Merge pull request #4029 from airqo-platform/website-trigger-3

Author: Baalmart

src/website/core/settings.py

@@ -1,4 +1,3 @@
-
 import os
 import sys
 from pathlib import Path
@@ -55,7 +54,8 @@ def require_env_var(env_var: str) -> str:
 SECRET_KEY = require_env_var('SECRET_KEY')
 DEBUG = get_env_bool('DEBUG', default=False)
 
-ALLOWED_HOSTS = parse_env_list("ALLOWED_HOSTS")
+# ALLOWED_HOSTS = parse_env_list("ALLOWED_HOSTS")
+ALLOWED_HOSTS = ['*']
 
 # ---------------------------------------------------------
 # Application Definitions
@@ -100,7 +100,7 @@ def require_env_var(env_var: str) -> str:
 # Middleware
 # ---------------------------------------------------------
 MIDDLEWARE = [
-    'corsheaders.middleware.CorsMiddleware',
+    'corsheaders.middleware.CorsMiddleware',  # Must be first
     'django.middleware.security.SecurityMiddleware',
     'whitenoise.middleware.WhiteNoiseMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
@@ -114,11 +114,75 @@ def require_env_var(env_var: str) -> str:
 # ---------------------------------------------------------
 # CORS and CSRF Configuration
 # ---------------------------------------------------------
-CORS_ORIGIN_ALLOW_ALL = False
-CORS_ALLOWED_ORIGINS = parse_env_list("CORS_ALLOWED_ORIGINS")
-CORS_ORIGIN_REGEX_WHITELIST = parse_env_list("CORS_ORIGIN_REGEX_WHITELIST")
-CSRF_TRUSTED_ORIGINS = parse_env_list("CSRF_TRUSTED_ORIGINS")
-
+if DEBUG:
+    # Allow all CORS origins during development
+    CORS_ORIGIN_ALLOW_ALL = True
+    CORS_ALLOWED_ORIGINS = []
+    CORS_ORIGIN_REGEX_WHITELIST = []
+
+    # Allow all CSRF origins during development
+    CSRF_TRUSTED_ORIGINS = [
+        "https://website-trigger-3-website-preview-w7kzhvlewq-ew.a.run.app",
+    ]
+
+    # Optionally, you can add more relaxed settings
+    # For example, allow specific subdomains or ports if needed
+else:
+    # Restrict CORS origins in production
+    CORS_ORIGIN_ALLOW_ALL = False
+    CORS_ALLOWED_ORIGINS = [
+        "https://staging-dot-airqo-frontend.appspot.com",
+        "https://staging.airqo.net",
+        "https://airqo.net",
+        "https://airqo.africa",
+        "https://airqo.org",
+        "https://airqo.mak.ac.ug",
+        "http://127.0.0.1:8000",
+        "http://localhost:3000",
+        "https://staging-platform.airqo.net",
+        "https://staging-analytics.airqo.net",
+        "https://analytics.airqo.net",
+        "https://platform.airqo.net",
+    ]
+    CORS_ORIGIN_REGEX_WHITELIST = [
+        # Matches subdomains under airqo.net, airqo.africa, airqo.org, airqo.io
+        r"^https://[a-zA-Z0-9_\-]+\.airqo\.(net|africa|org|io)$",
+        # Matches airqo.africa, airqo.org, and airqo.mak.ac.ug
+        r"^https://airqo\.(africa|org|mak\.ac\.ug)$",
+        # Matches staging-dot-airqo-frontend.appspot.com
+        r"^https://staging-dot-airqo-frontend\.appspot\.com$",
+        r"^https://staging-platform\.airqo\.net$",  # Matches staging-platform.airqo.net
+        # Matches staging-analytics.airqo.net
+        r"^https://staging-analytics\.airqo\.net$",
+        r"^https://analytics\.airqo\.net$",  # Matches analytics.airqo.net
+        r"^https://platform\.airqo\.net$",  # Matches platform.airqo.net
+        # Matches any subpath under https://platform.airqo.net/website/admin
+        r"^https://platform\.airqo\.net/website/admin.*$",
+        # Matches any subpath under https://staging-platform.airqo.net/website/admin
+        r"^https://staging-platform\.airqo\.net/website/admin.*$",
+    ]
+
+    # Trust specific origins for CSRF protection in production
+    # CSRF_TRUSTED_ORIGINS = parse_env_list("CSRF_TRUSTED_ORIGINS")
+    CSRF_TRUSTED_ORIGINS = [
+        "https://staging-dot-airqo-frontend.appspot.com",
+        "https://staging.airqo.net",
+        "https://airqo.net",
+        "https://airqo.africa",
+        "https://airqo.org",
+        "https://airqo.mak.ac.ug",
+        "http://127.0.0.1:8000",
+        "http://localhost:3000",
+        "https://*.cloudshell.dev",
+        "https://staging-platform.airqo.net",
+        "https://staging-analytics.airqo.net",
+        "https://analytics.airqo.net",
+        "https://platform.airqo.net",
+        "https://website-trigger-3-website-preview-w7kzhvlewq-ew.a.run.app",
+    ]
+
+
+# Security settings
 CSRF_COOKIE_SECURE = not DEBUG
 SESSION_COOKIE_SECURE = not DEBUG
 
@@ -190,7 +254,6 @@ def require_env_var(env_var: str) -> str:
 STATICFILES_DIRS = [BASE_DIR / 'static']
 STATICFILES_STORAGE = 'whitenoise.storage.CompressedManifestStaticFilesStorage'
 
-
 if DEBUG:
     # Local file storage for development
     MEDIA_URL = '/media/'
@@ -231,7 +294,11 @@ def require_env_var(env_var: str) -> str:
 # ---------------------------------------------------------
 # File Upload Limits
 # ---------------------------------------------------------
-MAX_UPLOAD_SIZE = 10 * 1024 * 1024  # 10MB
+# Define a constant for maximum upload size
+MAX_UPLOAD_SIZE_MB = 10  # Maximum upload size in MB
+MAX_UPLOAD_SIZE = MAX_UPLOAD_SIZE_MB * 1024 * 1024  # Convert to bytes
+
+# Apply the maximum upload size to Django settings
 DATA_UPLOAD_MAX_MEMORY_SIZE = MAX_UPLOAD_SIZE
 FILE_UPLOAD_MAX_MEMORY_SIZE = MAX_UPLOAD_SIZE
 
@@ -254,6 +321,9 @@ def require_env_var(env_var: str) -> str:
     },
 }
 
+# ---------------------------------------------------------
+# Quill Editor Configuration
+# ---------------------------------------------------------
 QUILL_CONFIGS = {
     'default': {
         'theme': 'snow',

src/website/entrypoint.sh

@@ -14,3 +14,4 @@ python manage.py collectstatic --noinput
 # Start Gunicorn server to serve the Django application
 echo "Starting Gunicorn server..."
 exec gunicorn core.wsgi:application --bind 0.0.0.0:8000 --timeout 600 --log-level info
+# exec gunicorn core.wsgi:application --bind 0.0.0.0:8000 --timeout 600 --workers ${GUNICORN_WORKERS:-3} --log-level info