Harden Django project configuration

Set session and CSRF cookies as secure for production. Set HSTS header to let browser remember HTTPS for 1 year.
2025-07-04 07:32:16 +02:00 · 2022-03-09 12:30:18 +01:00
2 changed files with 17 additions and 58 deletions
--- a/med/settings.py
+++ b/med/settings.py
@ -26,6 +26,16 @@ SITE_ID = 1

 ALLOWED_HOSTS = ['127.0.0.1']

+# Use secure cookies in production
+SESSION_COOKIE_SECURE = not DEBUG
+CSRF_COOKIE_SECURE = not DEBUG
+
+# Remember HTTPS for 1 year
+SECURE_HSTS_SECONDS = 31536000
+SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+SECURE_HSTS_PRELOAD = True
+
+
 # Application definition

 INSTALLED_APPS = [
--- a/media/management/commands/export_markdown_site.py
+++ b/media/management/commands/export_markdown_site.py
@ -1,7 +1,4 @@
-import os.path
-
 from django.core.management import BaseCommand
-
 from media.models import Comic, CD, Manga, Review, Novel, Vinyl, Game


@ -16,18 +13,18 @@ class Command(BaseCommand):
    def handle(self, *args, **options):
        directory = options["directory"]

-        with open(os.path.join(directory, 'docs', 'index.md'), "w") as f:
+        with open(directory + "/docs/index.md", "w") as f:
            f.write("# Media de la Mediatek\n\n\n")
            f.write("Ce site répertorie l'intégralité des media présents "
                    "à la Mediatek de l'ENS Paris-Saclay.\n")

-        for model_class, file_name in [(Manga, "mangas.md"),
+        for model_class, file_name in [(Comic, "bd.md"), (Manga, "mangas.md"),
                                       (Novel, "romans.md"),
                                       (CD, "cd.md"), (Vinyl, "vinyles.md")]:
            self.process_model_class(model_class, file_name, f, directory)

        # Traitement différent pour les revues
-        with open(os.path.join(directory, 'docs', 'revues.md'), "w") as f:
+        with open(directory + "/docs/revues.md", "w") as f:
            f.write("# Revues\n\n\n")

            titles = list(set(obj["title"] for obj in
@ -51,13 +48,11 @@ class Command(BaseCommand):
                    f.write("\n\n\n")

        # Traitement différent pour les jeux
-        with open(os.path.join(directory, 'docs', 'jeux.md'), "w") as f:
+        with open(directory + "/docs/jeux.md", "w") as f:
            f.write("# Jeux\n\n\n")

-            for game in Game.objects.order_by("title").all():
-                f.write(f"## {game.title}\n\n\n")
-                if hasattr(medium, "isbn"):
-                    f.write(f"ISBN : {game.isbn}\n\n")
+            for game in Game.objects.order_by("name").all():
+                f.write(f"## {game.name}\n\n\n")
                f.write(f"Durée : {game.duration}\n\n")
                f.write(f"Nombre de joueurs : {game.players_min} "
                        f"- {game.players_max}\n\n")
@ -67,54 +62,8 @@ class Command(BaseCommand):
                    f.write(f"Commentaire : {game.comment}\n\n")
                f.write("\n\n\n")

-        # Traitement différent pour les bds
-        # Regroupement par le premier caractère
-        titles = list(set(obj["title"] for obj in Comic.objects
-                          .values("title").distinct().all()))
-        category = lambda s: s[0].lower() if 'a' <= s[0].lower() <= 'z' else '#'
-        db = {}
-        for title in titles:
-            c = category(title)
-            if c not in db:
-                db[c] = []
-            db[c].append(title)
-
-        for letter, titles in db.items():
-            with open(os.path.join(directory, 'docs', 'bds', f'{letter}.md'), 'w') as f:
-                f.write("# " + str(Comic._meta.verbose_name_plural)
-                        .capitalize() + f" - {letter.upper()}\n\n\n")
-
-                titles.sort()
-
-                for title in titles:
-                    f.write(f"## {title}\n\n\n")
-
-                    for medium in Comic.objects.filter(title=title) \
-                            .order_by("side_identifier").all():
-                        if hasattr(medium, "subtitle"):
-                            f.write(f"### {medium.subtitle}\n\n\n")
-                        if hasattr(medium, "isbn"):
-                            f.write(f"ISBN : {medium.isbn}\n\n")
-                        f.write(f"Cote : {medium.side_identifier}\n\n")
-                        f.write("Auteurs : " + ", ".join(
-                            author.name for author in medium.authors.all())
-                            + "\n\n")
-                        if hasattr(medium, "number_of_pages"):
-                            f.write(f"Nombre de pages : "
-                                    f"{medium.number_of_pages}\n\n")
-                        if hasattr(medium, "rpm"):
-                            f.write(f"Tours par minute : "
-                                    f"{medium.rpm}\n\n")
-                        if hasattr(medium, "publish_date"):
-                            f.write(f"Publié le : "
-                                    f"{medium.publish_date}\n\n")
-                        if hasattr(medium, "external_url"):
-                            f.write(f"Lien : [{medium.external_url}]"
-                                    f"({medium.external_url})\n\n")
-                        f.write("\n\n\n")
-
    def process_model_class(self, model_class, file_name, f, directory):
-        with open(os.path.join(directory, 'docs', file_name), "w") as f:
+        with open(directory + "/docs/" + file_name, "w") as f:
            f.write("# " + str(model_class._meta.verbose_name_plural)
                    .capitalize() + "\n\n\n")