""" Django settings for base project. Generated by 'django-admin startproject' using Django 6.0.5. For more information on this file, see https://docs.djangoproject.com/en/6.0/topics/settings/ For the full list of settings and their values, see https://docs.djangoproject.com/en/6.0/ref/settings/ """ from pathlib import Path import os from datetime import timedelta from django.core.exceptions import ImproperlyConfigured from decouple import config, Csv import dj_database_url # Build paths inside the project like this: BASE_DIR / 'subdir'. BASE_DIR = Path(__file__).resolve().parent.parent # Quick-start development settings - unsuitable for production # See https://docs.djangoproject.com/en/6.0/howto/deployment/checklist/ # SECURITY WARNING: keep the secret key used in production secret! SECRET_KEY = config('SECRET_KEY') DEBUG = config('DEBUG', default=False, cast=bool) ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='localhost,127.0.0.1', cast=Csv()) # Application definition INSTALLED_APPS = [ # Jazzmin must be BEFORE django.contrib.admin 'jazzmin', 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', # Third-party apps 'rest_framework', 'rest_framework_simplejwt', 'rest_framework_simplejwt.token_blacklist', 'corsheaders', 'drf_spectacular', 'django_filters', 'channels', # Local apps 'base', ] MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', # WhiteNoise serves collected static files from the Django app. 'whitenoise.middleware.WhiteNoiseMiddleware', 'corsheaders.middleware.CorsMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ] ROOT_URLCONF = 'base.urls' TEMPLATES = [ { 'BACKEND': 'django.template.backends.django.DjangoTemplates', 'DIRS': [], 'APP_DIRS': True, 'OPTIONS': { 'context_processors': [ 'django.template.context_processors.request', 'django.contrib.auth.context_processors.auth', 'django.contrib.messages.context_processors.messages', ], }, }, ] # ASGI application (required for Django Channels) ASGI_APPLICATION = 'base.asgi.application' # WSGI application (kept for admin / fallback) WSGI_APPLICATION = 'base.wsgi.application' # Database # https://docs.djangoproject.com/en/6.0/ref/settings/#databases DATABASE_URL = config('DATABASE_URL', default='') if DATABASE_URL: DATABASES = { 'default': dj_database_url.parse( DATABASE_URL, conn_max_age=600, conn_health_checks=True, ssl_require=config('DATABASE_SSL_REQUIRE', default=False, cast=bool), ) } else: REQUIRE_DATABASE_URL = config('REQUIRE_DATABASE_URL', default=not DEBUG, cast=bool) if REQUIRE_DATABASE_URL: raise ImproperlyConfigured( 'DATABASE_URL must be set when DEBUG is false. ' 'Use the cPanel MySQL database credentials in production.' ) # Local development fallback only. Production should set DATABASE_URL. DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': BASE_DIR / 'db.sqlite3', } } # Password validation # https://docs.djangoproject.com/en/6.0/ref/settings/#auth-password-validators AUTH_PASSWORD_VALIDATORS = [ { 'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator', }, { 'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator', }, { 'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator', }, { 'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator', }, ] # Internationalization # https://docs.djangoproject.com/en/6.0/topics/i18n/ LANGUAGE_CODE = 'en-us' TIME_ZONE = 'UTC' USE_I18N = True USE_TZ = True # Static files (CSS, JavaScript, Images) # https://docs.djangoproject.com/en/6.0/howto/static-files/ STATIC_URL = '/static/' STATIC_ROOT = BASE_DIR / 'staticfiles' MEDIA_URL = '/media/' MEDIA_ROOT = BASE_DIR / 'media' STORAGES = { 'default': { 'BACKEND': 'django.core.files.storage.FileSystemStorage', }, 'staticfiles': { 'BACKEND': 'whitenoise.storage.CompressedManifestStaticFilesStorage', }, } # CMS-managed brand logo. This intentionally lives inside the collected # static tree requested by the project so the public site and standalone CMS # reference one canonical asset. CMS_LOGO_ROOT = STATIC_ROOT / 'rest_framework' / 'img' / 'logo' CMS_LOGO_URL = '/api/assets/logo/' # Default primary key field type # https://docs.djangoproject.com/en/6.0/ref/settings/#default-auto-field DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField' # --------------------------------------------------------------------------- # Django Channels — Channel Layer # --------------------------------------------------------------------------- # Redis shares WebSocket events across ASGI processes in production. Local # development keeps the zero-dependency in-memory layer when REDIS_URL is empty. REDIS_URL = config('REDIS_URL', default='') if REDIS_URL: CHANNEL_LAYERS = { 'default': { 'BACKEND': 'channels_redis.core.RedisChannelLayer', 'CONFIG': {'hosts': [REDIS_URL]}, } } else: CHANNEL_LAYERS = { 'default': { 'BACKEND': 'channels.layers.InMemoryChannelLayer', } } # --------------------------------------------------------------------------- # Market Data Configuration # --------------------------------------------------------------------------- MARKET_DATA_PROVIDER = config('MARKET_DATA_PROVIDER', default='simulator') MARKET_DATA_API_KEY = config('MARKET_DATA_API_KEY', default='') WS_HEARTBEAT_INTERVAL = config('WS_HEARTBEAT_INTERVAL', default=15, cast=int) WS_RECONNECT_BASE_SECONDS = config('WS_RECONNECT_BASE_SECONDS', default=2, cast=int) REST_FALLBACK_INTERVAL_SECONDS = config('REST_FALLBACK_INTERVAL_SECONDS', default=5, cast=int) # --------------------------------------------------------------------------- # Live News Configuration (Marketaux) # --------------------------------------------------------------------------- # Free tier: 100 requests/day — https://www.marketaux.com/ # Set MARKETAUX_API_KEY in backend/.env — loaded automatically by python-decouple. MARKETAUX_API_KEY = config('MARKETAUX_API_KEY', default='') # Django REST Framework Configuration REST_FRAMEWORK = { 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination', 'PAGE_SIZE': 20, 'DEFAULT_FILTER_BACKENDS': [ 'django_filters.rest_framework.DjangoFilterBackend', 'rest_framework.filters.SearchFilter', 'rest_framework.filters.OrderingFilter', ], 'DEFAULT_THROTTLE_CLASSES': [ 'rest_framework.throttling.AnonRateThrottle', 'rest_framework.throttling.UserRateThrottle', ], 'DEFAULT_THROTTLE_RATES': { 'anon': '100/hour', 'user': '1000/hour', # The live UI polls every 5 seconds only while WebSocket is unavailable. 'market_data': '5000/hour', }, 'DEFAULT_SCHEMA_CLASS': 'drf_spectacular.openapi.AutoSchema', 'DEFAULT_AUTHENTICATION_CLASSES': [ 'rest_framework_simplejwt.authentication.JWTAuthentication', ], } # --------------------------------------------------------------------------- # SimpleJWT Configuration # --------------------------------------------------------------------------- SIMPLE_JWT = { 'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60), 'REFRESH_TOKEN_LIFETIME': timedelta(days=7), 'ROTATE_REFRESH_TOKENS': True, 'BLACKLIST_AFTER_ROTATION': True, 'AUTH_HEADER_TYPES': ('Bearer',), 'USER_ID_FIELD': 'id', 'USER_ID_CLAIM': 'user_id', } # --------------------------------------------------------------------------- # Authentication integrations and registration email # --------------------------------------------------------------------------- # The browser obtains a Google Identity Services credential and the backend # verifies its audience/signature before issuing the existing SimpleJWT pair. GOOGLE_OAUTH_CLIENT_ID = config('GOOGLE_OAUTH_CLIENT_ID', default='') # Console email keeps local development safe. Production should switch this to # Django's SMTP backend and provide the SMTP values shown in backend/.env.example. EMAIL_BACKEND = config( 'EMAIL_BACKEND', default='django.core.mail.backends.console.EmailBackend', ) EMAIL_HOST = config('EMAIL_HOST', default='') EMAIL_PORT = config('EMAIL_PORT', default=587, cast=int) EMAIL_USE_TLS = config('EMAIL_USE_TLS', default=True, cast=bool) EMAIL_USE_SSL = config('EMAIL_USE_SSL', default=False, cast=bool) EMAIL_HOST_USER = config('EMAIL_HOST_USER', default='') EMAIL_HOST_PASSWORD = config('EMAIL_HOST_PASSWORD', default='') DEFAULT_FROM_EMAIL = config( 'DEFAULT_FROM_EMAIL', default='TheStarFX ', ) # DRF Spectacular Configuration SPECTACULAR_SETTINGS = { 'TITLE': 'TheStarFX Trading API', 'DESCRIPTION': 'Premium Forex & Crypto Trading Education Platform API', 'VERSION': '1.0.0', 'SERVE_PERMISSIONS': ['rest_framework.permissions.AllowAny'], 'SCHEMA_PATH_PREFIX': '/api/', } # CORS Configuration CORS_ALLOWED_ORIGINS = config('CORS_ALLOWED_ORIGINS', default='http://localhost:8000,http://localhost:3000,http://localhost:3001,http://localhost:8080,http://127.0.0.1:8000,http://127.0.0.1:3000,http://127.0.0.1:3001', cast=Csv()) CSRF_TRUSTED_ORIGINS = [ origin for origin in config('CSRF_TRUSTED_ORIGINS', default='', cast=Csv()) if origin ] CORS_ALLOW_CREDENTIALS = True CORS_ALLOW_HEADERS = [ 'accept', 'accept-encoding', 'authorization', 'content-type', 'dnt', 'origin', 'user-agent', 'x-csrftoken', 'x-requested-with', ] # Nginx terminates TLS and forwards the original scheme to Uvicorn. SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') SECURE_SSL_REDIRECT = config('SECURE_SSL_REDIRECT', default=False, cast=bool) SESSION_COOKIE_SECURE = config('SESSION_COOKIE_SECURE', default=False, cast=bool) CSRF_COOKIE_SECURE = config('CSRF_COOKIE_SECURE', default=False, cast=bool) SECURE_HSTS_SECONDS = config('SECURE_HSTS_SECONDS', default=0, cast=int) SECURE_HSTS_INCLUDE_SUBDOMAINS = config( 'SECURE_HSTS_INCLUDE_SUBDOMAINS', default=False, cast=bool ) SECURE_HSTS_PRELOAD = config('SECURE_HSTS_PRELOAD', default=False, cast=bool) SECURE_CONTENT_TYPE_NOSNIFF = True SECURE_REFERRER_POLICY = 'strict-origin-when-cross-origin' # Logging Configuration LOGGING = { 'version': 1, 'disable_existing_loggers': False, 'handlers': { 'console': { 'class': 'logging.StreamHandler', }, }, 'root': { 'handlers': ['console'], 'level': 'INFO', }, 'loggers': { 'django': { 'handlers': ['console'], 'level': 'INFO', 'propagate': False, }, 'base': { 'handlers': ['console'], 'level': 'INFO', 'propagate': False, }, }, } # --------------------------------------------------------------------------- # Jazzmin Admin UI Configuration # --------------------------------------------------------------------------- JAZZMIN_SETTINGS = { # ── Branding ──────────────────────────────────────────────────────────── 'site_title': 'TheStarFX Admin', 'site_header': 'TheStarFX', 'site_brand': '⭐ TheStarFX', 'site_logo': None, # Replace with 'img/logo.png' if you add one 'login_logo': None, 'login_logo_dark': None, 'site_logo_classes': 'img-circle', 'site_icon': None, 'welcome_sign': 'Welcome to The Star FX Admin Panel', 'copyright': 'TheStarFX Trading Platform', # ── Search ────────────────────────────────────────────────────────────── 'search_model': ['auth.user'], 'user_avatar': None, # ── Top Menu ──────────────────────────────────────────────────────────── 'topmenu_links': [ {'name': 'Home', 'url': 'admin:index', 'permissions': ['auth.view_user']}, {'name': 'View Site', 'url': '/', 'new_window': True}, {'name': 'API Docs', 'url': '/api/schema/swagger-ui/', 'new_window': True}, {'model': 'auth.User'}, ], # ── User Menu ─────────────────────────────────────────────────────────── 'usermenu_links': [ {'model': 'auth.user'}, ], # ── Sidebar ───────────────────────────────────────────────────────────── 'show_sidebar': True, 'navigation_expanded': True, 'hide_apps': [], 'hide_models': [], 'order_with_respect_to': [ 'auth', 'base', 'base.Bot', 'base.ForexPair', 'base.Signal', 'base.News', 'base.Lesson', 'base.Testimonial', 'base.LeaderboardEntry', ], # ── Custom Links ──────────────────────────────────────────────────────── 'custom_links': { 'base': [{ 'name': 'Market Signals', 'url': 'admin:base_signal_changelist', 'icon': 'fas fa-broadcast-tower', 'permissions': ['base.view_signal'], }], }, # ── Icons (Font Awesome 5) ─────────────────────────────────────────────── 'icons': { 'auth': 'fas fa-users-cog', 'auth.user': 'fas fa-user', 'auth.Group': 'fas fa-users', 'base.Bot': 'fas fa-robot', 'base.ForexPair': 'fas fa-chart-line', 'base.Signal': 'fas fa-broadcast-tower', 'base.News': 'fas fa-newspaper', 'base.Lesson': 'fas fa-graduation-cap', 'base.Testimonial': 'fas fa-star', 'base.LeaderboardEntry': 'fas fa-trophy', }, 'default_icon_parents': 'fas fa-folder', 'default_icon_children': 'fas fa-circle', # ── Related Modal ──────────────────────────────────────────────────────── 'related_modal_active': True, # ── UI Customizer ──────────────────────────────────────────────────────── 'custom_css': None, 'custom_js': None, 'use_google_fonts_cdn': True, 'show_ui_builder': False, # ── Change List ────────────────────────────────────────────────────────── 'changeform_format': 'horizontal_tabs', 'changeform_format_overrides': { 'auth.user': 'collapsible', 'auth.group': 'vertical_tabs', }, 'language_chooser': False, } JAZZMIN_UI_TWEAKS = { # ── Theme ──────────────────────────────────────────────────────────────── 'navbar_small_text': False, 'footer_small_text': False, 'body_small_text': False, 'brand_small_text': False, 'brand_colour': 'navbar-warning', # Gold/amber brand accent 'accent': 'accent-warning', # Gold highlights 'navbar': 'navbar-dark', 'no_navbar_border': True, 'navbar_fixed': True, 'layout_boxed': False, 'footer_fixed': False, 'sidebar_fixed': True, 'sidebar': 'sidebar-dark-warning', # Dark gold sidebar 'sidebar_nav_small_text': False, 'sidebar_disable_expand': False, 'sidebar_nav_child_indent': True, 'sidebar_nav_compact_style': False, 'sidebar_nav_legacy_style': False, 'sidebar_nav_flat_style': False, 'theme': 'darkly', # Bootswatch dark theme 'default_theme_mode': 'dark', # Replaces deprecated dark_mode_theme 'button_classes': { 'primary': 'btn-outline-primary', 'secondary': 'btn-outline-secondary', 'info': 'btn-info', 'warning': 'btn-warning', 'danger': 'btn-danger', 'success': 'btn-success', }, 'actions_sticky_top': True, }