e2973284d0
All checks were successful
Build and Deploy / build-and-deploy (push) Successful in 2m20s
v0.9.5 — 账号安全管控 + 内容资产页: - 首次登录强制改密(must_change_password + ForceChangePasswordModal) - 并发会话限制(ActiveSession + SessionJWT认证,可配置桌面/移动端会话数) - Token生命周期缩短(access 30min, refresh 1天) - 登录IP记录(LoginRecord模型,为异常检测打基础) - 内容资产页(超管三级折叠/团队管两级折叠,按需懒加载) v0.9.6 — UI修缮: - 侧栏导航排序(内容资产移到用户管理下方) - 视频网格高度调整(440px,3行+暗示可滚动) - 秒数单位统一(不再换算为分钟/小时) - 提示词标签溢出修复 + 弹窗方向自适应 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
190 lines
6.7 KiB
Python
190 lines
6.7 KiB
Python
"""Django settings for AirDrama backend."""
|
|
|
|
import os
|
|
from pathlib import Path
|
|
from datetime import timedelta
|
|
|
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
|
|
|
SECRET_KEY = os.environ.get('DJANGO_SECRET_KEY', '')
|
|
if not SECRET_KEY:
|
|
import warnings
|
|
warnings.warn('DJANGO_SECRET_KEY not set — using insecure dev key. Do NOT deploy like this.')
|
|
SECRET_KEY = 'django-insecure-dev-only-do-not-deploy'
|
|
|
|
DEBUG = os.environ.get('DJANGO_DEBUG', 'False').lower() in ('true', '1', 'yes')
|
|
|
|
ALLOWED_HOSTS = os.environ.get('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1').split(',')
|
|
|
|
INSTALLED_APPS = [
|
|
'django.contrib.admin',
|
|
'django.contrib.auth',
|
|
'django.contrib.contenttypes',
|
|
'django.contrib.sessions',
|
|
'django.contrib.messages',
|
|
'django.contrib.staticfiles',
|
|
# Third party
|
|
'rest_framework',
|
|
'corsheaders',
|
|
# Local apps
|
|
'apps.accounts',
|
|
'apps.generation',
|
|
]
|
|
|
|
MIDDLEWARE = [
|
|
'utils.log_center.LogCenterMiddleware',
|
|
'django.middleware.security.SecurityMiddleware',
|
|
'django.contrib.sessions.middleware.SessionMiddleware',
|
|
'corsheaders.middleware.CorsMiddleware',
|
|
'django.middleware.common.CommonMiddleware',
|
|
'django.middleware.csrf.CsrfViewMiddleware',
|
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
|
'django.contrib.messages.middleware.MessageMiddleware',
|
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
|
]
|
|
|
|
ROOT_URLCONF = 'config.urls'
|
|
|
|
TEMPLATES = [
|
|
{
|
|
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
|
'DIRS': [],
|
|
'APP_DIRS': True,
|
|
'OPTIONS': {
|
|
'context_processors': [
|
|
'django.template.context_processors.debug',
|
|
'django.template.context_processors.request',
|
|
'django.contrib.auth.context_processors.auth',
|
|
'django.contrib.messages.context_processors.messages',
|
|
],
|
|
},
|
|
},
|
|
]
|
|
|
|
WSGI_APPLICATION = 'config.wsgi.application'
|
|
|
|
# Database configuration
|
|
# TESTING=true → isolated test_db.sqlite3 (never pollutes dev data)
|
|
# USE_MYSQL=true → Aliyun RDS MySQL (production)
|
|
# Otherwise → SQLite db.sqlite3 (local dev)
|
|
TESTING = os.environ.get('TESTING', 'false').lower() in ('true', '1', 'yes')
|
|
|
|
if TESTING:
|
|
DATABASES = {
|
|
'default': {
|
|
'ENGINE': 'django.db.backends.sqlite3',
|
|
'NAME': BASE_DIR / 'test_db.sqlite3',
|
|
}
|
|
}
|
|
elif os.environ.get('USE_MYSQL', 'false').lower() in ('true', '1', 'yes'):
|
|
DATABASES = {
|
|
'default': {
|
|
'ENGINE': 'django.db.backends.mysql',
|
|
'NAME': os.environ.get('DB_NAME', 'video_auto'),
|
|
'USER': os.environ.get('DB_USER', 'ai_video'),
|
|
'PASSWORD': os.environ.get('DB_PASSWORD', ''),
|
|
'HOST': os.environ.get('DB_HOST', 'localhost'),
|
|
'PORT': os.environ.get('DB_PORT', '3306'),
|
|
'OPTIONS': {
|
|
'charset': 'utf8mb4',
|
|
'init_command': "SET sql_mode='STRICT_TRANS_TABLES'",
|
|
},
|
|
}
|
|
}
|
|
else:
|
|
DATABASES = {
|
|
'default': {
|
|
'ENGINE': 'django.db.backends.sqlite3',
|
|
'NAME': BASE_DIR / 'db.sqlite3',
|
|
}
|
|
}
|
|
|
|
AUTH_USER_MODEL = 'accounts.User'
|
|
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
{'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', 'OPTIONS': {'min_length': 8}},
|
|
{'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
|
|
{'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
|
|
]
|
|
|
|
# REST Framework
|
|
REST_FRAMEWORK = {
|
|
'DEFAULT_AUTHENTICATION_CLASSES': (
|
|
'apps.accounts.authentication.SessionJWTAuthentication',
|
|
),
|
|
'DEFAULT_PERMISSION_CLASSES': (
|
|
'rest_framework.permissions.IsAuthenticated',
|
|
),
|
|
'DEFAULT_RENDERER_CLASSES': (
|
|
'rest_framework.renderers.JSONRenderer',
|
|
),
|
|
'EXCEPTION_HANDLER': 'utils.log_center.custom_exception_handler',
|
|
'DEFAULT_THROTTLE_CLASSES': [
|
|
'rest_framework.throttling.AnonRateThrottle',
|
|
'rest_framework.throttling.UserRateThrottle',
|
|
],
|
|
'DEFAULT_THROTTLE_RATES': {
|
|
'anon': '30/minute',
|
|
'user': '120/minute',
|
|
'login': '5/minute',
|
|
},
|
|
}
|
|
|
|
# JWT settings
|
|
SIMPLE_JWT = {
|
|
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=30),
|
|
'REFRESH_TOKEN_LIFETIME': timedelta(days=1),
|
|
'ROTATE_REFRESH_TOKENS': False,
|
|
'AUTH_HEADER_TYPES': ('Bearer',),
|
|
}
|
|
|
|
# CORS
|
|
CORS_ALLOWED_ORIGINS = [
|
|
'http://localhost:5173',
|
|
'http://127.0.0.1:5173',
|
|
'http://localhost:3000',
|
|
]
|
|
_extra_cors = os.environ.get('CORS_ALLOWED_ORIGINS', '')
|
|
if _extra_cors:
|
|
CORS_ALLOWED_ORIGINS += [o.strip() for o in _extra_cors.split(',') if o.strip()]
|
|
CORS_ALLOW_CREDENTIALS = True
|
|
|
|
CSRF_TRUSTED_ORIGINS = [o for o in CORS_ALLOWED_ORIGINS if o.startswith('https://')]
|
|
|
|
LANGUAGE_CODE = 'zh-hans'
|
|
TIME_ZONE = 'Asia/Shanghai'
|
|
USE_I18N = True
|
|
USE_TZ = True
|
|
|
|
STATIC_URL = 'static/'
|
|
STATIC_ROOT = BASE_DIR / 'staticfiles'
|
|
|
|
DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
|
|
|
|
# ──────────────────────────────────────────────
|
|
# Security headers (production)
|
|
# ──────────────────────────────────────────────
|
|
if not DEBUG:
|
|
SECURE_BROWSER_XSS_FILTER = True
|
|
SECURE_CONTENT_TYPE_NOSNIFF = True
|
|
X_FRAME_OPTIONS = 'DENY'
|
|
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
|
|
|
# ──────────────────────────────────────────────
|
|
# TOS (Volcano Engine Object Storage)
|
|
# ──────────────────────────────────────────────
|
|
TOS_ACCESS_KEY = os.environ.get('TOS_ACCESS_KEY', '')
|
|
TOS_SECRET_KEY = os.environ.get('TOS_SECRET_KEY', '')
|
|
TOS_ENDPOINT = os.environ.get('TOS_ENDPOINT', 'https://tos-cn-beijing.volces.com')
|
|
TOS_BUCKET = os.environ.get('TOS_BUCKET', 'airdrama-media')
|
|
TOS_REGION = os.environ.get('TOS_REGION', 'cn-beijing')
|
|
TOS_CDN_DOMAIN = os.environ.get('TOS_CDN_DOMAIN', 'https://airdrama-media.tos-cn-beijing.volces.com')
|
|
|
|
# ──────────────────────────────────────────────
|
|
# Seedance API (Volcano Engine ARK)
|
|
# ──────────────────────────────────────────────
|
|
ARK_API_KEY = os.environ.get('ARK_API_KEY', '')
|
|
ARK_BASE_URL = os.environ.get('ARK_BASE_URL', 'https://ark.cn-beijing.volces.com/api/v3')
|
|
# Set to True when Seedance model is activated on ARK platform
|
|
SEEDANCE_ENABLED = os.environ.get('SEEDANCE_ENABLED', 'false').lower() == 'true'
|