ClearPath is a web Project Management tool to help Project Management Professional manage projects and teams of any demand and size respectively.
- Installation
- Usage
- Read Me
- Installation-MacOs
- Installation-Windows
- Continue
- Commands used-OS X or Linux
- Commands used-Windows
- Libraries
- Best Practices
- Git commit message types
- Streamlining Workflow with Git Flow Branch Naming Conventions
- Contribution
- Additional Information (Optional)
Here are the steps to install and run the project:
- Clone the repository ...
- Checkout to "feature" branch
- Install dependencies ...
- Run the project ...
Here's how to use the project functionalities:
- ... (instructions with code snippets or screenshots)
- Read this instructions carefully:
Always refer to the Django Installation
- Clone this repo and navigate to gospives folder
- Set Up Virtual Environment:
python3 -m venv venv - Activate Virtual Environment:
source venv/bin/activate
- Clone this repo and navigate to Backend folder
- Set Up Virtual Environment:
python -m venv venv - Activate Virtual Environment:
source venv\Scripts\activate.bat
- Install all dependecies:
pip install -r requirements.txt - Create
.envfile in the root folder. - Perform Initial Database Migrations:
python3 manage.py migrate - (Optional) Create Superuser:
python3 manage.py createsuperuser - Run Development Server:
python3 manage.py runserver
python3 -m venv venvsource venv/bin/activatepython -m pip install --upgrade pipdjango-admin startproject clearpath_home .python3 manage.py migratepython3 manage.py runserverpython3 manage.py createsuperuserpython3 manage.py startapp [AppName]- Add these dependencies to your requirements.txt file:
pip freeze > requirements.txt - Protect SECRET_KEYS -
pip install python-dotenv
python -m venv venvsource venv\Scripts\activate.batdjango-admin startproject clearpath_home .python manage.py migratepython manage.py runserverpython manage.py createsuperuserpython manage.py startapp [AppName]- Add these dependencies to your requirements.txt file:
pip freeze > requirements.txt - Protect SECRET_KEYS -
pip install python-dotenv
-
Keep Django Updated: Always stay on the latest version of Django. Regularly update your project to benefit from security fixes and improvements. Major releases occur approximately every 9 months, with minor releases addressing security and bugs almost monthly (https://learndjango.com/tutorials/django-best-practices-security)
-
Environment Variables:
- Use environment variables to manage settings between local development and production environments. These variables allow you to switch configurations seamlessly.
- Consider using packages like
environsto handle environment variables effectively.
-
DEBUG Mode: In your
settings.py, ensure that theDEBUGsetting is set toFalsein production. Debug mode provides detailed error pages, which can be a security risk if exposed publicly. Read more on: (https://learndjango.com/tutorials/django-best-practices-security) -
SECRET_KEY:
- Keep the
SECRET_KEYconfidential. It’s used for cryptographic signing and should never be shared or exposed. - Generate a strong, random
SECRET_KEYduring project setup. - To Generate a New
SECRET_KEYin Django, follow the instructions provided on this website: (https://www.makeuseof.com/django-secret-key-generate-new/)
- Keep the
-
Authorization and Authentication:
- Implement robust authorization and authentication mechanisms using Gmail, iCloud and other Social Media platforms.
- Avoid custom authentication solutions unless necessary.
-
Secure Configurations:
- Properly configure the application settings. Guard against common vulnerabilities like cross-site scripting (XSS) and cross-site request forgery (CSRF).
- Use HTTPS to encrypt data in transit.
-
Rate Limiting and Brute-Force Protection:
- Implement rate limiting to prevent brute-force attacks.
- Consider using packages like
django_ratelimitordjango-axes.
-
Third-Party Dependencies:
- Regularly review and update third-party packages. Vulnerabilities in dependencies can impact the application’s security.
- Use tools like
pip-toolsto manage dependencies efficiently.
-
Security Audits:
- Perform automated security audits regularly. Tools like
Lyniscan help identify potential issues. - Monitor logs and track suspicious activity.
- Perform automated security audits regularly. Tools like
-
Database Security:
- Secure your database connections. Use strong passwords and restrict access.
- Avoid using default database credentials.
- feat: Introducing new features or significant improvements.
- fix: Bug fixes that resolve issues in your code.
- docs: Updates or additions to documentation.
- style: Cosmetic changes that don't affect code functionality (like formatting).
- refactor: Code changes that neither fix a bug nor add a feature but improve structure.
- test: Everything about testing - adding or fixing tests.
- chore: Routine tasks or updates to the build process.
- perf: Enhancements that improve performance.
- ci: Modifications related to CI/CD processes.
- build: Changes affecting the build system or external dependencies.
- revert: Undoing previous changes.
Git Flow is a branching strategy that helps manage and structure various phases of a project.
- master: The source of truth for production-ready states.
- develop: The integration branch for development work.
- feature/: For developing new features, e.g., feature/add-login.
- release/: Preparing a new production release, e.g., release/1.2.0.
- hotfix/: Quick fixes for the production version, e.g., hotfix/critical-login-bug.
- support/: Long-term support for older versions, e.g., support/1.x.
- bugfix/: For specific bug fixes (optional), e.g., bugfix/login-error.
Please refer to the CONTRIBUTING.md for guidance.
- website: https://clearpath.com
- E-mail: contributions@clearpath.com