From 4bdca1af2bfd61fe85669c6ab7751e63a9aabf09 Mon Sep 17 00:00:00 2001
From: scayac <christophe.scaya@gmail.com>
Date: Fri, 26 Sep 2025 10:01:56 +0200
Subject: [PATCH] externalisation de la conf

---
 conf.env             |  4 ++++
 crossapp/settings.py | 20 +++++++++++++++++---
 requirements.txt     |  1 +
 3 files changed, 22 insertions(+), 3 deletions(-)
 create mode 100644 conf.env

diff --git a/conf.env b/conf.env
new file mode 100644
index 0000000..592d8ea
--- /dev/null
+++ b/conf.env
@@ -0,0 +1,4 @@
+DJANGO_SECRET_KEY=your-secret-key
+DJANGO_DEBUG=True
+DJANGO_ALLOWED_HOSTS=localhost,127.0.0.1,192.168.0.14
+DJANGO_CSRF_TRUSTED_ORIGINS=http://localhost,http://127.0.0.1
diff --git a/crossapp/settings.py b/crossapp/settings.py
index 4b36958..9be6766 100644
--- a/crossapp/settings.py
+++ b/crossapp/settings.py
@@ -10,7 +10,17 @@ For the full list of settings and their values, see
 https://docs.djangoproject.com/en/5.2/ref/settings/
 """
 
+
+
 from pathlib import Path
+import os
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+from dotenv import load_dotenv
+# Load environment variables from conf.env
+load_dotenv(BASE_DIR / 'conf.env')
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 
@@ -21,13 +31,17 @@ STATIC_ROOT = BASE_DIR / 'staticfiles'
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/5.2/howto/deployment/checklist/
 
+
 # SECURITY WARNING: keep the secret key used in production secret!
-SECRET_KEY = 'django-insecure-(norsp!z18z298=sociz_3n57ml+u2$%hmsphkk_udgg*414#*'
+SECRET_KEY = os.getenv('DJANGO_SECRET_KEY', 'django-insecure-(norsp!z18z298=sociz_3n57ml+u2$%hmsphkk_udgg*414#*')
+OPENAI_API_KEY = os.getenv('OPENAI_API_KEY', '')
+
 
 # SECURITY WARNING: don't run with debug turned on in production!
-DEBUG = True
+DEBUG = os.getenv('DJANGO_DEBUG', 'True') == 'True'
 
-ALLOWED_HOSTS = ['localhost', '127.0.0.1', '192.168.0.14']
+ALLOWED_HOSTS = os.getenv('DJANGO_ALLOWED_HOSTS', 'localhost,127.0.0.1').split(',')
+CSRF_TRUSTED_ORIGINS = os.getenv('DJANGO_CSRF_TRUSTED_ORIGINS', 'http://localhost,http://127.0.0.1').split(',')
 
 
 # Application definition
diff --git a/requirements.txt b/requirements.txt
index 6a478fe..1fcecb1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,5 @@
 Django>=5.2.6
+python-dotenv
 channels
 reportlab
 qrcode