ran isort and moved create managed id up in create_resources.sh

Author: JimacoMS4

azureproject/development.py

@@ -1,6 +1,7 @@
 import os
-from .settings import *
+
 from .get_token import get_token
+from .settings import *
 
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = True
@@ -37,4 +38,4 @@
         'PASSWORD': DBPASS,
     }
 }
-get_token()
+get_token()

azureproject/get_token.py

@@ -1,17 +1,18 @@
 import os
-from azure.identity import DefaultAzureCredential
+
 import django.conf as conf
+from azure.identity import DefaultAzureCredential
 
 # This is for demo purposes. Consider using Django middleware to hook into req/resp processing.
 
 def get_token():
     if 'RUNNING_IN_PRODUCTION' in os.environ or 'USE_REMOTE_POSTGRESQL' in os.environ:   
-        # Azure hosted PostgreSQL server, refresh token that becomes password.
+        # Azure hosted PostgreSQL server, refresh token that is used as the PostgreSQL password.
         # Get token for Azure Database for PostgreSQL
         azure_credential = DefaultAzureCredential()
         token = azure_credential.get_token("https://ossrdbms-aad.database.windows.net/.default")
         conf.settings.DATABASES['default']['PASSWORD'] = token.token
     else:
         # Local PostgreSQL server, read password from environment variable.
         conf.settings.DATABASES['default']['PASSWORD'] = os.environ['DBPASS']
-    return
+    return

azureproject/production.py

@@ -1,6 +1,8 @@
 import os
-from .settings import *
+import secrets
+
 from .get_token import get_token
+from .settings import *
 
 # Configure allowed host names that can be served and trusted origins for Azure Container Apps.
 ALLOWED_HOSTS = ['.azurecontainerapps.io'] if 'RUNNING_IN_PRODUCTION' in os.environ else []
@@ -11,7 +13,7 @@
 # SECURITY WARNING: keep the secret key used in production secret!
 # Use this py command to create secret 
 # python -c 'import secrets; print(secrets.token_hex())'
-SECRET_KEY = os.getenv('AZURE_SECRET_KEY')
+SECRET_KEY = os.getenv('AZURE_SECRET_KEY') or secrets.token_hex()
 
 STATICFILES_STORAGE = 'whitenoise.storage.CompressedStaticFilesStorage'
 
@@ -25,4 +27,4 @@
         'PASSWORD': 'set with get_token()'
     }
 }
-get_token()
+get_token()

azureproject/settings.py

@@ -1,5 +1,5 @@
+import os
 from pathlib import Path
-import os 
 
 # Build paths inside the project like this: BASE_DIR / 'subdir'.
 BASE_DIR = Path(__file__).resolve().parent.parent

create_resources.sh

@@ -63,6 +63,13 @@ az acr build \
 --image $IMAGE_NAME $CODE_LOCATION
 echo "INFO:: Completed building image: $IMAGE_NAME."
 
+# Create a user-assigned managed identity named my-ua-managed-id to access database
+
+az identity create \
+   --name my-ua-managed-id \
+   --resource-group $RESOURCE_GROUP
+echo "INFO:: Created user-assigned managed identity named my-ua-managed-id in resource group: $RESOURCE_GROUP."
+
 # Create PostgreSQL database server.
 
 az postgres flexible-server create \
@@ -94,13 +101,6 @@ az postgres flexible-server db create \
    --database-name restaurants_reviews
 echo "INFO:: Completed creating database restaurants_reviews on PostgreSQL server: $POSTGRESQL_NAME."
 
-# Create a user-assigned managed identity named my-ua-managed-id to access database
-
-az identity create \
-   --name my-ua-managed-id \
-   --resource-group $RESOURCE_GROUP
-echo "INFO:: Created user-assigned managed identity named my-ua-managed-id in resource group: $RESOURCE_GROUP."
-
 # Add user assigned managed identity as role on server (requires rdbms-connect extension for token)
 
 az postgres flexible-server execute \

restaurant_review/views.py

@@ -1,13 +1,14 @@
-import uuid
 import os
+import uuid
+
+from azureproject.get_token import get_token
+from django.contrib import messages
+from django.db.models import Avg, Count
 from django.http import Http404, HttpResponseRedirect
 from django.shortcuts import render
-from django.db.models import Avg, Count
 from django.urls import reverse
 from django.utils import timezone
-from django.contrib import messages
 from requests import RequestException, exceptions
-from azureproject.get_token import get_token
 
 from restaurant_review.models import Restaurant, Review