darkhelm/notifications-admin
1
0
Fork 0
mirror of https://github.com/GSA/notifications-admin.git synced 2026-02-27 13:51:12 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
dfcfe6a91e196a921bd0ce26f9dac29ea42d3dfd
notifications-admin/app/config.py
Chris Hill-Scott 5ab5a8a57f Make CSRF tokens last as long as the session 
If you’re filling out a form then it should be possible to submit it for
as long as you’re logged in. We keep you logged in for quite a long time
now. This is partly for people using assistive tech, who might be slower
to fill in forms, and partly for people who get distracted in the middle
of a task and come back to it later.

The expiry on our CSRF tokens was more aggressive (3600 seconds – 1
hour) than our sessions. This commit sets the CSRF tokens to not expire,
so in effect they last as long as the session.

Also tweaks the config to have CSRF on locally (to replicate production
more closely) and only disable it for tests (because it’s a pain to
grab the tokens in tests).
2017-03-15 11:16:58 +00:00

144 lines
3.9 KiB
Python
Raw Blame History

import os
from datetime import timedelta
if os.environ.get('VCAP_SERVICES'):
# on cloudfoundry, config is a json blob in VCAP_SERVICES - unpack it, and populate
# standard environment variables from it
from app.cloudfoundry_config import extract_cloudfoundry_config
extract_cloudfoundry_config()
class Config(object):
ADMIN_CLIENT_SECRET = os.environ['ADMIN_CLIENT_SECRET']
API_HOST_NAME = os.environ['API_HOST_NAME']
SECRET_KEY = os.environ['SECRET_KEY']
DANGEROUS_SALT = os.environ['DANGEROUS_SALT']
DESKPRO_API_HOST = os.environ['DESKPRO_API_HOST']
DESKPRO_API_KEY = os.environ['DESKPRO_API_KEY']
# Hosted graphite statsd prefix
STATSD_PREFIX = os.getenv('STATSD_PREFIX')
# Logging
DEBUG = False
LOGGING_STDOUT_JSON = os.getenv('LOGGING_STDOUT_JSON') == '1'
DESKPRO_DEPT_ID = 5
DESKPRO_ASSIGNED_AGENT_TEAM_ID = 5
ADMIN_CLIENT_USER_NAME = 'notify-admin'
ASSETS_DEBUG = False
AWS_REGION = 'eu-west-1'
DEFAULT_SERVICE_LIMIT = 50
EMAIL_EXPIRY_SECONDS = 3600 * 24 * 7 # one week
HEADER_COLOUR = '#FFBF47' # $yellow
HTTP_PROTOCOL = 'http'
MAX_FAILED_LOGIN_COUNT = 10
NOTIFY_APP_NAME = 'admin'
NOTIFY_LOG_LEVEL = 'DEBUG'
NOTIFY_LOG_PATH = '/var/log/notify/application.log'
PERMANENT_SESSION_LIFETIME = 20 * 60 * 60 # 20 hours
SEND_FILE_MAX_AGE_DEFAULT = 365 * 24 * 60 * 60 # 1 year
SESSION_COOKIE_HTTPONLY = True
SESSION_COOKIE_NAME = 'notify_admin_session'
SESSION_COOKIE_SECURE = True
SESSION_REFRESH_EACH_REQUEST = True
SHOW_STYLEGUIDE = True
TOKEN_MAX_AGE_SECONDS = 3600
WTF_CSRF_ENABLED = True
WTF_CSRF_TIME_LIMIT = None
CSV_UPLOAD_BUCKET_NAME = 'local-notifications-csv-upload'
DESKPRO_PERSON_EMAIL = 'donotreply@notifications.service.gov.uk'
ACTIVITY_STATS_LIMIT_DAYS = 7
TEST_MESSAGE_FILENAME = 'Test message'
STATSD_ENABLED = False
STATSD_HOST = "statsd.hostedgraphite.com"
STATSD_PORT = 8125
NOTIFY_ENVIRONMENT = 'development'
EMAIL_DOMAIN_REGEXES = [
r"gov\.uk",
r"mod\.uk",
r"mil\.uk",
r"ddc-mod\.org",
r"slc\.co\.uk",
r"gov\.scot",
r"parliament\.uk",
r"nhs\.uk",
r"nhs\.net",
r"police\.uk",
r"dclgdatamart\.co\.uk",
r"ucds\.email",
r"naturalengland\.org\.uk",
r"hmcts\.net",
r"scotent\.co\.uk",
r"assembly\.wales",
]
class Development(Config):
DEBUG = True
SESSION_COOKIE_SECURE = False
SESSION_PROTECTION = None
STATSD_ENABLED = False
CSV_UPLOAD_BUCKET_NAME = 'development-notifications-csv-upload'
class Test(Development):
DEBUG = True
STATSD_ENABLED = True
WTF_CSRF_ENABLED = False
CSV_UPLOAD_BUCKET_NAME = 'test-notifications-csv-upload'
NOTIFY_ENVIRONMENT = 'test'
class Preview(Config):
HTTP_PROTOCOL = 'https'
HEADER_COLOUR = '#F499BE' # $baby-pink
STATSD_ENABLED = True
CSV_UPLOAD_BUCKET_NAME = 'preview-notifications-csv-upload'
NOTIFY_ENVIRONMENT = 'preview'
class Staging(Config):
SHOW_STYLEGUIDE = False
HTTP_PROTOCOL = 'https'
HEADER_COLOUR = '#6F72AF' # $mauve
STATSD_ENABLED = True
CSV_UPLOAD_BUCKET_NAME = 'staging-notify-csv-upload'
NOTIFY_ENVIRONMENT = 'staging'
class Live(Config):
SHOW_STYLEGUIDE = False
HEADER_COLOUR = '#005EA5' # $govuk-blue
HTTP_PROTOCOL = 'https'
STATSD_ENABLED = True
CSV_UPLOAD_BUCKET_NAME = 'live-notifications-csv-upload'
NOTIFY_ENVIRONMENT = 'live'
class CloudFoundryConfig(Config):
pass
# CloudFoundry sandbox
class Sandbox(CloudFoundryConfig):
HTTP_PROTOCOL = 'https'
HEADER_COLOUR = '#F499BE' # $baby-pink
STATSD_ENABLED = True
CSV_UPLOAD_BUCKET_NAME = 'cf-sandbox-notifications-csv-upload'
NOTIFY_ENVIRONMENT = 'sandbox'
configs = {
'development': Development,
'test': Test,
'preview': Preview,
'staging': Staging,
'live': Live,
'sandbox': Sandbox
}
Reference in New Issue View Git Blame Copy Permalink