Повышена защищённость данных, ид канала зашифрован средствами django #19

и в настройках мы дешифруем значение канала
2 years ago · dc7a3fa283
5 changed files with 24 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,4 +5,4 @@ db.sqlite3
 __pycache__/
 identifier.sqlite
 vk_config.v2.json
-crossposting_backend/private_settings.py
+crossposting_backend/private/settings.py
--- a/cms/promoters.py
+++ b/cms/promoters.py
@ -21,7 +21,7 @@ class Promoter(abc.ABC):

 class TelegramPromoter(Promoter):
    def promote(self):
-        from crossposting_backend.private_settings import BOT_TOKEN, CHANNEL_ID
+        from crossposting_backend.settings import BOT_TOKEN, CHANNEL_ID

        long_text = f'{self.article.body}\n{self.article.link}'
        querystring = (('chat_id', CHANNEL_ID), ('text', long_text))
--- a/crossposting_backend/private/init.py
+++ b/crossposting_backend/private/init.py
--- a/crossposting_backend/private/settings.example.py
+++ b/crossposting_backend/private/settings.example.py
@ -0,0 +1,7 @@
+# SECURITY WARNING: don't run with debug turned on in production!
+DEBUG = False
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = 'django-insecure-aaaa'
+
+SALT = 'aaaaaaaa'
+ALLOWED_HOSTS = []
--- a/crossposting_backend/settings.py
+++ b/crossposting_backend/settings.py
@ -10,18 +10,29 @@ For the full list of settings and their values, see
 https://docs.djangoproject.com/en/4.1/ref/settings/
 """

+from os import path, getenv
+from pathlib import Path

-from .private_settings import *
+import dotenv
+from django.core import signing

-# Build paths inside the project like this: BASE_DIR / 'subdir'.
-from django.urls import reverse
+from .private.settings import *
+
+BASE_DIR = Path(__file__).resolve().parent.parent
+env_file = path.join(BASE_DIR, '.env')

+dotenv.read_dotenv(env_file)

+BOT_TOKEN = getenv('TELEGRAM_BOT_TOKEN')
+signer = signing.Signer(salt=SALT)
+signed_telegram_chat_id_dict = getenv('TELEGRAM_CHAT_ID')
+CHANNEL_ID = signer.unsign_object(signed_telegram_chat_id_dict)['TELEGRAM_CHAT_ID']
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.

 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/4.1/howto/deployment/checklist/

-ALLOWED_HOSTS = []

 LOGIN_URL = '/cms/'

@ -68,7 +79,6 @@ TEMPLATES = [

 WSGI_APPLICATION = 'crossposting_backend.wsgi.application'

-
 # Database
 # https://docs.djangoproject.com/en/4.1/ref/settings/#databases

@ -79,7 +89,6 @@ DATABASES = {
    }
 }

-
 # Password validation
 # https://docs.djangoproject.com/en/4.1/ref/settings/#auth-password-validators

@ -98,7 +107,6 @@ AUTH_PASSWORD_VALIDATORS = [
    },
 ]

-
 # Internationalization
 # https://docs.djangoproject.com/en/4.1/topics/i18n/

@ -110,7 +118,6 @@ USE_I18N = True

 USE_TZ = True

-
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/4.1/howto/static-files/