70 lines
2.5 KiB
Python
70 lines
2.5 KiB
Python
import os
|
|
from datetime import timedelta
|
|
|
|
basedir = os.path.abspath(os.path.dirname(__file__))
|
|
|
|
class Config:
|
|
"""Base config."""
|
|
SECRET_KEY = os.environ.get('SECRET_KEY', 'dev-key-placeholder')
|
|
SQLALCHEMY_TRACK_MODIFICATIONS = False
|
|
SESSION_COOKIE_SECURE = True
|
|
SESSION_COOKIE_HTTPONLY = True
|
|
REMEMBER_COOKIE_DURATION = timedelta(days=14)
|
|
MAX_CONTENT_LENGTH = 16 * 1024 * 1024 # 16 MB max upload
|
|
|
|
# Security headers
|
|
SECURITY_HEADERS = {
|
|
'X-Content-Type-Options': 'nosniff',
|
|
'X-Frame-Options': 'SAMEORIGIN',
|
|
'X-XSS-Protection': '1; mode=block',
|
|
# 'Content-Security-Policy': "default-src 'self'; script-src 'self' https://cdn.jsdelivr.net https://unpkg.com https://cdnjs.cloudflare.com 'unsafe-inline'; style-src 'self' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.googleapis.com 'unsafe-inline'; font-src 'self' https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://fonts.gstatic.com data:; img-src 'self' data:;"
|
|
}
|
|
|
|
@staticmethod
|
|
def init_app(app):
|
|
pass
|
|
|
|
class DevelopmentConfig(Config):
|
|
"""Development config."""
|
|
DEBUG = True
|
|
SQLALCHEMY_DATABASE_URI = os.environ.get('DEV_DATABASE_URL') or \
|
|
'sqlite:///' + os.path.join(basedir, 'app-dev.db')
|
|
SESSION_COOKIE_SECURE = False
|
|
|
|
class TestingConfig(Config):
|
|
"""Testing config."""
|
|
TESTING = True
|
|
SQLALCHEMY_DATABASE_URI = os.environ.get('TEST_DATABASE_URL') or \
|
|
'sqlite:///' + os.path.join(basedir, 'app-test.db')
|
|
WTF_CSRF_ENABLED = False
|
|
SESSION_COOKIE_SECURE = False
|
|
|
|
class ProductionConfig(Config):
|
|
"""Production config."""
|
|
SQLALCHEMY_DATABASE_URI = os.environ.get('DATABASE_URL') or \
|
|
'postgresql://user:password@localhost/production'
|
|
|
|
@classmethod
|
|
def init_app(cls, app):
|
|
Config.init_app(app)
|
|
|
|
# Log to stdout/stderr
|
|
import logging
|
|
from logging.handlers import RotatingFileHandler
|
|
|
|
file_handler = RotatingFileHandler('logs/netdocs.log', maxBytes=10240, backupCount=10)
|
|
file_handler.setFormatter(logging.Formatter(
|
|
'%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]'
|
|
))
|
|
file_handler.setLevel(logging.INFO)
|
|
app.logger.addHandler(file_handler)
|
|
app.logger.setLevel(logging.INFO)
|
|
app.logger.info('NetDocs startup')
|
|
|
|
config = {
|
|
'development': DevelopmentConfig,
|
|
'testing': TestingConfig,
|
|
'production': ProductionConfig,
|
|
|
|
'default': DevelopmentConfig
|
|
}
|