cookiecutter/cookiecutter-django
1
1
Fork 0
mirror of https://github.com/cookiecutter/cookiecutter-django.git synced 2025-08-07 13:34:53 +03:00
Code Issues Packages Projects Releases Wiki Activity

Default POSTGRES_PASSWORD and POSTGRES_USER to random values

Browse Source
This commit is contained in:
Nikita P. Shupeyko 2017-09-02 23:16:13 +03:00
parent 82bbe8b7de
commit ff6ddbadd7
8 changed files with 92 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/settings.rst
View File

@ -22,7 +22,7 @@ DJANGO_ADMIN_URL n/a r'^admin/'
DJANGO_CACHES CACHES (default) locmem redis DJANGO_CACHES CACHES (default) locmem redis
DJANGO_DATABASES DATABASES (default) See code See code DJANGO_DATABASES DATABASES (default) See code See code
DJANGO_DEBUG DEBUG True False DJANGO_DEBUG DEBUG True False
DJANGO_SECRET_KEY SECRET_KEY CHANGEME!!! raises error DJANGO_SECRET_KEY SECRET_KEY !!!SET DJANGO_SECRET_KEY!!! raises error
DJANGO_SECURE_BROWSER_XSS_FILTER SECURE_BROWSER_XSS_FILTER n/a True DJANGO_SECURE_BROWSER_XSS_FILTER SECURE_BROWSER_XSS_FILTER n/a True
DJANGO_SECURE_SSL_REDIRECT SECURE_SSL_REDIRECT n/a True DJANGO_SECURE_SSL_REDIRECT SECURE_SSL_REDIRECT n/a True
DJANGO_SECURE_CONTENT_TYPE_NOSNIFF SECURE_CONTENT_TYPE_NOSNIFF n/a True DJANGO_SECURE_CONTENT_TYPE_NOSNIFF SECURE_CONTENT_TYPE_NOSNIFF n/a True

116
hooks/post_gen_project.py
View File

@ -13,12 +13,12 @@ except NotImplementedError:
PROJECT_DIR_PATH = os.path.realpath(os.path.curdir) PROJECT_DIR_PATH = os.path.realpath(os.path.curdir)
def remove_file(file_path): def remove_file(file_path: str) -> None:
if os.path.exists(file_path): if os.path.exists(file_path):
os.remove(file_path) os.remove(file_path)
def remove_open_source_project_only_files(): def remove_open_source_project_only_files() -> None:
filenames = [ filenames = [
'CONTRIBUTORS.txt' 'CONTRIBUTORS.txt'
] ]
@ -26,7 +26,7 @@ def remove_open_source_project_only_files():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def remove_gplv3_files(): def remove_gplv3_files() -> None:
filenames = [ filenames = [
'COPYING' 'COPYING'
] ]
@ -34,7 +34,7 @@ def remove_gplv3_files():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def remove_pycharm_files(): def remove_pycharm_files() -> None:
idea_dir_path = os.path.join(PROJECT_DIR_PATH, '.idea') idea_dir_path = os.path.join(PROJECT_DIR_PATH, '.idea')
if os.path.exists(idea_dir_path): if os.path.exists(idea_dir_path):
shutil.rmtree(idea_dir_path) shutil.rmtree(idea_dir_path)
@ -44,7 +44,7 @@ def remove_pycharm_files():
shutil.rmtree(docs_dir_path) shutil.rmtree(docs_dir_path)
def remove_docker_files(): def remove_docker_files() -> None:
shutil.rmtree(os.path.join(PROJECT_DIR_PATH, 'compose')) shutil.rmtree(os.path.join(PROJECT_DIR_PATH, 'compose'))
filenames = [ filenames = [
@ -56,7 +56,7 @@ def remove_docker_files():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def remove_heroku_files(): def remove_heroku_files() -> None:
filenames = [ filenames = [
'Procfile', 'Procfile',
'runtime.txt' 'runtime.txt'
@ -65,7 +65,7 @@ def remove_heroku_files():
remove_file(os.path.join(PROJECT_DIR_PATH, filename)) remove_file(os.path.join(PROJECT_DIR_PATH, filename))
def remove_elasticbeanstalk_files(): def remove_elasticbeanstalk_files() -> None:
ebextensions_dir_path = os.path.join(PROJECT_DIR_PATH, '.ebextensions') ebextensions_dir_path = os.path.join(PROJECT_DIR_PATH, '.ebextensions')
if os.path.exists(ebextensions_dir_path): if os.path.exists(ebextensions_dir_path):
shutil.rmtree(ebextensions_dir_path) shutil.rmtree(ebextensions_dir_path)
@ -77,7 +77,7 @@ def remove_elasticbeanstalk_files():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def try_remove_paas_files(): def try_remove_paas_files() -> None:
none_paas_files_left = True none_paas_files_left = True
if '{{ cookiecutter.use_heroku }}'.lower() != 'y': if '{{ cookiecutter.use_heroku }}'.lower() != 'y':
@ -96,7 +96,7 @@ def try_remove_paas_files():
remove_file(os.path.join(PROJECT_DIR_PATH, 'requirements.txt')) remove_file(os.path.join(PROJECT_DIR_PATH, 'requirements.txt'))
def remove_grunt_files(): def remove_grunt_files() -> None:
filenames = [ filenames = [
'Gruntfile.js' 'Gruntfile.js'
] ]
@ -104,7 +104,7 @@ def remove_grunt_files():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def remove_gulp_files(): def remove_gulp_files() -> None:
filenames = [ filenames = [
'gulpfile.js' 'gulpfile.js'
] ]
@ -112,7 +112,7 @@ def remove_gulp_files():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def remove_packagejson_file(): def remove_packagejson_file() -> None:
filenames = [ filenames = [
'package.json' 'package.json'
] ]
@ -120,45 +120,79 @@ def remove_packagejson_file():
os.remove(os.path.join(PROJECT_DIR_PATH, filename)) os.remove(os.path.join(PROJECT_DIR_PATH, filename))
def remove_celery_app(): def remove_celery_app() -> None:
task_app_path = os.path.join(PROJECT_DIR_PATH, '{{ cookiecutter.project_slug }}', 'taskapp') task_app_path = os.path.join(PROJECT_DIR_PATH, '{{ cookiecutter.project_slug }}', 'taskapp')
shutil.rmtree(task_app_path) shutil.rmtree(task_app_path)
def append_to_gitignore(path): def append_to_gitignore(path) -> None:
gitignore_file_path = os.path.join(PROJECT_DIR_PATH, '.gitignore') gitignore_file_path = os.path.join(PROJECT_DIR_PATH, '.gitignore')
with open(gitignore_file_path, 'a') as gitignore_file: with open(gitignore_file_path, 'a') as gitignore_file:
gitignore_file.write(path) gitignore_file.write(path)
gitignore_file.write(os.linesep) gitignore_file.write(os.linesep)
def generate_random_string(length=50): def generate_random_string(length: int,
using_digits: bool = False,
using_ascii_letters: bool = False,
using_punctuation: bool = False) -> str:
""" """
Returns a securely generated random string. Returns a securely generated random string.
The default length of 12 with the a-z, A-Z, 0-9 character set returns For instance, opting out for 50 symbol-long, [a-z][A-Z][0-9] string
a 71-bit value. log_2((26+26+10)^12) =~ 71 bits would yield log_2((26+26+50)^50) ~= 334 bit strength.
""" """
punctuation = string.punctuation.replace('"', '').replace("'", '') if not using_sysrandom:
punctuation = punctuation.replace('\\', '') return None
if using_sysrandom:
symbols = [random.choice(string.digits + string.ascii_letters + punctuation)
for i in range(length)]
return ''.join(symbols)
print( symbols = []
"Cookiecutter Django couldn't find a secure pseudo-random number generator on your system. " if using_digits:
"Please set your SECRET_KEY variables manually." symbols += string.digits
) if using_ascii_letters:
return "CHANGEME!!!" symbols += string.ascii_letters
if using_punctuation:
symbols += string.punctuation \
.replace('"', '') \
.replace("'", '') \
.replace('\\', '')
return ''.join([random.choice(symbols) for i in range(length)])
def set_secret_key(file_path): def replace_flag_with_random_string(file_path: str,
with open(file_path) as file: flag: str,
file_contents = file.read() *args,
SECRET_KEY = generate_random_string() **kwargs) -> None:
file_contents = file_contents.replace('CHANGEME!!!', SECRET_KEY, 1) random_string = generate_random_string(*args, **kwargs)
with open(file_path, 'w') as file: if random_string is None:
print("We couldn't find a secure pseudo-random number generator on your system. "
"Please, {} manually.".format(flag))
random_string = flag
with open(file_path, 'r+') as file:
file_contents = file.read().replace(flag, random_string)
file.seek(0)
file.write(file_contents) file.write(file_contents)
file.truncate()
def set_django_secret_key(file_path: str) -> None:
replace_flag_with_random_string(file_path, '!!!SET DJANGO_SECRET_KEY!!!',
length=50,
using_digits=True,
using_ascii_letters=True,
using_punctuation=True)
def set_postgres_user(file_path: str) -> None:
replace_flag_with_random_string(file_path, '!!!SET POSTGRES_USER!!!',
length=8,
using_ascii_letters=True)
def set_postgres_password(file_path: str) -> None:
replace_flag_with_random_string(file_path, '!!!SET POSTGRES_PASSWORD!!!',
length=30,
using_digits=True,
using_ascii_letters=True)
def main(): def main():
@ -201,11 +235,17 @@ def main():
append_to_gitignore('.envs/') append_to_gitignore('.envs/')
append_to_gitignore('.env') append_to_gitignore('.env')
set_secret_key(os.path.join(PROJECT_DIR_PATH, 'config', 'settings', 'local.py')) set_django_secret_key(os.path.join(PROJECT_DIR_PATH, 'config', 'settings', 'local.py'))
set_secret_key(os.path.join(PROJECT_DIR_PATH, 'config', 'settings', 'test.py')) set_django_secret_key(os.path.join(PROJECT_DIR_PATH, 'config', 'settings', 'test.py'))
set_secret_key(os.path.join(PROJECT_DIR_PATH, '.envs', '.production', '.django')) set_django_secret_key(os.path.join(PROJECT_DIR_PATH, '.envs', '.production', '.django'))
set_secret_key(os.path.join(PROJECT_DIR_PATH, '.envs', '.local', '.postgres'))
set_secret_key(os.path.join(PROJECT_DIR_PATH, '.envs', '.production', '.postgres')) envs_local_postgres = os.path.join(PROJECT_DIR_PATH, '.envs', '.local', '.postgres')
set_postgres_user(envs_local_postgres)
set_postgres_password(envs_local_postgres)
envs_production_postgres = os.path.join(PROJECT_DIR_PATH, '.envs', '.production', '.postgres')
set_postgres_user(envs_production_postgres)
set_postgres_password(envs_production_postgres)
if __name__ == '__main__': if __name__ == '__main__':

2
{{cookiecutter.project_slug}}/.envs/.local/.postgres
View File

@ -1,2 +1,2 @@
POSTGRES_USER={{cookiecutter.project_slug}} POSTGRES_USER={{cookiecutter.project_slug}}
POSTGRES_PASSWORD=CHANGEME!!! POSTGRES_PASSWORD=!!!SET POSTGRES_PASSWORD!!!

2
{{cookiecutter.project_slug}}/.envs/.production/.django
View File

@ -1,6 +1,6 @@
# DJANGO_READ_DOT_ENV_FILE=True # DJANGO_READ_DOT_ENV_FILE=True
DJANGO_SETTINGS_MODULE=config.settings.production DJANGO_SETTINGS_MODULE=config.settings.production
DJANGO_SECRET_KEY=CHANGEME!!! DJANGO_SECRET_KEY=!!!SET DJANGO_SECRET_KEY!!!
DJANGO_ALLOWED_HOSTS=.{{ cookiecutter.domain_name }} DJANGO_ALLOWED_HOSTS=.{{ cookiecutter.domain_name }}
DJANGO_ADMIN_URL= DJANGO_ADMIN_URL=

4
{{cookiecutter.project_slug}}/.envs/.production/.postgres
View File

@ -1,2 +1,2 @@
POSTGRES_USER= POSTGRES_USER=!!!SET POSTGRES_USER!!!
POSTGRES_PASSWORD=CHANGEME!!! POSTGRES_PASSWORD=!!!SET POSTGRES_PASSWORD!!!

2
{{cookiecutter.project_slug}}/config/settings/local.py
View File

@ -24,7 +24,7 @@ TEMPLATES[0]['OPTIONS']['debug'] = DEBUG
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key # See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
# Note: This key only used for development and testing. # Note: This key only used for development and testing.
SECRET_KEY = env('DJANGO_SECRET_KEY', default='CHANGEME!!!') SECRET_KEY = env('DJANGO_SECRET_KEY', default='!!!SET DJANGO_SECRET_KEY!!!')
# Mail settings # Mail settings
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------

2
{{cookiecutter.project_slug}}/config/settings/test.py
View File

@ -17,7 +17,7 @@ TEMPLATES[0]['OPTIONS']['debug'] = False
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key # See: https://docs.djangoproject.com/en/dev/ref/settings/#secret-key
# Note: This key only used for development and testing. # Note: This key only used for development and testing.
SECRET_KEY = env('DJANGO_SECRET_KEY', default='CHANGEME!!!') SECRET_KEY = env('DJANGO_SECRET_KEY', default='!!!SET DJANGO_SECRET_KEY!!!')
# Mail settings # Mail settings
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------

9
{{cookiecutter.project_slug}}/merge_production_dotenvs_in_dotenv.py
View File

@ -1,7 +1,10 @@
import os import os
from typing import Sequence
import pytest import pytest
PROJECT_DIR_PATH = os.path.dirname(os.path.realpath(__file__)) PROJECT_DIR_PATH = os.path.dirname(os.path.realpath(__file__))
PRODUCTION_DOTENV_DIR_PATH = os.path.join(PROJECT_DIR_PATH, '.envs', '.production') PRODUCTION_DOTENV_DIR_PATH = os.path.join(PROJECT_DIR_PATH, '.envs', '.production')
PRODUCTION_DOTENV_FILE_PATHS = [ PRODUCTION_DOTENV_FILE_PATHS = [
os.path.join(PRODUCTION_DOTENV_DIR_PATH, '.django'), os.path.join(PRODUCTION_DOTENV_DIR_PATH, '.django'),
@ -11,8 +14,10 @@ PRODUCTION_DOTENV_FILE_PATHS = [
DOTENV_FILE_PATH = os.path.join(PROJECT_DIR_PATH, '.env') DOTENV_FILE_PATH = os.path.join(PROJECT_DIR_PATH, '.env')
def merge(output_file_path, merged_file_paths, append_linesep=True): def merge(output_file_path: str,
with open(output_file_path, 'w+') as output_file: merged_file_paths: Sequence[str],
append_linesep: bool = True) -> None:
with open(output_file_path, 'w') as output_file:
for merged_file_path in merged_file_paths: for merged_file_path in merged_file_paths:
with open(merged_file_path, 'r') as merged_file: with open(merged_file_path, 'r') as merged_file:
merged_file_content = merged_file.read() merged_file_content = merged_file.read()