"""
Django settings for main project.

Generated by 'django-admin startproject' using Django 2.0.2.

For more information on this file, see
https://docs.djangoproject.com/en/2.0/topics/settings/

For the full list of settings and their values, see
https://docs.djangoproject.com/en/2.0/ref/settings/
"""

import os

# Used to update config values _after_ importing settings_local
UPDATE_CONFIGS = []

# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))


# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/2.0/howto/deployment/checklist/

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = '-replace-this-in-install-settings-3243v432'

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
DEBUG_LOCAL= False
DEBUG_PROPAGATE_EXCEPTIONS = False
LOG_INCOMING_REQUESTS = False

ALLOWED_HOSTS = []
HTTP_PROTOCOL = 'http'
BASE_DOMAIN = "localhost"
BASE_SUBDOMAIN = ""
BASE_PORT = ""


# Application definition

INSTALLED_APPS = [
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.messages',
    'django.contrib.staticfiles',

    #'statici18n',   # e.g. for javascript translation
    'keycloak_oidc',

    'anymail',

    'records_audit', 
    'nalodeni', 
]

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',

    'keycloak_oidc.middleware.KeycloakSessionRefreshMiddleware',            # added
    'django.middleware.clickjacking.XFrameOptionsMiddleware',

    'django.middleware.gzip.GZipMiddleware',
]

ROOT_URLCONF = 'main.urls'

TEMPLATES = [
    {
        'BACKEND': 'django.template.backends.django.DjangoTemplates',
        'DIRS': [],
        'APP_DIRS': True,
        'OPTIONS': {
            'context_processors': [
                #'django.template.context_processors.debug',
                'django.template.context_processors.request',
                'django.contrib.auth.context_processors.auth',
                'django.contrib.messages.context_processors.messages',
                'django.template.context_processors.i18n',  #   for statici18n
            ],
        },
    },
]

WSGI_APPLICATION = 'main.wsgi.application'

# Database
DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql',
        'NAME': '',
        'USER': '',
        'PASSWORD': '',
        'HOST': '',          # Set to empty string for localhost.
        'PORT': '',          # Set to empty string for default.
    }
}


#  Specify in settings
AUTH_USER_MODEL = None

# Other auth backends
AUTHENTICATION_BACKENDS = [
    'django.contrib.auth.backends.ModelBackend',
    'nalodeni.auth.EmailTokenAuthBackend',
]



# Password validation
# https://docs.djangoproject.com/en/2.0/ref/settings/#auth-password-validators

AUTH_PASSWORD_VALIDATORS = [
    {
        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
    },
#    {
#        'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
#    },
#    {
#        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
#    },
#    {
#        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
#    },
]


# Internationalization
# https://docs.djangoproject.com/en/2.0/topics/i18n/

LANGUAGE_CODE = 'cs'

TIME_ZONE = 'Europe/Prague'

USE_I18N = True

USE_L10N = True

USE_TZ = False


# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/2.0/howto/static-files/

STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR,'static_files')

# Translations

LOCALE_PATHS = [
        BASE_DIR + "/locale",
        ]

# Email setup

EMAIL_HOST="localhost"
EMAIL_PORT=25
ANYMAIL = {
    "MAILGUN_API_KEY": "",
    "MAILGUN_SENDER_DOMAIN": '',
    "MAILGUN_API_URL": 'https://api.eu.mailgun.net/v3',
}

# prijemce mailu s alertem "uzivatel odvolal souhlas se zpracovanim osobnich udaju"
EMAIL_RECIPIENT_GDPR = 'gdpr@pirati.cz'
#DEFAULT_FROM_EMAIL = 'nalodeni@pirati.cz'

#EMAIL_BACKEND = "anymail.backends.mailgun.EmailBackend"

##
#   SingleSignOn
#
#   AUTH_SCOPE - list of scopes to request from the auth server
#   AUTH_GET_USER_FUNCTION - name of a function that takes the user info dict,
#           and returns an user object representing that user
##
AUTH_SERVER = "https://pttest1.kouzelnakrabicka.cz/auth/realms/pirati/"
AUTH_CLIENT_ID = ""         # view setting_local.py
AUTH_CLIENT_SECRET = ""     # view setting_local.py
AUTH_SCOPE = ['openid',]
AUTH_GET_USER_FUNCTION = 'nalodeni.models:get_user_by_keycloak_email'
AUTH_SSO_LOCALE = 'cs'
AUTH_AVAIL_IDP = []

#LOGIN_REDIRECT_URL = '/sso/login'
#LOGOUT_REDIRECT_URL = '/sso/logout'

# Email registration
APP_REG_LIMIT_HARD = 50
APP_REG_LIMIT_SOFT = 0
TOKEN_VALID_SEC = 60*60*24*3