Secure storage of the SECRET_KEY

2024-01-04 21:19:09 +03:00 · 2024-01-04 21:19:09 +03:00 · 3818f394d1
commit 3818f394d1
parent 9c5f1b8010
6 changed files with 29 additions and 35 deletions
--- a/config/settings.py
+++ b/config/settings.py
@ -20,12 +20,14 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # See https://docs.djangoproject.com/en/2.2/howto/deployment/checklist/

 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = "o!ld8nrt4vc*h1zoey*wj48x*q0#ss12h=+zh)kk^6b3aygg=!"
+SECRET_KEY = config(
+    "SECRET_KEY", default="o!ld8nrt4vc*h1zoey*wj48x*q0#ss12h=+zh)kk^6b3aygg=!"
+)

 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = config("DEBUG", default=True, cast=bool)

-ALLOWED_HOSTS = ["*"]
+ALLOWED_HOSTS = ["127.0.0.1", "your-domain.com"]

 # change the default user models to our custom model
 AUTH_USER_MODEL = "accounts.User"
--- a/static/css/style.min.css
+++ b/static/css/style.min.css
--- a/static/css/style.min.css.map
+++ b/static/css/style.min.css.map
--- a/static/scss/style.scss
+++ b/static/scss/style.scss
@ -640,6 +640,20 @@ li {
  border-radius: 50%;
  margin: 0px 5px;
 }
+.avatar {
+  width: 40px;
+  height: 40px;
+  border-radius: 50%;
+  overflow: hidden;
+  img {
+    width: 100%;
+    height: 100%;
+    object-fit: cover;
+    &:hover {
+      filter: contrast(0.9);
+    }
+  }
+}
 /*.dropdown .profile-pic:hover {
 	box-shadow: 0px 0px 0px 5px #ddd;
 	transition: .2s;
--- a/templates/navbar.html
+++ b/templates/navbar.html
@ -1,4 +1,4 @@
-<div id="top-navbar">
+<div id="top-navbar" class="py-1">
 	<div class="container">
 		<div class="nav-wrapper">

@ -15,9 +15,9 @@
 			</form>

 			<div class="dropdown">
-				<button class="btn btn-sm" type="button" data-bs-toggle="dropdown" aria-expanded="false">
-					<img class="profile-pic border border-warning" src="{{ request.user.picture.url }}">
-				</button>
+				<div class="avatar border border-2 border-primary" type="button" data-bs-toggle="dropdown" aria-expanded="false">
+					<img src="{{ request.user.picture.url }}">
+				</div>
 				<div class="dropdown-menu" style="min-width: 14rem !important;">
 					<p class="container text-muted-xs text-center">
 						Last login: {{ request.user.last_login|date }}</p>
--- a/templates/registration/registration_base.html
+++ b/templates/registration/registration_base.html
@ -1,29 +1,7 @@
-{% load static %}
-<!DOCTYPE html>
-<html lang="en">
-<head>
-  <meta charset="UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1.0">
-  <meta http-equiv="X-UA-Compatible" content="ie=edge">
-  <title>{% block title %}DjangoSMS - Login{% endblock title %}</title>
+{% extends 'base.html' %}

-  <link href="{% static 'css/font-face.css' %}" rel="stylesheet" media="all">
-  <link rel="stylesheet" type="text/css" href="{% static 'css/all.css' %}">
+{% block sidebar %}{% endblock %}

-  <link rel="stylesheet" type="text/css" href="{% static 'css/bootstrap.css' %}">
-
-  <link rel="stylesheet" type="text/css" href="{% static 'css/style.css' %}">
-  
-</head>
-<body style="background: #fff;">
-    <div class="container">
-      {% block content %}
-      {% endblock content %}
-    </div>
-
-    <script src="{% static 'js/jquery-3.3.1.min.js' %}"></script>
-
-    {% block js %}
+{% block maincontent %}
+  {% block content %}{% endblock content %}
 {% endblock %}
-</body>
-</html>