ATTUNE-HEART-THERAPY/alternative-backend-service
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(config): improve security and add WhiteNoise static file serving #35

Merged
Saani merged 1 commits from feature/meetings into main 2025-11-25 18:15:18 +00:00
Conversation 0 Commits 1 Files Changed 1 +21 -33
Saani commented 2025-11-25 18:15:11 +00:00
Owner
Copy Link

Security Improvements:

  • Fix DEBUG setting to properly parse boolean from environment variable
  • Remove hardcoded SMTP password fallback, rely solely on env var
  • Update Celery to use REDIS_URL environment variable instead of hardcoded localhost

Static File Serving:

  • Add WhiteNoise middleware for production-grade static file serving
  • Configure CompressedManifestStaticFilesStorage for optimized delivery

Configuration Updates:

  • Enable CORS credentials support
  • Remove duplicate CORS_ALLOWED_ORIGINS configuration
  • Update API documentation title from "Blog API" to "Attune Heart Therapy API"
  • Clean up code formatting and remove unnecessary comments

These changes make the application more secure by eliminating hardcoded
credentials and more deployment-ready by properly handling environment
variables and serving static files efficiently in production.

**Security Improvements:** - Fix DEBUG setting to properly parse boolean from environment variable - Remove hardcoded SMTP password fallback, rely solely on env var - Update Celery to use REDIS_URL environment variable instead of hardcoded localhost **Static File Serving:** - Add WhiteNoise middleware for production-grade static file serving - Configure CompressedManifestStaticFilesStorage for optimized delivery **Configuration Updates:** - Enable CORS credentials support - Remove duplicate CORS_ALLOWED_ORIGINS configuration - Update API documentation title from "Blog API" to "Attune Heart Therapy API" - Clean up code formatting and remove unnecessary comments These changes make the application more secure by eliminating hardcoded credentials and more deployment-ready by properly handling environment variables and serving static files efficiently in production.
Saani added 1 commit 2025-11-25 18:15:12 +00:00 
**Security Improvements:**
- Fix DEBUG setting to properly parse boolean from environment variable
- Remove hardcoded SMTP password fallback, rely solely on env var
- Update Celery to use REDIS_URL environment variable instead of hardcoded localhost

**Static File Serving:**
- Add WhiteNoise middleware for production-grade static file serving
- Configure CompressedManifestStaticFilesStorage for optimized delivery

**Configuration Updates:**
- Enable CORS credentials support
- Remove duplicate CORS_ALLOWED_ORIGINS configuration
- Update API documentation title from "Blog API" to "Attune Heart Therapy API"
- Clean up code formatting and remove unnecessary comments

These changes make the application more secure by eliminating hardcoded
credentials and more deployment-ready by properly handling environment
variables and serving static files efficiently in production.
Saani merged commit 8ddf14a276 into main 2025-11-25 18:15:18 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ATTUNE-HEART-THERAPY/alternative-backend-service#35
No description provided.
Delete Branch "feature/meetings"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?