configuration debug

5 months ago · 9340eb319c
4 changed files with 37 additions and 9 deletions
--- a/apps/account/views/user.py
+++ b/apps/account/views/user.py
@ -113,6 +113,9 @@ class UserGuestView(CreateAPIView):
        return obj


+import hashlib
+from rest_framework.authtoken.models import Token
+
 class WebUserGuestView(CreateAPIView):
    permission_classes = [AllowAny]
    serializer_class = WebUserGuestSerializer
@ -134,7 +137,8 @@ class WebUserGuestView(CreateAPIView):

    @staticmethod
    def generate_login_token(user):
-        token, created = Token.objects.update_or_create(user=user)
+        # ✅ FIX 2: Prevent token rotation on every login
+        token, created = Token.objects.get_or_create(user=user)
        return token.key

    def get_client_ip(self):
@ -152,13 +156,13 @@ class WebUserGuestView(CreateAPIView):
        return self.request.META.get('HTTP_USER_AGENT', '')

    def create(self, request, *args, **kwargs):
-        # Override to pass data to serializer
        data = request.data.copy()
        client_ip = self.get_client_ip()
        user_agent = self.get_user_agent()

-        # Create unique device_id for web user
-        web_user_id = f"{client_ip}_{hash(user_agent) % 1000000}"
+        # ✅ FIX 1: Stable Hash (MD5) instead of random hash()
+        ua_hash = hashlib.md5(user_agent.encode('utf-8')).hexdigest()[:8]
+        web_user_id = f"{client_ip}_{ua_hash}"

        data.update({
            'device_id': web_user_id,
--- a/apps/hadis/urls.py
+++ b/apps/hadis/urls.py
@ -1,5 +1,5 @@
 from django.urls import path
-from .views.category import HadisCategorySectListView, HadisCategoryTreeView, CategoriesView, CategoriesBySectView, HadisCategorySelectBySectView, HadisCategorySelectBySectSourceView , HadisCategoryTreeNormalView ,test_deploy
+from .views.category import HadisCategorySectListView, HadisCategoryTreeView, CategoriesView, CategoriesBySectView, HadisCategorySelectBySectView, HadisCategorySelectBySectSourceView , HadisCategoryTreeNormalView ,test_deploy,debug_headers
 from .views.hadis import HadisCollectionListView, HadisListView, HadisBasicView, HadisDetailView, HadisSyncView, HadisTransmittersView, HadisCorrectionsView,HadisMainListView, HadisFiltersView
 from .views.transmitter import TransmitterView ,TransmitterDetailView, TransmitterSyncView,TransmitterOpinionView, TransmitterOriginalTextView, TransmitterFiltersView
 from .views.reference import BookDetailView, BookReferencesView, BookReferenceSyncView, BookAttributeView
@ -53,6 +53,7 @@ urlpatterns = [
    path('<str:hadis_slug>/corrections/', cached_view(HadisCorrectionsView.as_view()), name='hadis-corrections'),
    path('<str:hadis_slug>/', cached_view(HadisBasicView.as_view()), name='hadis-basic'),  # ← Least specific LAST

-    path('test-deploy',test_deploy , name='test')
+    path('test-deploy',test_deploy , name='test'),
+    path('debug-headers',debug_headers , name='headers'),

 ]
--- a/apps/hadis/views/category.py
+++ b/apps/hadis/views/category.py
@ -321,4 +321,27 @@ def test_deploy(request):
    return Response({
        "received_headers": headers,
        "active_auth_settings": auth_settings
-    })
+    })
+
+from django.http import JsonResponse
+from django.conf import settings
+def debug_headers(request):
+    # # Security: strictly limitation to prevent leaking sensitive info to public
+    # # Only allow if a specific secret key is passed in the URL
+    # if request.GET.get('secret_debug_key') != 'super_secret_123':
+    #     return JsonResponse({'error': 'Unauthorized'}, status=403)
+
+    # Return all HTTP headers Django received from Nginx
+    headers = {
+        k: v for k, v in request.META.items() 
+        if k.startswith('HTTP_') or k in ['CONTENT_TYPE', 'CONTENT_LENGTH']
+    }
+    
+    # Also return the scheme Django thinks it is using
+    scheme_debug = {
+        'scheme': request.scheme,
+        'is_secure': request.is_secure(),
+        'SECURE_PROXY_SSL_HEADER_SETTING': getattr(settings, 'SECURE_PROXY_SSL_HEADER', None),
+    }
+    
+    return JsonResponse({'headers': headers, 'debug': scheme_debug})
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@ -53,7 +53,7 @@ services:
    env_file: .env.prod
    command: celery -A config worker -l info
    volumes:
-      - .:/usr/src/app/
+      # - .:/usr/src/app/
      - staticfiles_volume:/usr/src/app/staticfiles
      - media_volume:/usr/src/app/media
      - logs_volume:/usr/src/app/logs
@ -72,7 +72,7 @@ services:
    env_file: .env.prod
    command: celery -A config beat -l info
    volumes:
-      - .:/usr/src/app/
+      # - .:/usr/src/app/
      - logs_volume:/usr/src/app/logs
    depends_on:
      - imam-javad_redis