First commit

config/asgi.py

@@ -0,0 +1,16 @@
+"""
+ASGI config for config project.
+
+It exposes the ASGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.0/howto/deployment/asgi/
+"""
+
+import os
+
+from django.core.asgi import get_asgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
+
+application = get_asgi_application()

config/settings.py

@@ -0,0 +1,91 @@
+"""
+Paramètres Django pour le projet de démonstration.
+"""
+
+from pathlib import Path
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve().parent.parent
+
+
+# Clé secrète (NE PAS utiliser en production)
+SECRET_KEY = 'django-insecure-@votre-cle-demo-ici'
+
+# Mode Debug (NE PAS utiliser en production)
+DEBUG = True
+
+ALLOWED_HOSTS = []
+
+
+# Définition des applications
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    # Notre application de démo
+    'profiles.apps.ProfilesConfig',
+]
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+]
+
+ROOT_URLCONF = 'config.urls'
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [BASE_DIR / 'templates'], # Dossier central pour les templates
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+            ],
+        },
+    },
+]
+
+WSGI_APPLICATION = 'config.wsgi.application'
+
+
+# Base de données (SQLite par simplicité)
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': BASE_DIR / 'db.sqlite3',
+    }
+}
+
+
+# Validation des mots de passe
+AUTH_PASSWORD_VALIDATORS = [] # Simplifié pour la démo
+
+
+# Internationalisation
+LANGUAGE_CODE = 'fr-fr'
+TIME_ZONE = 'UTC'
+USE_I18N = True
+USE_TZ = True
+
+
+# Fichiers statiques (CSS, JavaScript, Images)
+STATIC_URL = 'static/'
+
+# Type de champ auto pour la clé primaire
+DEFAULT_AUTO_FIELD = 'django.db.models.BigAutoField'
+
+# Redirections après connexion/déconnexion
+LOGIN_REDIRECT_URL = '/'
+LOGOUT_REDIRECT_URL = '/'

config/urls.py

@@ -0,0 +1,22 @@
+"""
+URLs principales du projet
+"""
+from django.contrib import admin
+from django.urls import path, include
+from django.views.generic import TemplateView
+
+urlpatterns = [
+    path('admin/', admin.site.urls),
+
+    # Page d'accueil simple
+    path('', TemplateView.as_view(template_name='home.html'), name='home'),
+
+    # URLs d'authentification (login, logout, etc.)
+    path('accounts/', include('django.contrib.auth.urls')),
+
+    # URLs de notre application 'profiles'
+    path('profile/', include('profiles.urls', namespace='profiles')),
+
+    # Page protégée pour la démonstration OWASP ZAP
+    path('protected/', TemplateView.as_view(template_name='protected.html'), name='protected'),
+]

config/wsgi.py

@@ -0,0 +1,16 @@
+"""
+WSGI config for config project.
+
+It exposes the WSGI callable as a module-level variable named ``application``.
+
+For more information on this file, see
+https://docs.djangoproject.com/en/5.0/howto/deployment/wsgi/
+"""
+
+import os
+
+from django.core.wsgi import get_wsgi_application
+
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'config.settings')
+
+application = get_wsgi_application()