36 lines
1.1 KiB
Python
36 lines
1.1 KiB
Python
|
"""
|
|||
|
|
生产环境配置
|
|||
|
|
"""
|
|||
|
|
from .base import Config
|
|||
|
|
|
|||
|
|
class ProductionConfig(Config):
|
|||
|
|
"""
|
|||
|
|
生产环境配置
|
|||
|
|
关闭调试模式,使用生产数据库
|
|||
|
|
"""
|
|||
|
|
DEBUG = False
|
|||
|
|
TESTING = False
|
|||
|
|
|
|||
|
|
# 生产环境必须使用生产数据库
|
|||
|
|
# 从环境变量获取,如果没有设置会抛出错误
|
|||
|
|
SQLALCHEMY_DATABASE_URI = Config.SQLALCHEMY_DATABASE_URI
|
|||
|
|
if not SQLALCHEMY_DATABASE_URI or SQLALCHEMY_DATABASE_URI.startswith('sqlite'):
|
|||
|
|
raise ValueError("生产环境必须配置非SQLite数据库")
|
|||
|
|
|
|||
|
|
# 生产环境日志级别
|
|||
|
|
LOG_LEVEL = 'INFO'
|
|||
|
|
|
|||
|
|
# 生产环境限制跨域来源
|
|||
|
|
# 应该从环境变量获取,格式: https://yourdomain.com,https://www.yourdomain.com
|
|||
|
|
CORS_ORIGINS = Config.CORS_ORIGINS
|
|||
|
|
if CORS_ORIGINS == ['*']:
|
|||
|
|
import warnings
|
|||
|
|
warnings.warn("生产环境CORS_ORIGINS设置为'*'存在安全风险,请配置具体域名")
|
|||
|
|
|
|||
|
|
# 生产环境安全配置
|
|||
|
|
WTF_CSRF_ENABLED = True
|
|||
|
|
SESSION_COOKIE_SECURE = True # 仅HTTPS传输
|
|||
|
|
SESSION_COOKIE_HTTPONLY = True # 防止XSS
|
|||
|
|
SESSION_COOKIE_SAMESITE = 'Lax' # CSRF保护
|
|||
|
|
|