test docker and configure security

Author: RustamovAkrom

.gitignore

@@ -139,3 +139,5 @@ GitHub.sublime-settings
 
 # private_key.pem
 # public_key.pem
+
+db.sqlite3

apps/blog/views.py

@@ -41,7 +41,7 @@ class HomePageView(TemplateView):
     template_name = "blog/home.html"
 
     def get(self, request):
-        if request.user and request.user.is_authenticated:
+        if request.user is not None and request.user.is_authenticated:
             posts = Post.objects.exclude(author=request.user)
         else:
             posts = Post.objects.all()

security_settings/.gitignore apps/shared/management/__init__.pysecurity_settings/.gitignore renamed to apps/shared/management/__init__.py

@@ -0,0 +1,28 @@
+import os
+
+from dotenv import load_dotenv
+load_dotenv()
+
+from django.contrib.auth import get_user_model
+from django.core.management.base import BaseCommand
+
+
+ADMIN_USERNAME = str(os.getenv("ADMIN_USERNAME"))
+ADMIN_PASSWORD = str(os.getenv("ADMIN_PASSWORD"))
+ADMIN_EMAIL = str(os.getenv("ADMIN_PASSWORD"))
+
+
+class Command(BaseCommand):
+    def handle(self, *args, **options):
+        User = get_user_model()
+        self.create_superuser(User, ADMIN_USERNAME, ADMIN_EMAIL, ADMIN_PASSWORD)
+    def create_superuser(self, User, username, email, password):
+        if not User.objects.filter(username=username).exists():
+            User.objects.create_superuser(username, email, password)
+            self.stdout.write(
+                self.style.SUCCESS(f"Superuser {username} created successfully.")
+            )
+        else:
+            self.stdout.write(
+                self.style.ERROR(f"Superuser {username} already exists.")
+            )

apps/shared/management/commands/__init__.py

@@ -1,6 +1,8 @@
-from rest_framework_simplejwt.tokens import AccessToken
+from rest_framework_simplejwt.tokens import AccessToken, TokenError
 from django.utils.deprecation import MiddlewareMixin
 from django.contrib.auth import get_user_model
+from django.contrib.auth.models import AnonymousUser
+from django.core.cache import cache
 
 
 User = get_user_model()
@@ -10,11 +12,20 @@ class JWTAuthMiddleware(MiddlewareMixin):
     def process_request(self, request):
         access_token = request.COOKIES.get("access_token")
 
-        if access_token:
-            try:
-                token = AccessToken(access_token)
-                user_id = token['user_id']
-                request.user = User.objects.get(id=user_id)
-            except Exception as e:
-                request.user = None
-                
+        if not access_token:
+            request.user = AnonymousUser()
+        
+        cached_user = cache.get(access_token)
+        if cached_user:
+            request.user = cached_user
+            return
+    
+        try:
+            token = AccessToken(access_token)
+            user_id = token['user_id']
+            user = User.objects.get(id=user_id)
+
+            cache.set(access_token, user, timeout=60 * 15)
+            request.user = user
+        except (TokenError, User.DoesNotExist):
+            request.user = AnonymousUser()

apps/shared/management/commands/createadmin.py

@@ -2,11 +2,13 @@
 
 from datetime import timedelta
 
+from dotenv import load_dotenv
+load_dotenv()
 
-with open(str(os.getenv("PRIVATE_KEY_PATH", "security_settings/private_key.pem")), "r") as f:
+with open(str(os.getenv("PRIVATE_KEY_PATH")), "r") as f:
     PRIVATE_KEY = f.read()
 
-with open(str(os.getenv("PUBLIC_KEY_PATH", "security_settings/public_key.pem")), "r") as f:
+with open(str(os.getenv("PUBLIC_KEY_PATH")), "r") as f:
     PUBLIC_KEY = f.read()
 
 
@@ -32,6 +34,6 @@
     "TOKEN_TYPE_CLAIM": "token_type",
     "JTI_CLAIM": "jti",
     "SLIDING_TOKEN_REFRESH_EXP_CLAIM": "refresh_exp",
-    "SLIDING_TOKEN_LIFETIME": timedelta(minutes=5),
+    "SLIDING_TOKEN_LIFETIME": timedelta(seconds=1),
     "SLIDING_TOKEN_REFRESH_LIFETIME": timedelta(days=1),
 }

apps/users/middleware.py

@@ -0,0 +1,103 @@
+import os
+
+from pathlib import Path
+
+from core.config import * # noqa
+
+from dotenv import load_dotenv
+load_dotenv()
+
+BASE_DIR = Path(__file__).resolve().parent.parent.parent
+
+SECRET_KEY = str(os.getenv("SECRET_KEY"))
+
+DEBUG = bool(os.getenv("DEBUG", True))
+
+ALLOWED_HOSTS = str(os.getenv("ALLOWED_HOSTS")).split(",")
+
+
+INSTALLED_APPS = DEFAULT_APPS + PROJECT_APPS + THIRD_PARTY_APPS
+
+
+MIDDLEWARE = [
+    "django.middleware.security.SecurityMiddleware",
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "apps.users.middleware.JWTAuthMiddleware",
+]
+
+ROOT_URLCONF = "core.urls"
+
+
+TEMPLATES_DIRS = ["templates"]
+
+TEMPLATES = [
+    {
+        "BACKEND": "django.template.backends.django.DjangoTemplates",
+        "DIRS": TEMPLATES_DIRS,
+        "APP_DIRS": True,
+        "OPTIONS": {
+            "context_processors": [
+                "django.template.context_processors.debug",
+                "django.template.context_processors.request",
+                "django.contrib.auth.context_processors.auth",
+                "django.contrib.messages.context_processors.messages",
+            ],
+        },
+    },
+]
+
+
+WSGI_APPLICATION = "core.wsgi.application"
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.sqlite3",
+        "NAME": BASE_DIR / "db.sqlite3",
+    }
+}
+
+
+AUTH_PASSWORD_VALIDATORS = [
+    {
+        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
+    },
+    {
+        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
+    },
+]
+
+LANGUAGE_CODE = "en"
+
+TIME_ZONE = "Asia/Tashkent"
+
+USE_I18N = True
+# USE_L10N = True
+
+USE_TZ = True
+
+LOGIN_URL = "/users/login/"
+LOGIN_REDIRECT_URL = "/"
+
+STATIC_URL = "static/"
+STATIC_ROOT = BASE_DIR / "staticfiles"
+STATICFILES_DIRS = [BASE_DIR / "static"]
+
+MEDIA_URL = "media/"
+MEDIA_ROOT = BASE_DIR / "media/"
+
+DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
+
+AUTH_USER_MODEL = "users.User"
+
+SITE_ID = 1

core/config/jwt.py

@@ -0,0 +1,3 @@
+from .base import * # noqa
+
+EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"

core/settings/base.py

@@ -0,0 +1,28 @@
+import os
+
+from .base import * # noqa
+
+EMAIL_BACKEND = "django.core.mail.backends.smtp.EmailBackend"
+EMAIL_HOST = "'smtp.google.com'"
+EMAIL_PORT = 587
+EMAIL_HOST_USER = os.getenv("EMAIL_HOST_USER")
+EMAIL_HOST_PASSWORD = os.getenv("EMAIL_HOST_PASSWORD")
+EMAIL_USE_TLS = True
+
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.postgresql",
+        "NAME": str(os.getenv("POSTGRES_NAME")),
+        "USER": str(os.getenv("POSTGRES_USER")),
+        "PASSWORD": str(os.getenv("POSTGRES_PASSWORD")),
+        "HOST": str(os.getenv("POSTGRES_HOST")),
+        "PORT": int(os.getenv("POSTGRES_PORT"))
+    }
+}
+
+# CACHES = {
+#     "default": {
+#         "BACKEND": "django.core.cache.backends.redis.RedisCache",
+#         "LOCATION": os.getenv("REDIS_CACHE_URL"),
+#     },
+# }