# mailman-bundler/mailman_web/settings_local.py (not the real keys/secrets)

# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'django secret'

MAILMAN_ARCHIVER_KEY = 'arch_secret'

ADMINS = (
     ('Mailman Admin', 'mailman@localhost'),
)

# Hosts/domain names that are valid for this site; required if DEBUG is False
# See https://docs.djangoproject.com/en/1.9/ref/settings/#allowed-hosts
#ALLOWED_HOSTS = ['*']
ALLOWED_HOSTS = ['localhost',
                 '127.0.0.1',
                 'lists.mailman3.org',
                 'mail.mailman3.org',
                 'mailman.iad1.psf.io',
                 'mail.falconframework.org',
                 '104.239.228.201',
                ]

# And for BrowserID too, see
# http://django-browserid.rtfd.org/page/user/settings.html#django.conf.settings.BROWSERID_AUDIENCES
BROWSERID_AUDIENCES = [ "http://localhost",
                        "http://localhost:8000",
                        "http://127.0.0.1:8000",
                        "http://lists.mailman3.org",
                        "http://mail.falconframework.org",
                        "https://localhost",
                        "https://localhost:8000",
                        "https://127.0.0.1:8000",
                        "https://lists.mailman3.org",
                        "https://mail.falconframework.org",
                      ]


## Email confirmation / address activation
# Add a from-address for email-confirmation:
# EMAIL_CONFIRMATION_FROM = 'postmaster@example.org'
EMAIL_CONFIRMATION_FROM = 'mailman@mailman3.org'

MAILMAN_ARCHIVER_FROM = ('127.0.0.1',
                         '::1',
                         '::ffff:127.0.0.1',
                         '104.239.228.201',
                        )

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2', # Last part is one of 'postgresql_psycopg2', 'mysql', 'sqlite3' or 'oracle'.
        'NAME': 'mailmanweb',  # Example, change as needed
        'USER': 'mailman',
        'PASSWORD': 'db_passwd',
        'HOST': '127.0.0.1',   # Empty for localhost through domain sockets or '127.0.0.1' for localhost through TCP.
        'PORT': '5432',            # Set to empty string for default.
    }
}

# If you're behind a proxy, use the X-Forwarded-Host header
# See https://docs.djangoproject.com/en/1.8/ref/settings/#use-x-forwarded-host
USE_X_FORWARDED_HOST = True
# And if your proxy does your SSL encoding for you, set SECURE_PROXY_SSL_HEADER
# see https://docs.djangoproject.com/en/1.5/ref/settings/#secure-proxy-ssl-header
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

# Use SSL when logged in. You need to enable the SSLRedirect middleware for
# this feature to work.
USE_SSL = True

TIME_ZONE = 'UTC'

AUTHENTICATION_BACKENDS = (
    #'social.backends.open_id.OpenIdAuth',
    # http://python-social-auth.readthedocs.org/en/latest/backends/google.html
    #'social.backends.google.GoogleOpenId',
    'social.backends.google.GoogleOAuth2',
    # Twitter isn't working ...
    # Rumor has it you can't get email from twitter :(
    #'social.backends.twitter.TwitterOAuth',
    # Yahoo works, but don't encourage Yahoo until we get DMARC mitigations.
    #'social.backends.yahoo.YahooOpenId',
    'social.backends.facebook.FacebookOAuth2',
    'django_browserid.auth.BrowserIDBackend',
    'django.contrib.auth.backends.ModelBackend',
)

SOCIAL_AUTH_TWITTER_KEY = 'twitter key'
SOCIAL_AUTH_TWITTER_SECRET = 'twitter secret'
SOCIAL_AUTH_TWITTER_SCOPE = ['email', 'name']

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = 'google key'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = 'google secret'
SOCIAL_AUTH_GOOGLE_OAUTH2_USE_DEPRECATED_API = True

SOCIAL_AUTH_FACEBOOK_KEY = 'fb key'
SOCIAL_AUTH_FACEBOOK_SECRET = 'fb secret'
SOCIAL_AUTH_FACEBOOK_SCOPE = ['email', 'public_profile']
SOCIAL_AUTH_FACEBOOK_PROFILE_EXTRA_PARAMS = {
    'fields': 'name, email',
}