # COMPRESSOR
@@ -156,16 +152,16 @@ COMPRESS_ENABLED = env.bool('COMPRESS_ENABLED', default=True)
 # ------------------------------------------------------------------------------
 DEFAULT_FROM_EMAIL = env('DJANGO_DEFAULT_FROM_EMAIL',
                          default='{{cookiecutter.project_name}} <noreply@{{cookiecutter.domain_name}}>')
-EMAIL_SUBJECT_PREFIX = env('DJANGO_EMAIL_SUBJECT_PREFIX', default='[{{cookiecutter.project_name}}] ')
+EMAIL_SUBJECT_PREFIX = env('DJANGO_EMAIL_SUBJECT_PREFIX', default='[{{cookiecutter.project_name}}]')
 SERVER_EMAIL = env('DJANGO_SERVER_EMAIL', default=DEFAULT_FROM_EMAIL)
 
 # Anymail with Mailgun
-INSTALLED_APPS += ("anymail", )
+INSTALLED_APPS += ['anymail', ]
 ANYMAIL = {
-    "MAILGUN_API_KEY": env('DJANGO_MAILGUN_API_KEY'),
+    'MAILGUN_API_KEY': env('DJANGO_MAILGUN_API_KEY'),
-    "MAILGUN_SENDER_DOMAIN": env('MAILGUN_SENDER_DOMAIN')
+    'MAILGUN_SENDER_DOMAIN': env('MAILGUN_SENDER_DOMAIN')
 }
-EMAIL_BACKEND = "anymail.backends.mailgun.MailgunBackend"
+EMAIL_BACKEND = 'anymail.backends.mailgun.MailgunBackend'
 
 # TEMPLATE CONFIGURATION
 # ------------------------------------------------------------------------------
@@ -199,7 +195,7 @@ DATABASES['default'] = env.db('DATABASE_URL')
 # CACHING
 # ------------------------------------------------------------------------------
 {% if cookiecutter.use_elasticbeanstalk_experimental.lower() == 'y' -%}
-REDIS_LOCATION = "redis://{}:{}/0".format(
+REDIS_LOCATION = 'redis://{}:{}/0'.format(
     env('REDIS_ENDPOINT_ADDRESS'),
     env('REDIS_PORT')
 )
@@ -228,7 +224,7 @@ LOGGING = {
     'disable_existing_loggers': True,
     'root': {
         'level': 'WARNING',
-        'handlers': ['sentry'],
+        'handlers': ['sentry', ],
     },
     'formatters': {
         'verbose': {
@@ -250,22 +246,22 @@ LOGGING = {
     'loggers': {
         'django.db.backends': {
             'level': 'ERROR',
-            'handlers': ['console'],
+            'handlers': ['console', ],
             'propagate': False,
         },
         'raven': {
             'level': 'DEBUG',
-            'handlers': ['console'],
+            'handlers': ['console', ],
             'propagate': False,
         },
         'sentry.errors': {
             'level': 'DEBUG',
-            'handlers': ['console'],
+            'handlers': ['console', ],
             'propagate': False,
         },
         'django.security.DisallowedHost': {
             'level': 'ERROR',
-            'handlers': ['console', 'sentry'],
+            'handlers': ['console', 'sentry', ],
             'propagate': False,
         },
     },
@@ -282,7 +278,7 @@ RAVEN_CONFIG = {
 # A sample logging configuration. The only tangible logging
 # performed by this configuration is to send an email to
 # the site admins on every HTTP 500 error when DEBUG=False.
-# See http://docs.djangoproject.com/en/dev/topics/logging for
+# See https://docs.djangoproject.com/en/dev/topics/logging for
 # more details on how to customize your logging configuration.
 LOGGING = {
     'version': 1,
@@ -301,7 +297,7 @@ LOGGING = {
     'handlers': {
         'mail_admins': {
             'level': 'ERROR',
-            'filters': ['require_debug_false'],
+            'filters': ['require_debug_false', ],
             'class': 'django.utils.log.AdminEmailHandler'
         },
         'console': {
@@ -312,13 +308,13 @@ LOGGING = {
     },
     'loggers': {
         'django.request': {
-            'handlers': ['mail_admins'],
+            'handlers': ['mail_admins', ],
             'level': 'ERROR',
             'propagate': True
         },
         'django.security.DisallowedHost': {
             'level': 'ERROR',
-            'handlers': ['console', 'mail_admins'],
+            'handlers': ['console', 'mail_admins', ],
             'propagate': True
         }
     }

{{cookiecutter.project_slug}}/config/settings/test.py

@@ -5,7 +5,7 @@ Test settings
 - Used to run tests fast on the continuous integration server and locally
 '''
 
-from .common import *  # noqa
+from .base import *  # noqa
 
 
 # DEBUG
@@ -47,16 +47,16 @@ TEST_RUNNER = 'django.test.runner.DiscoverRunner'
 # PASSWORD HASHING
 # ------------------------------------------------------------------------------
 # Use fast password hasher so tests run faster
-PASSWORD_HASHERS = (
+PASSWORD_HASHERS = [
     'django.contrib.auth.hashers.MD5PasswordHasher',
-)
+]
 
 # TEMPLATE LOADERS
 # ------------------------------------------------------------------------------
 # Keep templates in memory so tests run faster
 TEMPLATES[0]['OPTIONS']['loaders'] = [
-    ('django.template.loaders.cached.Loader', [
+    ['django.template.loaders.cached.Loader', [
         'django.template.loaders.filesystem.Loader',
         'django.template.loaders.app_directories.Loader',
-    ]),
+    ], ],
 ]

{{cookiecutter.project_slug}}/dev.yml

@@ -19,7 +19,8 @@ services:
       dockerfile: ./compose/django/Dockerfile-dev
     command: /start-dev.sh
     depends_on:
-      - postgres
+      - postgres{% if cookiecutter.use_mailhog == 'y' %}
+      - mailhog{% endif %}
     environment:
       - POSTGRES_USER={{cookiecutter.project_slug}}
       - USE_DOCKER=yes
@@ -27,11 +28,6 @@ services:
       - .:/app
     ports:
       - "8000:8000"
-    links:
-      - postgres
-{% if cookiecutter.use_mailhog == 'y' %}
-      - mailhog
-{% endif %}
 
 {% if cookiecutter.use_pycharm == 'y' %}
   pycharm:
@@ -44,8 +40,6 @@ services:
       - POSTGRES_USER={{cookiecutter.project_slug}}
     volumes:
       - .:/app
-    links:
-      - postgres
 {% endif %}
 
 {% if cookiecutter.use_mailhog == 'y' %}

{{cookiecutter.project_slug}}/docs/docker_ec2.rst

@@ -31,7 +31,7 @@ The Docker compose tool (previously known as `fig`_) makes linking these contain
         ...
     docker-compose.yml
 
-Each component of your application would get its own `Dockerfile`_. The rest of this example assumes you are using the `base postgres image`_ for your database. Your database settings in `config/common.py` might then look something like:
+Each component of your application would get its own `Dockerfile`_. The rest of this example assumes you are using the `base postgres image`_ for your database. Your database settings in `config/base.py` might then look something like:
 
 .. _Dockerfile: https://docs.docker.com/reference/builder/
 .. _base postgres image: https://registry.hub.docker.com/_/postgres/

{{cookiecutter.project_slug}}/docs/pycharm/configuration.rst

@@ -14,7 +14,7 @@ This repository comes with already prepared "Run/Debug Configurations" for docke
 
 .. image:: images/2.png
 
-But as you can see, at the beggining there is something wrong with them. They have red X on django icon, and they cannot be used, withot configuring remote python interpteter. To do that, you have to go to *Settings > Build, Execution, Deployment* first.
+But as you can see, at the beggining there is something wrong with them. They have red X on django icon, and they cannot be used, without configuring remote python interpteter. To do that, you have to go to *Settings > Build, Execution, Deployment* first.
 
 
 Next, you have to add new remote python interpreter, based on already tested deployment settings. Go to *Settings > Project > Project Interpreter*. Click on the cog icon, and click *Add Remote*.
@@ -48,7 +48,7 @@ After few seconds, all *Run/Debug Configurations* should be ready to use.
 * run and debug tests
 .. image:: images/f2.png
 .. image:: images/f3.png
-* run and debug migrations or different django managment commands
+* run and debug migrations or different django management commands
 .. image:: images/f4.png
 * and many others..
 

{{cookiecutter.project_slug}}/env.example

@@ -4,6 +4,7 @@ POSTGRES_PASSWORD=mysecretpass
 POSTGRES_USER=postgresuser
 
 # General settings
+# DJANGO_READ_DOT_ENV_FILE=True
 DJANGO_ADMIN_URL=
 DJANGO_SETTINGS_MODULE=config.settings.production
 DJANGO_SECRET_KEY=CHANGEME!!!

{{cookiecutter.project_slug}}/gulpfile.js

@@ -48,7 +48,7 @@ gulp.task('styles', function() {
   return gulp.src(paths.sass + '/project.scss')
     .pipe(sass().on('error', sass.logError))
     .pipe(plumber()) // Checks for errors
-    .pipe(autoprefixer({browsers: ['last 2 version']})) // Adds vendor prefixes
+    .pipe(autoprefixer({browsers: ['last 2 versions']})) // Adds vendor prefixes
     .pipe(pixrem())  // add fallbacks for rem units
     .pipe(gulp.dest(paths.css))
     .pipe(rename({ suffix: '.min' }))
@@ -88,17 +88,8 @@ gulp.task('browserSync', function() {
     });
 });
 
-// Default task
-gulp.task('default', function() {
-    runSequence(['styles', 'scripts', 'imgCompression'], 'runServer', 'browserSync');
-});
-
-////////////////////////////////
-		//Watch//
-////////////////////////////////
-
 // Watch
-gulp.task('watch', ['default'], function() {
+gulp.task('watch', function() {
 
   gulp.watch(paths.sass + '/*.scss', ['styles']);
   gulp.watch(paths.js + '/*.js', ['scripts']).on("change", reload);
@@ -106,3 +97,8 @@ gulp.task('watch', ['default'], function() {
   gulp.watch(paths.templates + '/**/*.html').on("change", reload);
 
 });
+
+// Default task
+gulp.task('default', function() {
+    runSequence(['styles', 'scripts', 'imgCompression'], 'runServer', 'browserSync', 'watch');
+});

{{cookiecutter.project_slug}}/pytest.ini

@@ -1,2 +1,2 @@
 [pytest]
-DJANGO_SETTINGS_MODULE=config.settings.local
+DJANGO_SETTINGS_MODULE=config.settings.test

{{cookiecutter.project_slug}}/requirements/base.txt

@@ -7,7 +7,7 @@ wheel==0.29.0
 {%- endif %}
 
 # Bleeding edge Django
-django==1.10.5
+django==1.10.7 # pyup: >=1.10,<1.11
 
 # Configuration
 django-environ==0.4.1
@@ -26,30 +26,33 @@ django-model-utils==2.6.1
 # Images
 Pillow==4.0.0
 
+# Password storage
+argon2-cffi==16.3.0
+
 # For user registration, either via email or social
 # Well-built with regular release cycles!
-django-allauth==0.30.0
+django-allauth==0.31.0
 
 {% if cookiecutter.windows == 'y' -%}
 # On Windows, you must download/install psycopg2 manually
 # from http://www.lfd.uci.edu/~gohlke/pythonlibs/#psycopg
 {% else %}
 # Python-PostgreSQL Database Adapter
-psycopg2==2.6.2
+psycopg2==2.7.1
 {%- endif %}
 
 # Unicode slugification
 awesome-slugify==1.6.5
 
 # Time zones support
-pytz==2016.10
+pytz==2017.2
 
 # Redis support
 django-redis==4.7.0
 redis>=2.10.5
 
 {% if cookiecutter.use_celery == "y" %}
-celery==3.1.24
+celery==4.0.2
 {% endif %}
 
 {% if cookiecutter.use_compressor == "y" %}

{{cookiecutter.project_slug}}/requirements/local.txt

@@ -2,15 +2,15 @@
 -r base.txt
 
 coverage==4.3.4
-django-coverage-plugin==1.4.1
+django-coverage-plugin==1.5.0
 
-Sphinx==1.5.2
+Sphinx==1.5.3
-django-extensions==1.7.6
+django-extensions==1.7.8
-Werkzeug==0.11.15
+Werkzeug==0.12.1
 django-test-plus==1.0.17
 factory-boy==2.8.1
 
-django-debug-toolbar==1.6
+django-debug-toolbar==1.7
 
 # improved REPL
 ipdb==0.10.2

{{cookiecutter.project_slug}}/requirements/production.txt

@@ -6,20 +6,20 @@
 # Python-PostgreSQL Database Adapter
 # If using Win for dev, this assumes Unix in prod
 # ------------------------------------------------
-psycopg2==2.6.2
+psycopg2==2.7.1
 {%- endif %}
 
 # WSGI Handler
 # ------------------------------------------------
 gevent==1.2.1
-gunicorn==19.6.0
+gunicorn==19.7.1
 
 # Static and Media Storage
 # ------------------------------------------------
-boto==2.45.0
+boto==2.46.1
 django-storages-redux==1.3.2
 {% if cookiecutter.use_whitenoise != 'y' -%}
-Collectfast==0.5.1
+Collectfast==0.5.2
 {%- endif %}
 
 # Email backends for Mailgun, Postmark, SendGrid and more
@@ -29,7 +29,7 @@ django-anymail==0.8
 {% if cookiecutter.use_sentry_for_error_reporting == "y" -%}
 # Raven is the Sentry client
 # --------------------------
-raven==5.32.0
+raven==6.0.0
 {%- endif %}
 
 {% if cookiecutter.use_opbeat == "y" -%}

{{cookiecutter.project_slug}}/requirements/test.txt

@@ -4,11 +4,11 @@
 {% if cookiecutter.windows == 'y' -%}
 # Python-PostgreSQL Database Adapter
 # If using Win for dev, this assumes Unix in test/prod
-psycopg2==2.6.2
+psycopg2==2.7.1
 {%- endif %}
 
 coverage==4.3.4
-flake8==3.2.1 # pyup: != 2.6.0
+flake8==3.3.0 # pyup: != 2.6.0
 django-test-plus==1.0.17
 factory-boy==2.8.1
 

{{cookiecutter.project_slug}}/{{cookiecutter.project_slug}}/templates/404.html

@@ -1,9 +1,9 @@
 {% raw %}{% extends "base.html" %}
 
-{% block title %}Page Not found{% endblock %}
+{% block title %}Page not found{% endblock %}
 
 {% block content %}
-<h1>Page Not found</h1>
+<h1>Page not found</h1>
 
 <p>This is not the page you were looking for.</p>
 {% endblock content %}{% endraw %}

{{cookiecutter.project_slug}}/{{cookiecutter.project_slug}}/templates/account/password_reset.html

@@ -18,7 +18,7 @@
     <form method="POST" action="{% url 'account_reset_password' %}" class="password_reset">
         {% csrf_token %}
         {{ form|crispy }}
-        <input type="submit" value="{% trans 'Reset My Password' %}" />
+        <input class="btn btn-primary" type="submit" value="{% trans 'Reset My Password' %}" />
     </form>
 
     <p>{% blocktrans %}Please contact us if you have any trouble resetting your password.{% endblocktrans %}</p>