EFC/backend
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feature/implementacion de hub en EFC

Browse Source
This commit is contained in:
marcos
2026-06-08 07:19:01 -06:00
parent a9931d2838
commit e1716d65a7
20 changed files with 3749 additions and 649 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
config/settings.py
View File

@@ -68,9 +68,25 @@ ALLOWED_HOSTS = [
,'192.168.1.79'
]
SITE_URL = os.getenv('SITE_URL')
SITE_URL = os.getenv('SITE_URL')
SERVICE_API_URL = os.getenv('SERVICE_API_URL')
SERVICE_API_URL_V2 = os.getenv('SERVICE_API_URL_V2')
# Hub / SSO
HUB_URL = os.getenv('HUB_URL', 'https://workspace.aduanasoft.com')
HUB_PRODUCT_SLUG = os.getenv('HUB_PRODUCT_SLUG', 'efc')
HUB_TENANT_SLUG = os.getenv('HUB_TENANT_SLUG', '')
HUB_PROVISION_SECRET = os.getenv('HUB_PROVISION_SECRET', '')
HUB_TENANT_ID = int(os.getenv('HUB_TENANT_ID', '1'))
COOKIE_SECURE = os.getenv('COOKIE_SECURE', 'false').lower() in ('1', 'true', 'yes')
# Keycloak admin (para auto-provisión de usuarios en migración)
KC_URL = os.getenv('KC_URL', 'http://hub-keycloak:8080')
KC_REALM = os.getenv('KC_REALM', 'master')
KC_ADMIN_USER = os.getenv('KC_ADMIN_USER', 'admin')
KC_ADMIN_PASSWORD = os.getenv('KC_ADMIN_PASSWORD', 'admin')
KC_EFC_CLIENT_ID = os.getenv('KC_EFC_CLIENT_ID', 'efc-backend')
KC_EFC_CLIENT_SECRET = os.getenv('KC_EFC_CLIENT_SECRET', 'efc-backend-secret-dev')
# Application definition
BASE_APPS = [
'django.contrib.admin',
@@ -174,11 +190,14 @@ CORS_ALLOW_HEADERS = list(default_headers) + [
'access-control-allow-credentials',
]
CORS_EXPOSE_HEADERS = ['Content-Disposition']
# # JWT Authentication settings
REST_FRAMEWORK = {
'DEFAULT_AUTHENTICATION_CLASSES': [
'rest_framework_simplejwt.authentication.JWTAuthentication',
'rest_framework.authentication.TokenAuthentication', # Añade esta línea
'api.cuser.hub_auth.HubAuthBackend', # Hub SSO (local + KC)
'rest_framework_simplejwt.authentication.JWTAuthentication', # legacy
'rest_framework.authentication.TokenAuthentication',
],
'DEFAULT_PERMISSION_CLASSES': [
'rest_framework.permissions.IsAuthenticated',
@@ -223,7 +242,9 @@ REDOC_SETTINGS = {
CSRF_TRUSTED_ORIGINS = [
"https://api.efc-aduanasoft.com",
"http://192.168.1.195",
"http://192.168.1.195:8000"
"http://192.168.1.195:8000",
"http://localhost:5173",
"http://localhost:8000",
]
# URL Configuration
@@ -319,10 +340,10 @@ CELERY_TIMEZONE = 'America/Denver'
ASGI_APPLICATION = 'config.asgi.application'
SIMPLE_JWT = {
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=30), # Tokens de acceso cortos por seguridad
'REFRESH_TOKEN_LIFETIME': timedelta(days=5), # Refresh token de 5 días
'ROTATE_REFRESH_TOKENS': True, # Rotar refresh tokens para mayor seguridad
'BLACKLIST_AFTER_ROTATION': True,
'ACCESS_TOKEN_LIFETIME': timedelta(minutes=59), # 1 hora — reduce frecuencia de refresh
'REFRESH_TOKEN_LIFETIME': timedelta(days=7), # 7 días — sesión larga
'ROTATE_REFRESH_TOKENS': False, # OFF — evita blacklist en múltiples tabs
'BLACKLIST_AFTER_ROTATION': False, # OFF — sin blacklist, múltiples tabs coexisten
'AUTH_HEADER_TYPES': ('Bearer',),
}