Merge pull request #285 from jandd/optimize_settings_for_prod

Optimize settings for production deployment

devday/attendee/tests/test_admin.py

@@ -69,8 +69,8 @@ def test_devdayuser_admin_add(self):
             reverse("admin:attendee_devdayuser_add"),
             data={
                 "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "password1": "l0nGs3cr3t",
+                "password2": "l0nGs3cr3t",
                 "attendees-TOTAL_FORMS": "0",
                 "attendees-INITIAL_FORMS": "0",
                 "attendees-MIN_NUM_FORMS": "0",
@@ -79,7 +79,7 @@ def test_devdayuser_admin_add(self):
         )
         user = User.objects.get(email="test@example.org")
         self.assertIsNotNone(user.id)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password("l0nGs3cr3t"))
         self.assertRedirects(
             response, reverse("admin:attendee_devdayuser_change", args=(user.id,))
         )

devday/attendee/tests/test_forms.py

@@ -26,7 +26,7 @@
 ADMIN_EMAIL = "admin@example.org"
 ADMIN_PASSWORD = "sUp3rS3cr3t"
 USER_EMAIL = "test@example.org"
-USER_PASSWORD = "s3cr3t"
+USER_PASSWORD = "l0nGs3cr3t"
 
 
 class DevDayRegistrationFormTest(TestCase):
@@ -60,26 +60,26 @@ def test_get_user_form(self):
     def test_form_save_commit(self):
         form = DevDayUserCreationForm(
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             }
         )
         user = form.save(commit=True)
         self.assertIsNotNone(user.id)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
     def test_form_save_no_commit(self):
         form = DevDayUserCreationForm(
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             }
         )
         user = form.save(commit=False)
         self.assertIsNone(user.id)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
 
 class RegistrationAuthenticationFormTest(TestCase):
@@ -100,45 +100,45 @@ class DevDayUserRegistrationFormTest(TestCase):
     def test_form_save_commit(self):
         form = DevDayUserRegistrationForm(
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             }
         )
         user = form.save(commit=True)
         self.assertIsNotNone(user.id)
         self.assertFalse(user.is_active)
         self.assertIsNone(user.contact_permission_date)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
     def test_form_save_no_commit(self):
         form = DevDayUserRegistrationForm(
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             }
         )
         user = form.save(commit=False)
         self.assertIsNone(user.id)
         self.assertFalse(user.is_active)
         self.assertIsNone(user.contact_permission_date)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
     def test_form_save_with_contact_permission(self):
         form = DevDayUserRegistrationForm(
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
                 "accept_general_contact": "checked",
             }
         )
         user = form.save(commit=True)
         self.assertIsNotNone(user.id)
         self.assertFalse(user.is_active)
         self.assertIsNotNone(user.contact_permission_date)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
 
 class AttendeeRegistrationFormTest(TestCase):
@@ -166,47 +166,47 @@ def test_form_save_commit(self):
         form = AttendeeRegistrationForm(
             event=self.event,
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             },
         )
         user = form.save(commit=True)
         self.assertIsNotNone(user.id)
         self.assertFalse(user.is_active)
         self.assertIsNone(user.contact_permission_date)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
     def test_form_save_contact_permission(self):
         form = AttendeeRegistrationForm(
             event=self.event,
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
                 "accept_general_contact": "checked",
             },
         )
         user = form.save(commit=True)
         self.assertIsNotNone(user.id)
         self.assertFalse(user.is_active)
         self.assertIsNotNone(user.contact_permission_date)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
     def test_form_save_no_commit(self):
         form = AttendeeRegistrationForm(
             event=self.event,
             data={
-                "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "email": USER_EMAIL,
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             },
         )
         user = form.save(commit=False)
         self.assertIsNone(user.id)
         self.assertFalse(user.is_active)
         self.assertIsNone(user.contact_permission_date)
-        self.assertTrue(user.check_password("s3cr3t"))
+        self.assertTrue(user.check_password(USER_PASSWORD))
 
 
 class AttendeeProfileFormTest(TestCase):

devday/attendee/tests/test_views.py

@@ -30,7 +30,7 @@
 ADMIN_EMAIL = "admin@example.org"
 ADMIN_PASSWORD = "sUp3rS3cr3t"
 USER_EMAIL = "test@example.org"
-USER_PASSWORD = "s3cr3t"
+USER_PASSWORD = "l0nGs3cr3t"
 
 
 class AttendeeProfileViewTest(TestCase):
@@ -143,8 +143,8 @@ def test_register_minimum_fields(self):
             self.url,
             data={
                 "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             },
             follow=False,
         )
@@ -161,8 +161,8 @@ def test_register_permit_contact(self):
             self.url,
             data={
                 "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
                 "accept_general_contact": "checked",
             },
             follow=False,
@@ -386,7 +386,7 @@ def test_next_traverses_state_transitions(self):
         self.assertEqual(data["next"], next_url)
         # post form with correct data
         data.update(
-            {"email": "test@example.org", "password1": "s3cr3t", "password2": "s3cr3t"}
+            {"email": "test@example.org", "password1": USER_PASSWORD, "password2": USER_PASSWORD}
         )
         response = self.client.post(self.url, data=data, follow=False)
         self.assertRedirects(response, "/accounts/register/complete/")
@@ -401,8 +401,8 @@ def test_get_email_context(self):
         request.POST.update(
             next="/foo",
             email="test@example.org",
-            password1="s3cr3t",
-            password2="s3cr3t",
+            password1=USER_PASSWORD,
+            password2=USER_PASSWORD,
         )
         context = DevDayUserRegistrationView(request=request).get_email_context(
             "testkey"
@@ -425,8 +425,8 @@ def test_register_minimum_fields(self):
             self.url,
             data={
                 "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
             },
             follow=False,
         )
@@ -444,8 +444,8 @@ def test_register_permit_contact(self):
             self.url,
             data={
                 "email": "test@example.org",
-                "password1": "s3cr3t",
-                "password2": "s3cr3t",
+                "password1": USER_PASSWORD,
+                "password2": USER_PASSWORD,
                 "accept_general_contact": "checked",
             },
             follow=False,

devday/devday/settings/__init__.py

@@ -109,6 +109,23 @@ def split_list(value: str):
     "ALLOWED_HOSTS", split_list, default_value=["0.0.0.0", "127.0.0.1", "localhost"]
 )
 AUTH_USER_MODEL = "attendee.DevDayUser"
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
+        "OPTIONS": {
+            "min_length": 8,
+        },
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
+    },
+]
 
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
 
@@ -245,7 +262,7 @@ def split_list(value: str):
         "rest_framework.authentication.TokenAuthentication",
     ],
     "DEFAULT_PERMISSION_CLASSES": ["rest_framework.permissions.IsAuthenticated"],
-    'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema',
+    "DEFAULT_SCHEMA_CLASS": "drf_spectacular.openapi.AutoSchema",
 }
 
 ROOT_URLCONF = "devday.urls"
@@ -369,7 +386,9 @@ def split_list(value: str):
     "twitterfeed",
 ]
 
-RUN_SCHEDULED_JOBS = get_setting("RUN_SCHEDULED_JOBS", value_type=bool, default_value=False)
+RUN_SCHEDULED_JOBS = get_setting(
+    "RUN_SCHEDULED_JOBS", value_type=bool, default_value=False
+)
 
 if DEBUG:
     DEBUG_TOOLBAR_PATCH_SETTINGS = False
@@ -404,7 +423,7 @@ def split_list(value: str):
             },
             "loggers": {
                 "django.request": {
-                    "handlers": ["file", "mail_admins"],
+                    "handlers": ["console", "mail_admins"],
                     "level": "ERROR",
                     "propagate": False,
                 }
@@ -420,18 +439,12 @@ def split_list(value: str):
                 "include_html": True,
                 "filters": ["require_debug_false"],
             },
-            "file": {
-                "class": "logging.FileHandler",
-                "filename": os.path.join(BASE_DIR, "logs", "devday.log"),
-                "formatter": "simple",
-                "level": "INFO",
-            },
         }
     )
 
     for log_name in _local_log_names:
         LOGGING["loggers"][log_name] = {
-            "handlers": ["file", "mail_admins"],
+            "handlers": ["console", "mail_admins"],
             "level": "INFO",
             "propagate": True,
         }
@@ -442,6 +455,6 @@ def split_list(value: str):
     }
 
 SPECTACULAR_SETTINGS = {
-    'SERVE_PUBLIC': False,
-    'SERVE_PERMISSIONS': ['rest_framework.permissions.IsAuthenticated'],
+    "SERVE_PUBLIC": False,
+    "SERVE_PERMISSIONS": ["rest_framework.permissions.IsAuthenticated"],
 }