2021-08-13 18:35:18 +01:00
|
|
|
import json
|
2023-02-01 11:57:59 -05:00
|
|
|
from os import getenv
|
2022-11-29 12:16:29 -05:00
|
|
|
|
2023-05-02 16:05:09 -04:00
|
|
|
import newrelic.agent
|
2015-12-04 14:40:16 +00:00
|
|
|
|
2022-10-20 08:03:32 -04:00
|
|
|
from app.cloudfoundry_config import cloud_config
|
2024-05-16 10:37:37 -04:00
|
|
|
from notifications_utils import DAILY_MESSAGE_LIMIT
|
2016-12-08 16:50:37 +00:00
|
|
|
|
|
|
|
|
|
2015-11-24 09:40:14 +00:00
|
|
|
class Config(object):
|
2024-09-03 10:37:05 -07:00
|
|
|
SIMULATED_SMS_NUMBERS = ("+14254147755", "+14254147167")
|
2023-08-25 09:12:23 -07:00
|
|
|
NOTIFY_APP_NAME = "admin"
|
|
|
|
|
NOTIFY_ENVIRONMENT = getenv("NOTIFY_ENVIRONMENT", "development")
|
|
|
|
|
API_HOST_NAME = getenv("API_HOST_NAME", "localhost")
|
2025-05-19 14:41:41 -07:00
|
|
|
API_PUBLIC_URL = getenv("API_PUBLIC_URL", "localhost")
|
|
|
|
|
|
2023-08-25 09:12:23 -07:00
|
|
|
ADMIN_BASE_URL = getenv("ADMIN_BASE_URL", "http://localhost:6012")
|
2025-07-31 17:07:17 -04:00
|
|
|
HEADER_COLOUR = "#81878b" # mix of dark-grey and mid-grey
|
2025-10-06 09:38:54 -04:00
|
|
|
LOGO_CDN_DOMAIN = "static-logos.notifications.example.gov" # TODO use our own CDN
|
2025-07-29 17:33:13 -04:00
|
|
|
|
2022-10-18 16:16:13 -04:00
|
|
|
ASSETS_DEBUG = False
|
|
|
|
|
|
|
|
|
|
# Credentials
|
2023-08-25 09:12:23 -07:00
|
|
|
ADMIN_CLIENT_SECRET = getenv("ADMIN_CLIENT_SECRET")
|
|
|
|
|
ADMIN_CLIENT_USER_NAME = getenv("ADMIN_CLIENT_USERNAME")
|
|
|
|
|
SECRET_KEY = getenv("SECRET_KEY")
|
|
|
|
|
DANGEROUS_SALT = getenv("DANGEROUS_SALT")
|
2023-02-01 11:57:59 -05:00
|
|
|
# ZENDESK_API_KEY = getenv('ZENDESK_API_KEY')
|
2023-08-25 09:12:23 -07:00
|
|
|
ROUTE_SECRET_KEY_1 = getenv("ROUTE_SECRET_KEY_1", "dev-route-secret-key-1")
|
|
|
|
|
ROUTE_SECRET_KEY_2 = getenv("ROUTE_SECRET_KEY_2", "dev-route-secret-key-2")
|
|
|
|
|
|
|
|
|
|
NR_ACCOUNT_ID = getenv("NR_ACCOUNT_ID")
|
|
|
|
|
NR_TRUST_KEY = getenv("NR_TRUST_KEY")
|
|
|
|
|
NR_AGENT_ID = getenv("NR_AGENT_ID")
|
|
|
|
|
NR_APP_ID = getenv("NR_APP_ID")
|
|
|
|
|
NR_BROWSER_KEY = getenv("NR_BROWSER_KEY")
|
2023-05-02 16:05:09 -04:00
|
|
|
settings = newrelic.agent.global_settings()
|
|
|
|
|
NR_MONITOR_ON = settings and settings.monitor_mode
|
2024-03-14 13:25:02 -07:00
|
|
|
COMMIT_HASH = getenv("COMMIT_HASH", "--------")[0:7]
|
2023-05-02 15:26:57 -04:00
|
|
|
|
2024-05-21 07:38:23 -07:00
|
|
|
GOVERNMENT_EMAIL_DOMAIN_NAMES = ["gov", "mil", "si.edu"]
|
2023-05-19 13:54:27 -07:00
|
|
|
|
2017-01-09 19:14:04 +00:00
|
|
|
# Logging
|
2023-08-25 09:12:23 -07:00
|
|
|
NOTIFY_LOG_LEVEL = getenv("NOTIFY_LOG_LEVEL", "INFO")
|
2016-12-08 16:50:37 +00:00
|
|
|
|
2016-03-23 14:09:07 +00:00
|
|
|
DEFAULT_SERVICE_LIMIT = 50
|
2021-04-07 09:32:18 +01:00
|
|
|
|
2023-06-19 10:10:22 -07:00
|
|
|
GLOBAL_SERVICE_MESSAGE_LIMIT = DAILY_MESSAGE_LIMIT
|
2023-06-01 10:44:13 -06:00
|
|
|
|
2017-11-01 14:39:14 +00:00
|
|
|
EMAIL_EXPIRY_SECONDS = 3600 # 1 hour
|
2017-11-02 13:49:24 +00:00
|
|
|
INVITATION_EXPIRY_SECONDS = 3600 * 24 * 2 # 2 days - also set on api
|
2017-11-07 16:11:31 +00:00
|
|
|
EMAIL_2FA_EXPIRY_SECONDS = 1800 # 30 Minutes
|
2023-08-16 10:55:24 -06:00
|
|
|
PERMANENT_SESSION_LIFETIME = 1800 # 30 Minutes
|
2016-03-23 14:09:07 +00:00
|
|
|
SEND_FILE_MAX_AGE_DEFAULT = 365 * 24 * 60 * 60 # 1 year
|
2022-10-18 16:16:13 -04:00
|
|
|
REPLY_TO_EMAIL_ADDRESS_VALIDATION_TIMEOUT = 45
|
2024-06-10 10:15:22 -06:00
|
|
|
ACTIVITY_STATS_LIMIT_DAYS = {
|
2024-06-24 10:44:19 -06:00
|
|
|
"today": 0,
|
2024-06-10 10:15:22 -06:00
|
|
|
"one_day": 1,
|
|
|
|
|
"three_day": 3,
|
|
|
|
|
"five_day": 5,
|
|
|
|
|
"seven_day": 7,
|
|
|
|
|
}
|
2016-03-23 14:09:07 +00:00
|
|
|
SESSION_COOKIE_HTTPONLY = True
|
2023-08-25 09:12:23 -07:00
|
|
|
SESSION_COOKIE_NAME = "notify_admin_session"
|
2016-03-23 14:09:07 +00:00
|
|
|
SESSION_COOKIE_SECURE = True
|
2025-10-01 19:50:35 -04:00
|
|
|
SESSION_COOKIE_SAMESITE = "Lax"
|
2019-11-28 14:39:30 +00:00
|
|
|
# don't send back the cookie if it hasn't been modified by the request. this means that the expiry time won't be
|
|
|
|
|
# updated unless the session is changed - but it's generally refreshed by `save_service_or_org_after_request`
|
|
|
|
|
# every time anyway, except for specific endpoints (png/pdfs generally) where we've disabled that handler.
|
|
|
|
|
SESSION_REFRESH_EACH_REQUEST = False
|
2016-03-23 14:09:07 +00:00
|
|
|
WTF_CSRF_ENABLED = True
|
2017-03-15 11:16:58 +00:00
|
|
|
WTF_CSRF_TIME_LIMIT = None
|
2017-11-16 16:33:21 +00:00
|
|
|
CHECK_PROXY_HEADER = False
|
2022-08-05 00:25:03 -07:00
|
|
|
|
2022-10-20 08:03:32 -04:00
|
|
|
REDIS_URL = cloud_config.redis_url
|
2023-08-25 09:12:23 -07:00
|
|
|
REDIS_ENABLED = getenv("REDIS_ENABLED", "1") == "1"
|
2018-11-28 15:39:08 +00:00
|
|
|
|
2022-08-05 00:25:03 -07:00
|
|
|
# TODO: reassign this
|
2023-08-25 09:12:23 -07:00
|
|
|
NOTIFY_SERVICE_ID = "d6aa2c68-a2d9-4437-ab19-3ae8eb202553"
|
|
|
|
|
|
2025-10-14 12:59:49 -07:00
|
|
|
ORGANIZATION_DASHBOARD_ENABLED = (
|
2025-10-29 10:15:36 -07:00
|
|
|
getenv("ORGANIZATION_DASHBOARD_ENABLED", "false").lower() == "true"
|
2025-10-14 12:59:49 -07:00
|
|
|
)
|
2025-10-14 12:37:12 -07:00
|
|
|
|
2023-08-25 09:12:23 -07:00
|
|
|
NOTIFY_BILLING_DETAILS = json.loads(getenv("NOTIFY_BILLING_DETAILS") or "null") or {
|
|
|
|
|
"account_number": "98765432",
|
|
|
|
|
"sort_code": "01-23-45",
|
|
|
|
|
"IBAN": "GB33BUKB20201555555555",
|
|
|
|
|
"swift": "ABCDEF12",
|
|
|
|
|
"notify_billing_email_addresses": [
|
2024-01-25 13:00:39 -05:00
|
|
|
"tts-benefits-studio@gsa.gov",
|
2023-08-25 09:12:23 -07:00
|
|
|
],
|
2021-08-13 18:35:18 +01:00
|
|
|
}
|
|
|
|
|
|
2025-04-10 12:35:04 -07:00
|
|
|
|
2023-03-13 15:30:37 -04:00
|
|
|
def _s3_credentials_from_env(bucket_prefix):
|
2022-10-26 13:19:07 +00:00
|
|
|
return {
|
2023-08-25 09:12:23 -07:00
|
|
|
"bucket": getenv(
|
|
|
|
|
f"{bucket_prefix}_BUCKET_NAME", f"{bucket_prefix}-test-bucket-name"
|
|
|
|
|
),
|
|
|
|
|
"access_key_id": getenv(f"{bucket_prefix}_AWS_ACCESS_KEY_ID"),
|
|
|
|
|
"secret_access_key": getenv(f"{bucket_prefix}_AWS_SECRET_ACCESS_KEY"),
|
|
|
|
|
"region": getenv(f"{bucket_prefix}_AWS_REGION"),
|
2022-10-26 13:19:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2015-11-24 09:40:14 +00:00
|
|
|
class Development(Config):
|
|
|
|
|
DEBUG = True
|
2016-02-23 15:45:19 +00:00
|
|
|
SESSION_COOKIE_SECURE = False
|
2016-05-04 13:01:55 +01:00
|
|
|
SESSION_PROTECTION = None
|
2023-08-25 09:12:23 -07:00
|
|
|
HTTP_PROTOCOL = "http"
|
|
|
|
|
ASSET_DOMAIN = ""
|
|
|
|
|
ASSET_PATH = "/static/"
|
|
|
|
|
NOTIFY_LOG_LEVEL = "DEBUG"
|
2022-08-05 00:25:03 -07:00
|
|
|
|
2025-10-15 16:47:19 -07:00
|
|
|
# Feature Flags
|
2025-10-14 12:59:49 -07:00
|
|
|
ORGANIZATION_DASHBOARD_ENABLED = (
|
2025-10-29 10:15:36 -07:00
|
|
|
getenv("ORGANIZATION_DASHBOARD_ENABLED", "true").lower() == "true"
|
2025-10-14 12:59:49 -07:00
|
|
|
)
|
2025-10-14 12:37:12 -07:00
|
|
|
|
2022-07-25 15:18:39 -07:00
|
|
|
# Buckets
|
2023-08-25 09:12:23 -07:00
|
|
|
CSV_UPLOAD_BUCKET = _s3_credentials_from_env("CSV")
|
|
|
|
|
LOGO_UPLOAD_BUCKET = _s3_credentials_from_env("LOGO")
|
2022-08-05 00:25:03 -07:00
|
|
|
|
2022-10-18 16:16:13 -04:00
|
|
|
# credential overrides
|
2023-08-25 09:12:23 -07:00
|
|
|
DANGEROUS_SALT = "development-notify-salt"
|
|
|
|
|
SECRET_KEY = "dev-notify-secret-key" # nosec B105 - only used in development
|
2022-10-18 16:16:13 -04:00
|
|
|
# ADMIN_CLIENT_USER_NAME is called ADMIN_CLIENT_ID in api repo, they should match
|
2023-08-25 09:12:23 -07:00
|
|
|
ADMIN_CLIENT_USER_NAME = "notify-admin"
|
|
|
|
|
ADMIN_CLIENT_SECRET = (
|
|
|
|
|
"dev-notify-secret-key" # nosec B105 - only used in development
|
|
|
|
|
)
|
2018-11-29 11:29:52 +00:00
|
|
|
|
2015-11-24 09:40:14 +00:00
|
|
|
|
2016-01-19 15:50:31 +00:00
|
|
|
class Test(Development):
|
2017-06-19 12:31:14 +01:00
|
|
|
TESTING = True
|
2017-03-15 11:16:58 +00:00
|
|
|
WTF_CSRF_ENABLED = False
|
2023-08-25 09:12:23 -07:00
|
|
|
ASSET_DOMAIN = "static.example.com"
|
|
|
|
|
ASSET_PATH = "https://static.example.com/"
|
|
|
|
|
API_HOST_NAME = "http://you-forgot-to-mock-an-api-call-to"
|
2025-05-22 12:03:18 -07:00
|
|
|
API_PUBLIC_URL = "http://you-forgot-to-mock-an-api-call-to"
|
2023-08-25 09:12:23 -07:00
|
|
|
REDIS_URL = "redis://you-forgot-to-mock-a-redis-call-to"
|
|
|
|
|
LOGO_CDN_DOMAIN = "static-logos.test.com"
|
2022-08-26 17:07:42 -04:00
|
|
|
|
|
|
|
|
|
2022-10-18 16:16:13 -04:00
|
|
|
class Production(Config):
|
2025-07-22 15:17:01 -04:00
|
|
|
HEADER_COLOUR = "#005EA5" # primary blue
|
2023-08-25 09:12:23 -07:00
|
|
|
HTTP_PROTOCOL = "https"
|
|
|
|
|
ASSET_DOMAIN = "" # TODO use a CDN
|
|
|
|
|
ASSET_PATH = "/static/" # TODO use a CDN
|
2022-10-18 16:16:13 -04:00
|
|
|
DEBUG = False
|
2016-07-04 17:21:08 +01:00
|
|
|
|
2022-07-25 15:18:39 -07:00
|
|
|
# buckets
|
2022-10-20 08:03:32 -04:00
|
|
|
CSV_UPLOAD_BUCKET = cloud_config.s3_credentials(
|
2023-08-25 09:12:23 -07:00
|
|
|
f"notify-api-csv-upload-bucket-{getenv('NOTIFY_ENVIRONMENT')}"
|
|
|
|
|
)
|
2022-10-20 08:03:32 -04:00
|
|
|
LOGO_UPLOAD_BUCKET = cloud_config.s3_credentials(
|
2023-08-25 09:12:23 -07:00
|
|
|
f"notify-admin-logo-upload-bucket-{getenv('NOTIFY_ENVIRONMENT')}"
|
|
|
|
|
)
|
2022-08-05 00:25:03 -07:00
|
|
|
|
2016-07-04 17:21:08 +01:00
|
|
|
|
2022-10-18 16:16:13 -04:00
|
|
|
class Staging(Production):
|
2023-08-25 09:12:23 -07:00
|
|
|
HEADER_COLOUR = "#00ff00" # $green
|
2016-12-08 16:50:37 +00:00
|
|
|
|
|
|
|
|
|
2024-01-25 13:00:39 -05:00
|
|
|
class E2ETest(Staging):
|
|
|
|
|
"""
|
|
|
|
|
An environment config that is intended to operate as if it were in the
|
|
|
|
|
staging environment but with the configuration of the development and test
|
|
|
|
|
environments so the E2E tests work.
|
|
|
|
|
"""
|
|
|
|
|
|
|
|
|
|
# Borrowed from development environment
|
2024-01-25 17:52:32 -05:00
|
|
|
DEBUG = True
|
2024-01-25 13:00:39 -05:00
|
|
|
SESSION_COOKIE_SECURE = False
|
|
|
|
|
SESSION_PROTECTION = None
|
|
|
|
|
HTTP_PROTOCOL = "http"
|
|
|
|
|
ASSET_DOMAIN = ""
|
|
|
|
|
ASSET_PATH = "/static/"
|
|
|
|
|
|
|
|
|
|
# Borrowed from test environment
|
|
|
|
|
TESTING = True
|
|
|
|
|
WTF_CSRF_ENABLED = False
|
|
|
|
|
|
2024-01-25 17:22:19 -05:00
|
|
|
# buckets - mirror staging
|
|
|
|
|
CSV_UPLOAD_BUCKET = cloud_config.s3_credentials(
|
|
|
|
|
"notify-api-csv-upload-bucket-staging"
|
|
|
|
|
)
|
|
|
|
|
LOGO_UPLOAD_BUCKET = cloud_config.s3_credentials(
|
|
|
|
|
"notify-admin-logo-upload-bucket-staging"
|
|
|
|
|
)
|
|
|
|
|
|
2024-01-25 13:00:39 -05:00
|
|
|
|
2022-11-02 16:05:53 -04:00
|
|
|
class Demo(Staging):
|
2023-08-25 09:12:23 -07:00
|
|
|
HEADER_COLOUR = "#6F72AF" # $mauve
|
2022-11-08 11:45:37 -05:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class Sandbox(Staging):
|
2023-08-25 09:12:23 -07:00
|
|
|
HEADER_COLOUR = "#ff0000" # $red
|
2022-11-02 16:05:53 -04:00
|
|
|
|
|
|
|
|
|
2022-10-18 16:16:13 -04:00
|
|
|
class Scanning(Production):
|
2023-08-25 09:12:23 -07:00
|
|
|
HTTP_PROTOCOL = "http"
|
|
|
|
|
API_HOST_NAME = "https://notify-api-staging.app.cloud.gov/"
|
|
|
|
|
SECRET_KEY = "dev-notify-secret-key" # nosec B105 - only used in development
|
|
|
|
|
ADMIN_CLIENT_USER_NAME = "notify-admin"
|
|
|
|
|
ADMIN_CLIENT_SECRET = (
|
|
|
|
|
"dev-notify-secret-key" # nosec B105 - only used in development
|
|
|
|
|
)
|
2016-12-08 16:50:37 +00:00
|
|
|
|
|
|
|
|
|
2015-11-24 09:40:14 +00:00
|
|
|
configs = {
|
2023-08-25 09:12:23 -07:00
|
|
|
"development": Development,
|
|
|
|
|
"test": Test,
|
2024-01-25 13:00:39 -05:00
|
|
|
"e2etest": E2ETest,
|
2023-08-25 09:12:23 -07:00
|
|
|
"scanning": Scanning,
|
|
|
|
|
"staging": Staging,
|
|
|
|
|
"demo": Demo,
|
|
|
|
|
"sandbox": Sandbox,
|
|
|
|
|
"production": Production,
|
2015-11-24 09:40:14 +00:00
|
|
|
}
|
