diff --git a/README.md b/README.md index 4f7eee7..0eac025 100644 --- a/README.md +++ b/README.md @@ -69,3 +69,7 @@ Make sure you have the containers running: docker compose up Access [localhost:8000/{{ project_name }}/admin/](http://localhost:8000/{{ project_name }}/admin/). + +## Configuration / Environment Variables + +See `{{ project_name }}/config.py` for available configuration/environment variables. diff --git a/project_name/config.py b/project_name/config.py index 6fac283..bd00449 100644 --- a/project_name/config.py +++ b/project_name/config.py @@ -33,6 +33,10 @@ class AppConfig(GoodConf): "test", description="Deploy environment", ) + BASIC_AUTH_CREDENTIALS: str = Field( + default="", + description="Basic Auth credentials for the site in the format 'username:password'", + ) class Config: default_files = ["{{ project_name }}.yml"] diff --git a/project_name/wsgi.py b/project_name/wsgi.py index c5703e7..1ea17a7 100644 --- a/project_name/wsgi.py +++ b/project_name/wsgi.py @@ -21,5 +21,14 @@ # file. This includes Django's development server, if the WSGI_APPLICATION # setting points here. from django.core.wsgi import get_wsgi_application # noqa: E402 +from {{ project }}.config import config # noqa: E402 application = get_wsgi_application() +if config.BASIC_AUTH_CREDENTIALS: + import wsgi_basic_auth + + application = wsgi_basic_auth.BasicAuth( + app=application, + users=dict([config.BASIC_AUTH_CREDENTIALS.split(":", 1)]), + exclude_paths=["/-/"], + ) diff --git a/pyproject.toml b/pyproject.toml index 3422299..d7087ff 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -12,6 +12,7 @@ dependencies = [ "django-alive", "django-csp", "whitenoise", + "wsgi-basic-auth", "psycopg2", ] diff --git a/requirements-dev.txt b/requirements-dev.txt index d498cc9..d45a6cf 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -270,6 +270,12 @@ typing-extensions==4.9.0 \ # django-stubs-ext # mypy # pydantic +webob==1.8.7 \ + --hash=sha256:73aae30359291c14fa3b956f8b5ca31960e420c28c1bec002547fb04928cf89b \ + --hash=sha256:b64ef5141be559cfade448f044fa45c2260351edcb6a8ef6b7e00c7dcef0c323 + # via + # -c /app/requirements.txt + # wsgi-basic-auth wheel==0.42.0 \ --hash=sha256:177f9c9b0d45c47873b619f5b650346d632cdc35fb5e4d25058e09c9e581433d \ --hash=sha256:c45be39f7882c9d34243236f2d63cbd58039e360f85d0913425fbd7ceea617a8 @@ -280,6 +286,12 @@ whitenoise==6.6.0 \ # via # -c /app/requirements.txt # django-layout (pyproject.toml) +wsgi-basic-auth==1.1.0 \ + --hash=sha256:4afe7bafc2c8dae4d4232adca06d3cd49c833565378a3133a53d788cda5c37b3 \ + --hash=sha256:956e61eaca26c5834bbce0097be5d4aaf19a86df3bc873988764ebf0f8422b66 + # via + # -c /app/requirements.txt + # django-layout (pyproject.toml) # WARNING: The following packages were not pinned, but pip requires them to be # pinned when the requirements file includes hashes and the requirement is not diff --git a/requirements.txt b/requirements.txt index 852db75..e2ce7dc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -151,7 +151,15 @@ typing-extensions==4.9.0 \ # via # dj-database-url # pydantic +webob==1.8.7 \ + --hash=sha256:73aae30359291c14fa3b956f8b5ca31960e420c28c1bec002547fb04928cf89b \ + --hash=sha256:b64ef5141be559cfade448f044fa45c2260351edcb6a8ef6b7e00c7dcef0c323 + # via wsgi-basic-auth whitenoise==6.6.0 \ --hash=sha256:8998f7370973447fac1e8ef6e8ded2c5209a7b1f67c1012866dbcd09681c3251 \ --hash=sha256:b1f9db9bf67dc183484d760b99f4080185633136a273a03f6436034a41064146 # via django-layout (pyproject.toml) +wsgi-basic-auth==1.1.0 \ + --hash=sha256:4afe7bafc2c8dae4d4232adca06d3cd49c833565378a3133a53d788cda5c37b3 \ + --hash=sha256:956e61eaca26c5834bbce0097be5d4aaf19a86df3bc873988764ebf0f8422b66 + # via django-layout (pyproject.toml)