Master

blango/data.json

@@ -0,0 +1 @@
+{"model": "blog.comment", "pk": 1, "fields": {"creator": 1, "content": "What a great post!", "content_type": 7, "object_id": 1, "created_at": "2024-04-27T08:05:47.496Z", "modified_at": "2024-04-27T08:05:47.496Z"}}, {"model": "blog.comment", "pk": 2, "fields": {"creator": 1, "content": "This is a comment caputured on the web frontend", "content_type": 7, "object_id": 1, "created_at": "2024-04-27T09:07:47.913Z", "modified_at": "2024-04-27T09:07:47.913Z"}}, {"model": "blog.comment", "pk": 3, "fields": {"creator": 1, "content": "some extras after changing everything to use crispy forms", "content_type": 7, "object_id": 1, "created_at": "2024-04-27T10:26:20.183Z", "modified_at": "2024-04-27T10:26:20.183Z"}}, {"model": "blog.tag", "pk": 1, "fields": {"value": "Django"}}, {"model": "blog.tag", "pk": 2, "fields": {"value": "Coursera"}}, {"model": "blog.post", "pk": 1, "fields": {"author": 1, "created_at": "2024-04-25T20:17:53.544Z", "modified_at": "2024-04-25T20:18:42.894Z", "published_at": "2024-04-25T20:16:00Z", "title": "New Post Title", "slug": "new-post-title", "summary": "This is new title summary", "content": "<h3>Content of Test Post</h3>\r\n<p>this is text</p>", "tags": [1, 2]}}, {"model": "blog.post", "pk": 2, "fields": {"author": 1, "created_at": "2024-04-27T08:47:42.299Z", "modified_at": "2024-04-27T08:47:42.299Z", "published_at": "2024-04-27T08:46:32Z", "title": "Post 2", "slug": "post-2", "summary": "this is summary of post 2", "content": "<h3>THIS IS POST 2</h3>\r\n<p>this is post 2 text</p>", "tags": [1, 2]}}, {"model": "blog.post", "pk": 3, "fields": {"author": 1, "created_at": "2024-04-27T08:49:33.124Z", "modified_at": "2024-04-27T08:49:33.124Z", "published_at": "2024-04-23T08:48:00Z", "title": "Post 3", "slug": "post-3", "summary": "Post 3 dated 23rd", "content": "<h3>title of post 3</h3>\r\n<p>jlsjafkjsjsjsaiuroalaahhaofzoaujvahvahoao</p>", "tags": [1, 2]}}, {"model": "blango_auth.Userr", "pk": 1, "fields": {"password": "pbkdf2_sha256$720000$f9fIrc28qkOJIh8JDDNUBq$eRdASO3rp/4JnBGbKSeES1SqN2aDU4aUXOzOtQ+u3zo=", "last_login": "2024-04-25T20:15:49.518Z", "is_superuser": true, "username": "codio", "first_name": "", "last_name": "", "email": "", "is_staff": true, "is_active": true, "date_joined": "2024-04-25T20:09:08.771Z", "groups": [], "user_permissions": []}}]

blango/environ_test.py

@@ -0,0 +1,16 @@
+from os import environ
+
+environ.setdefault("PYTHON_DEFAULT", "Python Default")
+
+print(f"Value of 'MUST_BE_SET': '{environ['MUST_BE_SET']}'")
+print(f"Value of 'PYTHON_DEFAULT': '{environ['PYTHON_DEFAULT']}'")
+
+try:
+    print(f"Value of 'ALWAYS_OVERRIDDEN' before override: '{environ['ALWAYS_OVERRIDDEN']}'")
+except KeyError:
+    print("'ALWAYS_OVERRIDDEN' was not set.")
+
+environ["ALWAYS_OVERRIDDEN"] = "Always Overridden In Python"
+
+print(f"Value of 'ALWAYS_OVERRIDDEN' after override: '{environ['ALWAYS_OVERRIDDEN']}'")
+print(f"Value of 'OPTIONAL': '{environ.get('OPTIONAL')}'")

blango/requests_test.py

@@ -0,0 +1,32 @@
+import requests
+
+# put your real credentials here
+EMAIL_ADDRESS = "[email protected]"
+PASSWORD = "codio"
+BASE_URL = "http://localhost:8000/"
+
+anon_post_resp = requests.get(BASE_URL + "api/v1/posts/")
+anon_post_resp.raise_for_status()
+
+anon_post_count = anon_post_resp.json()["count"]
+print(f"Anon users have {anon_post_count} post{'' if anon_post_count == 1 else 's'}")
+
+auth_resp = requests.post(
+    BASE_URL + "api/v1/token-auth/",
+    json={"username": EMAIL_ADDRESS, "password": PASSWORD},
+)
+auth_resp.raise_for_status()
+token = auth_resp.json()["token"]
+
+# Use the token in a request
+authed_post_resp = requests.get(
+    BASE_URL + "api/v1/posts/", headers={"Authorization": f"Token {token}"}
+)
+authed_post_count = authed_post_resp.json()["count"]
+
+print(
+    f"Authenticated user has {authed_post_count} post{'' if authed_post_count == 1 else 's'}"
+)
+
+# Since requests doesn't remember headers between requests, this next request is unauthenticated again
+anon_post_resp = requests.get(BASE_URL + "api/v1/posts/")

blango/settings.py

@@ -1,125 +1,221 @@
-"""
-Django settings for blango project.
+"""  
+Django settings for blango project.  
+Generated by 'django-admin startproject' using Django 3.2.5.  
+For more information on this file, see  
+https://docs.djangoproject.com/en/3.2/topics/settings/  
+For the full list of settings and their values, see  
+https://docs.djangoproject.com/en/3.2/ref/settings/  
+"""  
 
-Generated by 'django-admin startproject' using Django 3.2.7.
 
-For more information on this file, see
-https://docs.djangoproject.com/en/3.2/topics/settings/
 
-For the full list of settings and their values, see
-https://docs.djangoproject.com/en/3.2/ref/settings/
-"""
+import os  
+from pathlib import Path  
+from datetime import timedelta
 
-from pathlib import Path
+from configurations import Configuration 
+from configurations import values  
 
-# Build paths inside the project like this: BASE_DIR / 'subdir'.
-BASE_DIR = Path(__file__).resolve().parent.parent
+class Dev(Configuration):
 
 
-# Quick-start development settings - unsuitable for production
-# See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/
+# Build paths inside the project like this: BASE_DIR / 'subdir'.  
+    BASE_DIR = Path(__file__).resolve().parent.parent  
 
-# SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-+sn%dpa!086+g+%44z9*^j^q-u4n!j(#wl)x9a%_1op@zz2+1-'
 
-# SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+    # Quick-start development settings - unsuitable for production  
+    # See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/  
+    # SECURITY WARNING: keep the secret key used in production  secret! 
+
+    SECRET_KEY = 'django-insecure-&!=9y436&^-bc$qia-mxngyf&xx)@ct)8lu@)=qxg_07-=z01w'  
+    # SECURITY WARNING: don't run with debug turned on in  production!  
 
-ALLOWED_HOSTS = []
+    DEBUG = True 
 
+    ALLOWED_HOSTS = ['*', 'localhost']  
 
-# Application definition
 
-INSTALLED_APPS = [
-    'django.contrib.admin',
-    'django.contrib.auth',
-    'django.contrib.contenttypes',
-    'django.contrib.sessions',
-    'django.contrib.messages',
-    'django.contrib.staticfiles',
-]
+    AUTH_USER_MODEL = "blango_auth.User"
 
-MIDDLEWARE = [
-    'django.middleware.security.SecurityMiddleware',
-    'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.common.CommonMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware',
-]
 
-ROOT_URLCONF = 'blango.urls'
 
-TEMPLATES = [
-    {
-        'BACKEND': 'django.template.backends.django.DjangoTemplates',
-        'DIRS': [],
-        'APP_DIRS': True,
-        'OPTIONS': {
-            'context_processors': [
-                'django.template.context_processors.debug',
-                'django.template.context_processors.request',
-                'django.contrib.auth.context_processors.auth',
-                'django.contrib.messages.context_processors.messages',
-            ],
+    #X_FRAME_OPTIONS = 'ALLOW-FROM ' +  os.environ.get('CODIO_HOSTNAME') + '-8000.codio.io'  
+    CSRF_COOKIE_SAMESITE = None  
+    #CSRF_TRUSTED_ORIGINS = [os.environ.get('CODIO_HOSTNAME') +  '-8000.codio.io']  
+    CSRF_COOKIE_SECURE = True  
+    SESSION_COOKIE_SECURE = True  
+    CSRF_COOKIE_SAMESITE = 'None'  
+    SESSION_COOKIE_SAMESITE = 'None'  
+
+
+    # Application definition  
+    INSTALLED_APPS = [ 
+        'django.contrib.admin',  
+        'django.contrib.auth',  
+        'django.contrib.contenttypes',  
+        'django.contrib.sessions',  
+        'django.contrib.messages',  
+        'django.contrib.staticfiles',  
+        'blog',  
+        'crispy_forms',  
+        'crispy_bootstrap5',
+        'blango_auth',  
+        'rest_framework',
+        'rest_framework.authtoken',
+        'drf_yasg',
+        'django_filters',
+        'versatileimagefield',
+    ]
+
+
+    MIDDLEWARE = [
+        'django.middleware.security.SecurityMiddleware',  
+        'django.contrib.sessions.middleware.SessionMiddleware', 
+        'django.middleware.common.CommonMiddleware', 
+        #'django.middleware.csrf.CsrfViewMiddleware',  
+        'django.contrib.auth.middleware.AuthenticationMiddleware', 
+        'django.contrib.messages.middleware.MessageMiddleware',
+
+    ]
+
+    '''
+    Reminder: MIDDLEWARE COMMENT OUT these changes only apply to working with Django on Codio. Do
+    not make these changes to a project you plan on making available on the
+    internet.
+    '''
+
+    ROOT_URLCONF = 'blango.urls'
+
+
+    TEMPLATES = [
+        {
+            'BACKEND':  'django.template.backends.django.DjangoTemplates', 
+            "DIRS": [BASE_DIR / "templates"],  
+            'APP_DIRS': True,  
+            'OPTIONS': { 
+                'context_processors': [  
+                    'django.template.context_processors.debug', 
+                    'django.template.context_processors.request',
+                    'django.contrib.auth.context_processors.auth',  
+                    'django.contrib.messages.context_processors.messages', 
+                    ],  
+                }, 
+
+        },  
+    ]
+
+
+    WSGI_APPLICATION = 'blango.wsgi.application'  
+
+
+    # Database  
+    # https://docs.djangoproject.com/en/3.2/ref/settings/#databases  
+
+    DATABASES = { 
+        'default': {  
+            'ENGINE': 'django.db.backends.sqlite3', 
+            'NAME': BASE_DIR / 'db.sqlite3',  
+            }
+        }
+
+
+    # Password validation  
+    # https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators  
+
+    AUTH_PASSWORD_VALIDATORS = [
+        {
+            'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+        },
+        {
+            'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
         },
-    },
-]
+    ]
 
-WSGI_APPLICATION = 'blango.wsgi.application'
 
+    # Internationalization  
+    # https://docs.djangoproject.com/en/3.2/topics/i18n/  
 
-# Database
-# https://docs.djangoproject.com/en/3.2/ref/settings/#databases
+    LANGUAGE_CODE = 'en-us'  
+    TIME_ZONE = ("UTC")  
+    USE_I18N = True  
+    USE_L10N = True  
+    USE_TZ = True  
 
-DATABASES = {
-    'default': {
-        'ENGINE': 'django.db.backends.sqlite3',
-        'NAME': BASE_DIR / 'db.sqlite3',
-    }
-}
+    # Static files (CSS, JavaScript, Images)  
+    # https://docs.djangoproject.com/en/3.2/howto/static-files/  
+
+    STATIC_URL = '/static/'  
+
+    MEDIA_ROOT = BASE_DIR / "media"
+    MEDIA_URL = "/media/"
 
 
-# Password validation
-# https://docs.djangoproject.com/en/3.2/ref/settings/#auth-password-validators
+    # Default primary key field type  
+    # https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field  
 
-AUTH_PASSWORD_VALIDATORS = [
-    {
-        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
-    },
-    {
-        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
-    },
-    {
-        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
-    },
-    {
-        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
-    },
-]
 
+    DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'  
+    CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5"  
+    CRISPY_TEMPLATE_PACK = "bootstrap5" 
 
-# Internationalization
-# https://docs.djangoproject.com/en/3.2/topics/i18n/
+    REST_FRAMEWORK = {
+        "DEFAULT_AUTHENTICATION_CLASSES": [
+        "rest_framework.authentication.BasicAuthentication",
+        "rest_framework.authentication.SessionAuthentication",
+        "rest_framework.authentication.TokenAuthentication",
+        ],
 
-LANGUAGE_CODE = 'en-us'
+        "DEFAULT_PERMISSION_CLASSES": [
+        "rest_framework.permissions.IsAuthenticatedOrReadOnly"
+        ],
 
-TIME_ZONE = 'UTC'
+        #throttling
+        "DEFAULT_THROTTLE_CLASSES": [
+        "blog.api.throttling.AnonSustainedThrottle",
+        "blog.api.throttling.AnonBurstThrottle",
+        "blog.api.throttling.UserSustainedThrottle",
+        "blog.api.throttling.UserBurstThrottle",
+        ],
+        "DEFAULT_THROTTLE_RATES": {
+        "anon_sustained": "500/day",
+        "anon_burst": "10/minute",
+        "user_sustained": "5000/day",
+        "user_burst": "100/minute",
+        },
+
+    #pagination
+        "DEFAULT_PAGINATION_CLASS": "rest_framework.pagination.PageNumberPagination",
+        "PAGE_SIZE": 100,
 
-USE_I18N = True
 
-USE_L10N = True
+    #extending with django filters for rest rest_framework
+        "DEFAULT_FILTER_BACKENDS": [
+            "django_filters.rest_framework.DjangoFilterBackend",
+            "rest_framework.filters.OrderingFilter",
+        ],
 
-USE_TZ = True
+    #extending with JWT Json web tokens
+        "DEFAULT_AUTHENTICATION_CLASSES": [
+            "rest_framework.authentication.BasicAuthentication",
+            "rest_framework.authentication.SessionAuthentication",
+            "rest_framework.authentication.TokenAuthentication",
+            "rest_framework_simplejwt.authentication.JWTAuthentication"
+        ],
 
 
-# Static files (CSS, JavaScript, Images)
-# https://docs.djangoproject.com/en/3.2/howto/static-files/
+    }
 
-STATIC_URL = '/static/'
 
-# Default primary key field type
-# https://docs.djangoproject.com/en/3.2/ref/settings/#default-auto-field
 
-DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+    SWAGGER_SETTINGS = {
+        "SECURITY_DEFINITIONS": {
+            "Token": {"type": "apiKey", "name": "Authorization", "in": "header"},
+            "Basic": {"type": "basic"},
+        }
+    }