0225015
/
tongquU


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200
							"""
Django settings for config project.

Generated by 'django-admin startproject' using Django 5.2.1.

For more information on this file, see
https://docs.djangoproject.com/en/5.2/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/5.2/ref/settings/
"""
import os
from pathlib import Path # Path 通常也在顶部
from pathlib import Path
from datetime import timedelta # 确保这行在 settings.py 文件顶部

# Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = "django-insecure-12o%i9mzoyn8ua+j#l!8fed0-4d&y$x3%vtk00y82@97f9702+"

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = True

ALLOWED_HOSTS = []


# Application definition

INSTALLED_APPS = [
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'rest_framework_simplejwt',
    'accounts',  # <--- 确保是这个，并且没有拼写错误
]

MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",
]

ROOT_URLCONF = "config.urls"

TEMPLATES = [
    {
        "BACKEND": "django.template.backends.django.DjangoTemplates",
        "DIRS": [],
        "APP_DIRS": True,
        "OPTIONS": {
            "context_processors": [
                "django.template.context_processors.request",
                "django.contrib.auth.context_processors.auth",
                "django.contrib.messages.context_processors.messages",
            ],
        },
    },
]

WSGI_APPLICATION = "config.wsgi.application"


# Database
# https://docs.djangoproject.com/en/5.2/ref/settings/#databases

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': 'tongqu_v2_db',         # 你创建的数据库名
        'USER': 'postgres',             # 你的PostgreSQL用户名 (如果是默认超级用户)
                                        # 或者 'tongqu_v2_user' (如果你创建了专用用户)
        'PASSWORD': '20030316', # 你的PostgreSQL密码
        'HOST': 'localhost',            # 或者 '127.0.0.1'
        'PORT': '5432',                 # PostgreSQL默认端口
    }
}

# Password validation
# https://docs.djangoproject.com/en/5.2/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        "NAME": "django.contrib.auth.password_validation.UserAttributeSimilarityValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",
    },
    {
        "NAME": "django.contrib.auth.password_validation.NumericPasswordValidator",
    },
]


# Internationalization
# https://docs.djangoproject.com/en/5.2/topics/i18n/

LANGUAGE_CODE = 'zh-hans'

TIME_ZONE = 'Asia/Shanghai'

USE_I18N = True

USE_TZ = True


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/5.2/howto/static-files/

STATIC_URL = 'static/'

# Django 在开发时查找静态文件的目录列表
STATICFILES_DIRS = [
    os.path.join(BASE_DIR, 'static'), # 我们将在项目根目录创建这个 'static' 文件夹
]

# `collectstatic` 命令收集静态文件到这个目录，主要用于生产环境
STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles_collected')

# Default primary key field type
# https://docs.djangoproject.com/en/5.2/ref/settings/#default-auto-field

DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
STATIC_ROOT = os.path.join(BASE_DIR, 'staticfiles_collected') # 运行 collectstatic 时文件的存放位置
STATICFILES_DIRS = [
    os.path.join(BASE_DIR, 'static'), # 项目级static文件夹
]
MEDIA_URL = '/media/'
MEDIA_ROOT = os.path.join(BASE_DIR, 'media')
AUTH_USER_MODEL = 'accounts.CustomUser'
from datetime import timedelta # 确保在文件顶部导入

REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_simplejwt.authentication.JWTAuthentication', # 使用JWT进行API认证
        # 如果你希望在浏览器中测试API时也能使用Django的session认证（比如DRF的可浏览API），可以取消下面这行的注释
        # 'rest_framework.authentication.SessionAuthentication',
    ),
    'DEFAULT_PERMISSION_CLASSES': (
        'rest_framework.permissions.IsAuthenticated', # 默认情况下，所有API端点都需要用户进行身份验证
                                                      # 除非在视图中明确设置了 permission_classes = [permissions.AllowAny] (例如注册和登录接口)
    ),
    # 你可以根据需要添加其他全局DRF设置，例如：
    # 'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
    # 'PAGE_SIZE': 10, # 每页返回10条数据
    # 'DEFAULT_RENDERER_CLASSES': ( # API的默认输出格式
    #     'rest_framework.renderers.JSONRenderer',
    #     # 'rest_framework.renderers.BrowsableAPIRenderer', # 如果你想在浏览器中看到可浏览的API界面 (通常DEBUG=True时自动启用)
    # ),
    # 'DEFAULT_PARSER_CLASSES': ( # API接受的输入格式
    #     'rest_framework.parsers.JSONParser',
    #     'rest_framework.parsers.FormParser',
    #     'rest_framework.parsers.MultiPartParser', # 支持文件上传
    # )
}
SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=60),     # Access Token 的有效期，例如 60 分钟
    'REFRESH_TOKEN_LIFETIME': timedelta(days=1),        # Refresh Token 的有效期，例如 1 天
    'ROTATE_REFRESH_TOKENS': False,                     # 如果为True, 每次刷新token时，旧的refresh token会失效，返回一个新的
    'BLACKLIST_AFTER_ROTATION': True,                   # 和上面配合使用
    'UPDATE_LAST_LOGIN': True,                          # 成功获取token后是否更新用户的 last_login 字段

    'ALGORITHM': 'HS256',
    'SIGNING_KEY': SECRET_KEY, # 使用Django的 SECRET_KEY 来签名JWT
    'VERIFYING_KEY': None,
    'AUDIENCE': None,
    'ISSUER': None,
    'JWK_URL': None,
    'LEEWAY': 0,

    'AUTH_HEADER_TYPES': ('Bearer',), # 期望在Authorization头中看到的类型，例如 "Bearer <token>"
    'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
    'USER_ID_FIELD': 'id',                  # 你的 CustomUser 模型中用作主键的字段名
    'USER_ID_CLAIM': 'user_id',             # JWT payload 中代表用户ID的claim名称

    'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
    'TOKEN_TYPE_CLAIM': 'token_type',
    'TOKEN_USER_CLASS': 'rest_framework_simplejwt.models.TokenUser',

    'JTI_CLAIM': 'jti',

    # 如果你想自定义token payload中包含的内容，可以使用下面这个(需要写自定义的Token序列化器)
    # 'TOKEN_OBTAIN_SERIALIZER': 'your_app.serializers.MyTokenObtainPairSerializer',
}