2025-11-27 11:53:46 +05:30
|
|
|
import os
|
|
|
|
|
from pathlib import Path
|
|
|
|
|
|
|
|
|
|
BASE_DIR = Path(__file__).resolve().parent.parent
|
|
|
|
|
|
2026-03-25 12:23:21 +00:00
|
|
|
SECRET_KEY = os.environ['DJANGO_SECRET_KEY']
|
2025-11-27 11:53:46 +05:30
|
|
|
|
2025-11-28 03:30:38 +05:30
|
|
|
# DEBUG = os.environ.get('DJANGO_DEBUG', 'False') == 'True'
|
|
|
|
|
#
|
|
|
|
|
# ALLOWED_HOSTS = os.environ.get('DJANGO_ALLOWED_HOSTS', '*').split(',')
|
2025-11-27 11:53:46 +05:30
|
|
|
|
2026-03-24 14:46:03 +00:00
|
|
|
DEBUG = False
|
2025-11-28 03:30:38 +05:30
|
|
|
|
|
|
|
|
ALLOWED_HOSTS = [
|
2026-03-25 12:23:21 +00:00
|
|
|
'db.eventifyplus.com',
|
|
|
|
|
'uat.eventifyplus.com',
|
2026-03-30 19:29:42 +00:00
|
|
|
'em.eventifyplus.com',
|
2026-03-25 12:23:21 +00:00
|
|
|
'backend.eventifyplus.com',
|
|
|
|
|
'admin.eventifyplus.com',
|
|
|
|
|
'app.eventifyplus.com',
|
2026-04-22 10:30:58 +05:30
|
|
|
'partner.eventifyplus.com',
|
|
|
|
|
'eventify-backend',
|
|
|
|
|
'eventify-django',
|
2026-03-25 12:23:21 +00:00
|
|
|
'localhost',
|
|
|
|
|
'127.0.0.1',
|
2025-11-28 03:30:38 +05:30
|
|
|
]
|
2025-11-27 11:53:46 +05:30
|
|
|
|
|
|
|
|
INSTALLED_APPS = [
|
|
|
|
|
'django.contrib.admin',
|
|
|
|
|
'django.contrib.auth',
|
|
|
|
|
'django.contrib.contenttypes',
|
|
|
|
|
'django.contrib.sessions',
|
|
|
|
|
'django.contrib.messages',
|
|
|
|
|
'django.contrib.staticfiles',
|
2026-03-15 00:29:17 +05:30
|
|
|
'eventify_logger',
|
2025-11-27 11:53:46 +05:30
|
|
|
'master_data',
|
|
|
|
|
'events',
|
|
|
|
|
'accounts',
|
2026-03-15 00:29:17 +05:30
|
|
|
'partner',
|
2025-12-01 04:52:49 +05:30
|
|
|
'templatetags',
|
2025-12-17 22:05:13 +05:30
|
|
|
'mobile_api',
|
|
|
|
|
'web_api',
|
2026-03-15 00:29:17 +05:30
|
|
|
'bookings',
|
|
|
|
|
'banking_operations',
|
2025-12-01 04:52:49 +05:30
|
|
|
'rest_framework',
|
2026-03-24 14:46:03 +00:00
|
|
|
'rest_framework.authtoken',
|
|
|
|
|
'rest_framework_simplejwt',
|
|
|
|
|
'admin_api',
|
feat: Phase 1+2 - JWT auth, dashboard metrics API, DB indexes
Phase 1 - JWT Auth Foundation:
- Replace token auth with djangorestframework-simplejwt
- POST /api/v1/admin/auth/login/ - returns access + refresh JWT
- POST /api/v1/auth/refresh/ - JWT refresh
- GET /api/v1/auth/me/ - current admin profile
- GET /api/v1/health/ - DB health check
- Add ledger app to INSTALLED_APPS
Phase 2 - Dashboard Metrics API:
- GET /api/v1/dashboard/metrics/ - revenue, partners, events, tickets
- GET /api/v1/dashboard/revenue/ - 7-day revenue vs payouts chart data
- GET /api/v1/dashboard/activity/ - last 10 platform events feed
- GET /api/v1/dashboard/actions/ - KYC queue, flagged events, pending payouts
DB Indexes (dashboard query optimisation):
- RazorpayTransaction: status, captured_at
- Partner: status, kyc_compliance_status
- Event: event_status, start_date, created_date
- Booking: created_date
- PaymentTransaction: payment_type, payment_transaction_status, payment_transaction_date
Infra:
- Add Dockerfile for eventify-backend container
- Add simplejwt to requirements.txt
- All 4 dashboard views use IsAuthenticated permission class
2026-03-24 17:46:41 +00:00
|
|
|
'django_summernote',
|
|
|
|
|
'ledger',
|
2026-04-04 18:56:47 +05:30
|
|
|
'notifications',
|
2026-04-06 12:10:06 +05:30
|
|
|
'ad_control',
|
2025-11-27 11:53:46 +05:30
|
|
|
]
|
|
|
|
|
|
2025-12-17 22:05:13 +05:30
|
|
|
INSTALLED_APPS += [
|
|
|
|
|
"corsheaders",
|
|
|
|
|
]
|
|
|
|
|
|
2025-11-27 11:53:46 +05:30
|
|
|
MIDDLEWARE = [
|
2025-12-17 22:05:13 +05:30
|
|
|
'corsheaders.middleware.CorsMiddleware',
|
2025-11-27 11:53:46 +05:30
|
|
|
'django.middleware.security.SecurityMiddleware',
|
|
|
|
|
'django.contrib.sessions.middleware.SessionMiddleware',
|
|
|
|
|
'django.middleware.csrf.CsrfViewMiddleware',
|
|
|
|
|
'django.contrib.auth.middleware.AuthenticationMiddleware',
|
2026-03-15 00:29:17 +05:30
|
|
|
'eventify_logger.middleware.EventifyLoggingMiddleware',
|
2025-11-27 11:53:46 +05:30
|
|
|
'django.contrib.messages.middleware.MessageMiddleware',
|
|
|
|
|
'django.middleware.clickjacking.XFrameOptionsMiddleware',
|
2025-12-17 22:05:13 +05:30
|
|
|
'corsheaders.middleware.CorsMiddleware',
|
|
|
|
|
'django.middleware.common.CommonMiddleware',
|
|
|
|
|
]
|
2025-12-19 21:48:51 +05:30
|
|
|
|
2025-12-17 22:05:13 +05:30
|
|
|
CORS_ALLOWED_ORIGINS = [
|
2026-03-25 12:23:21 +00:00
|
|
|
"https://app.eventifyplus.com",
|
|
|
|
|
"https://admin.eventifyplus.com",
|
|
|
|
|
"https://uat.eventifyplus.com",
|
2026-03-24 14:46:03 +00:00
|
|
|
"http://localhost:5178",
|
|
|
|
|
"http://localhost:5179",
|
2025-12-17 22:05:13 +05:30
|
|
|
"http://localhost:5173",
|
2026-03-24 14:46:03 +00:00
|
|
|
"http://localhost:3001",
|
|
|
|
|
"http://localhost:3000",
|
2026-04-04 18:56:47 +05:30
|
|
|
"http://localhost:8080",
|
2025-12-20 02:28:15 +05:30
|
|
|
"https://prototype.eventifyplus.com",
|
2025-12-25 02:42:10 +05:30
|
|
|
"https://eventifyplus.com",
|
2026-03-24 14:46:03 +00:00
|
|
|
"https://mv.eventifyplus.com",
|
|
|
|
|
"https://db.eventifyplus.com",
|
|
|
|
|
"https://test.eventifyplus.com",
|
|
|
|
|
"https://em.eventifyplus.com"
|
2025-11-27 11:53:46 +05:30
|
|
|
]
|
|
|
|
|
|
|
|
|
|
ROOT_URLCONF = 'eventify.urls'
|
|
|
|
|
|
|
|
|
|
TEMPLATES = [
|
|
|
|
|
{
|
|
|
|
|
'BACKEND': 'django.template.backends.django.DjangoTemplates',
|
|
|
|
|
'DIRS': [BASE_DIR / 'templates'],
|
|
|
|
|
'APP_DIRS': True,
|
|
|
|
|
'OPTIONS': {
|
|
|
|
|
'context_processors': [
|
|
|
|
|
'django.template.context_processors.debug',
|
|
|
|
|
'django.template.context_processors.request',
|
|
|
|
|
'django.contrib.auth.context_processors.auth',
|
|
|
|
|
'django.contrib.messages.context_processors.messages',
|
|
|
|
|
],
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
WSGI_APPLICATION = 'eventify.wsgi.application'
|
|
|
|
|
|
2025-12-19 19:35:38 +05:30
|
|
|
DATABASES = {
|
|
|
|
|
'default': {
|
2026-03-24 14:46:03 +00:00
|
|
|
'ENGINE': os.environ.get('DB_ENGINE', 'django.db.backends.sqlite3'),
|
|
|
|
|
'NAME': os.environ.get('DB_NAME', str(BASE_DIR / 'db.sqlite3')),
|
|
|
|
|
'USER': os.environ.get('DB_USER', ''),
|
|
|
|
|
'PASSWORD': os.environ.get('DB_PASS', ''),
|
|
|
|
|
'HOST': os.environ.get('DB_HOST', ''),
|
|
|
|
|
'PORT': os.environ.get('DB_PORT', '5432'),
|
2025-12-19 19:35:38 +05:30
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2025-12-20 02:28:15 +05:30
|
|
|
# DATABASES = {
|
|
|
|
|
# 'default': {
|
|
|
|
|
# 'ENGINE': 'django.db.backends.postgresql',
|
|
|
|
|
# 'NAME': 'eventify_uat_db', # your DB name
|
|
|
|
|
# 'USER': 'eventify_uat', # your DB user
|
|
|
|
|
# 'HOST': '0.0.0.0', # or IP/domain
|
|
|
|
|
# 'PORT': '5440', # default PostgreSQL port
|
|
|
|
|
# }
|
|
|
|
|
# }
|
|
|
|
|
|
2025-11-27 11:53:46 +05:30
|
|
|
AUTH_PASSWORD_VALIDATORS = [
|
|
|
|
|
{'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator'},
|
|
|
|
|
{'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator'},
|
|
|
|
|
{'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator'},
|
|
|
|
|
{'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator'},
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
LANGUAGE_CODE = 'en-us'
|
|
|
|
|
TIME_ZONE = 'UTC'
|
|
|
|
|
USE_I18N = True
|
|
|
|
|
USE_L10N = True
|
|
|
|
|
USE_TZ = True
|
|
|
|
|
|
|
|
|
|
STATIC_URL = '/static/'
|
|
|
|
|
STATIC_ROOT = BASE_DIR / 'staticfiles'
|
|
|
|
|
STATICFILES_DIRS = [BASE_DIR / 'static']
|
|
|
|
|
|
|
|
|
|
MEDIA_URL = '/media/'
|
|
|
|
|
MEDIA_ROOT = BASE_DIR / 'media'
|
|
|
|
|
|
2026-03-24 14:46:03 +00:00
|
|
|
X_FRAME_OPTIONS = 'SAMEORIGIN'
|
|
|
|
|
|
2025-11-27 11:53:46 +05:30
|
|
|
AUTH_USER_MODEL = 'accounts.User'
|
|
|
|
|
|
|
|
|
|
LOGIN_URL = 'login'
|
|
|
|
|
LOGIN_REDIRECT_URL = 'dashboard'
|
|
|
|
|
LOGOUT_REDIRECT_URL = 'login'
|
2025-12-09 03:59:57 +05:30
|
|
|
|
2026-03-30 19:29:42 +00:00
|
|
|
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
|
|
|
|
|
EMAIL_HOST = 'mail.bshtech.net'
|
|
|
|
|
EMAIL_PORT = 587
|
|
|
|
|
EMAIL_USE_TLS = True
|
|
|
|
|
EMAIL_HOST_USER = 'no-reply@eventifyplus.com'
|
|
|
|
|
EMAIL_HOST_PASSWORD = os.environ.get('EMAIL_HOST_PASSWORD', '')
|
|
|
|
|
DEFAULT_FROM_EMAIL = 'Eventify <no-reply@eventifyplus.com>'
|
2026-03-24 14:46:03 +00:00
|
|
|
|
|
|
|
|
SUMMERNOTE_THEME = 'bs5'
|
|
|
|
|
|
|
|
|
|
# Reverse proxy / CSRF fix
|
|
|
|
|
CSRF_TRUSTED_ORIGINS = [
|
2026-03-25 12:23:21 +00:00
|
|
|
'https://app.eventifyplus.com',
|
|
|
|
|
'https://admin.eventifyplus.com',
|
2026-03-24 14:46:03 +00:00
|
|
|
'https://db.eventifyplus.com',
|
|
|
|
|
'https://uat.eventifyplus.com',
|
|
|
|
|
'https://test.eventifyplus.com',
|
|
|
|
|
'https://eventifyplus.com',
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
|
|
|
|
|
USE_X_FORWARDED_HOST = True
|
|
|
|
|
|
|
|
|
|
# --- JWT Auth (Phase 1) ---
|
|
|
|
|
from datetime import timedelta
|
|
|
|
|
|
|
|
|
|
REST_FRAMEWORK = {
|
|
|
|
|
'DEFAULT_AUTHENTICATION_CLASSES': (
|
|
|
|
|
'rest_framework_simplejwt.authentication.JWTAuthentication',
|
|
|
|
|
),
|
|
|
|
|
'DEFAULT_PERMISSION_CLASSES': (
|
|
|
|
|
'rest_framework.permissions.IsAuthenticated',
|
|
|
|
|
),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SIMPLE_JWT = {
|
2026-03-25 12:23:21 +00:00
|
|
|
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=30), # Reduced from 1 day for security
|
2026-03-24 14:46:03 +00:00
|
|
|
'REFRESH_TOKEN_LIFETIME': timedelta(days=7),
|
2026-03-25 12:23:21 +00:00
|
|
|
'ROTATE_REFRESH_TOKENS': True,
|
2026-03-24 14:46:03 +00:00
|
|
|
'AUTH_HEADER_TYPES': ('Bearer',),
|
|
|
|
|
'USER_ID_FIELD': 'id',
|
|
|
|
|
'USER_ID_CLAIM': 'user_id',
|
|
|
|
|
}
|
2026-04-10 01:31:18 +05:30
|
|
|
|
|
|
|
|
# --- Google OAuth (Sign in with Google via GIS ID-token flow) -----------
|
|
|
|
|
# The Client ID is public (safe in VITE_* env vars and the SPA bundle).
|
|
|
|
|
# There is NO client secret — we use the ID-token flow, not auth-code flow.
|
|
|
|
|
# Set the SAME value in the Django container .env and in SPA .env.local.
|
|
|
|
|
GOOGLE_CLIENT_ID = os.environ.get('GOOGLE_CLIENT_ID', '')
|
