`onconova.settings`

Django settings module for the Onconova server application.

This module configures environment variables, security, authentication, database, logging, and other core settings for the Onconova Django project.

`ACCOUNT_EMAIL_VERIFICATION` `module-attribute` ¶

Disable Allauth's email verification

`ACCOUNT_LOGIN_BY_CODE_ENABLED` `module-attribute` ¶

Do not allow login by code using Allauth

`ACCOUNT_LOGIN_METHODS` `module-attribute` ¶

Allow both login by using the email or username as identifier.

`ALLOWED_HOSTS` `module-attribute` ¶

List of allowed hosts for the Onconova server

`ANONYMIZATION_SECRET_KEY` `module-attribute` ¶

Data anonymization secret key

`AUTHENTICATION_BACKENDS` `module-attribute` ¶

List of installed authentication backends

`AUTH_PASSWORD_VALIDATORS` `module-attribute` ¶

List password validators

`AUTH_USER_MODEL` `module-attribute` ¶

Assign the Onconova User as default user model

`BASE_DIR` `module-attribute` ¶

Project base directory path

`CORS_ALLOWED_ORIGINS` `module-attribute` ¶

Controls which web origins (domains) are allowed to make cross-origin AJAX requests to your Django API.

`CORS_ALLOW_CREDENTIALS` `module-attribute` ¶

Flag indicating that credentials are allowed with CORS requests

`CORS_ALLOW_HEADERS` `module-attribute` ¶

List of allowed headers in CORS requests (required for authentication)

`CORS_ALLOW_METHODS` `module-attribute` ¶

List of allowed HTTP methods for CORS requests

`CORS_ORIGIN_ALLOW_ALL` `module-attribute` ¶

Flag indicating that all origins are not allowed for CORS requests

`DATABASES` `module-attribute` ¶

Onconova database connection configuration

`DEBUG` `module-attribute` ¶

Flag indicating whether the application is in development mode

`DEFAULT_AUTO_FIELD` `module-attribute` ¶

Use integers as primary keys for history model tables

`HEADLESS_CLIENTS` `module-attribute` ¶

Only allow Allauth's headless app-mode.

`HEADLESS_ONLY` `module-attribute` ¶

Only enable the Allauth headless API mode

`HEADLESS_SERVE_SPECIFICATION` `module-attribute` ¶

Provide an URL endpoint to serve the internal Allauth OpenAPI specification

`HEADLESS_SPECIFICATION_TEMPLATE_NAME` `module-attribute` ¶

Configuration for Django AllAuth social authentication providers

`INSTALLED_APPS` `module-attribute` ¶

List of installed Django, 3rd-party, and local apps

`LANGUAGE_CODE` `module-attribute` ¶

`LOGGING` `module-attribute` ¶

`MEDIA_ROOT` `module-attribute` ¶

`MEDIA_URL` `module-attribute` ¶

`MIDDLEWARE` `module-attribute` ¶

List of installed middlewares.

`NINJA_DEFAULT_THROTTLE_RATES` `module-attribute` ¶

Default throttle rates for the Django-Ninja API framework

`NINJA_EXTRA` `module-attribute` ¶

Adds a custom ordering class for the Django-Ninja API framework

`NINJA_PAGINATION_MAX_LIMIT` `module-attribute` ¶

Sets the maximal number of items per page for pagination in the Django-Ninja API framework

`NINJA_PAGINATION_PER_PAGE` `module-attribute` ¶

Sets the default number of items per page for pagination in the Django-Ninja API framework

`ONCONOVA_CLIENT_ADDRESS` `module-attribute` ¶

Onconova client address

`ONCONOVA_REVERSE_PROXY_ADDRESS` `module-attribute` ¶

Reverse proxy address for the Onconova server

`ONCONOVA_SERVER_ADDRESS` `module-attribute` ¶

Onconova server address

`PGHISTORY_CONTEXT_FIELD` `module-attribute` ¶

Context information for the trigger-based history tracking

`PGHISTORY_DEFAULT_TRACKERS` `module-attribute` ¶

List of default pghistory event trackers

`PGHISTORY_FIELD` `module-attribute` ¶

Make history model fields nullable by default

`PGHISTORY_OBJ_FIELD` `module-attribute` ¶

Make pghistory foreign key fields indexed by default

`ROOT_URLCONF` `module-attribute` ¶

Module path for the URL configuration

`SECRET_KEY` `module-attribute` ¶

Django secret key for cryptographic signing

`SECURE_HSTS_INCLUDE_SUBDOMAINS` `module-attribute` ¶

Ensures that all subdomains, not just top-level domains, can only be accessed over a secure connection

`SECURE_HSTS_PRELOAD` `module-attribute` ¶

Indicates that the domain owner consents to preloading

`SECURE_HSTS_SECONDS` `module-attribute` ¶

Enable HSTS for that exact domain or subdomain, and to remember it for the given number of seconds

`SECURE_PROXY_SSL_HEADER` `module-attribute` ¶

Trust the X-Forwarded-Proto header that comes from the Nginx reverse-proxy and that the request is guaranteed to be secure

`SECURE_SSL_REDIRECT` `module-attribute` ¶

Flag indicating that all non-HTTPS requests should be redirected to HTTPS

`SESSION_COOKIE_SECURE` `module-attribute` ¶

Flag indicating that cookies will only be sent over an HTTPS connection

`SITE_ID` `module-attribute` ¶

`SOCIALACCOUNT_PROVIDERS` `module-attribute` ¶

Configuration for Django AllAuth social authentication providers

`STATIC_ROOT` `module-attribute` ¶

`STATIC_URL` `module-attribute` ¶

`TEMPLATES` `module-attribute` ¶

`TIME_ZONE` `module-attribute` ¶

`USERSESSIONS_TRACK_ACTIVITY` `module-attribute` ¶

Track user sessions for audit trail purposes

`USE_I18N` `module-attribute` ¶

`USE_TZ` `module-attribute` ¶

`VERSION` `module-attribute` ¶

Version of the Onconova project, set automatically based on package version.

`WSGI_APPLICATION` `module-attribute` ¶

Use the WSGI application as entry-point

`secure_url(address)` ¶

Source code in onconova/settings.py

def secure_url(address: str):
    return f"https://{address}"

2025-10-172025-10-17runner

onconova.settings

ACCOUNT_EMAIL_VERIFICATION module-attribute ¶

ACCOUNT_LOGIN_BY_CODE_ENABLED module-attribute ¶

ACCOUNT_LOGIN_METHODS module-attribute ¶

ALLOWED_HOSTS module-attribute ¶

ANONYMIZATION_SECRET_KEY module-attribute ¶

AUTHENTICATION_BACKENDS module-attribute ¶

AUTH_PASSWORD_VALIDATORS module-attribute ¶

AUTH_USER_MODEL module-attribute ¶

BASE_DIR module-attribute ¶

CORS_ALLOWED_ORIGINS module-attribute ¶

CORS_ALLOW_CREDENTIALS module-attribute ¶

CORS_ALLOW_HEADERS module-attribute ¶

CORS_ALLOW_METHODS module-attribute ¶

CORS_ORIGIN_ALLOW_ALL module-attribute ¶

DATABASES module-attribute ¶

DEBUG module-attribute ¶

DEFAULT_AUTO_FIELD module-attribute ¶

HEADLESS_CLIENTS module-attribute ¶

HEADLESS_ONLY module-attribute ¶

HEADLESS_SERVE_SPECIFICATION module-attribute ¶

HEADLESS_SPECIFICATION_TEMPLATE_NAME module-attribute ¶

INSTALLED_APPS module-attribute ¶

LANGUAGE_CODE module-attribute ¶

LOGGING module-attribute ¶

MEDIA_ROOT module-attribute ¶

MEDIA_URL module-attribute ¶

MIDDLEWARE module-attribute ¶

NINJA_DEFAULT_THROTTLE_RATES module-attribute ¶

NINJA_EXTRA module-attribute ¶

NINJA_PAGINATION_MAX_LIMIT module-attribute ¶

NINJA_PAGINATION_PER_PAGE module-attribute ¶

ONCONOVA_CLIENT_ADDRESS module-attribute ¶

ONCONOVA_REVERSE_PROXY_ADDRESS module-attribute ¶

ONCONOVA_SERVER_ADDRESS module-attribute ¶

PGHISTORY_CONTEXT_FIELD module-attribute ¶

PGHISTORY_DEFAULT_TRACKERS module-attribute ¶

PGHISTORY_FIELD module-attribute ¶

PGHISTORY_OBJ_FIELD module-attribute ¶

ROOT_URLCONF module-attribute ¶

SECRET_KEY module-attribute ¶

SECURE_HSTS_INCLUDE_SUBDOMAINS module-attribute ¶

SECURE_HSTS_PRELOAD module-attribute ¶

SECURE_HSTS_SECONDS module-attribute ¶

SECURE_PROXY_SSL_HEADER module-attribute ¶

SECURE_SSL_REDIRECT module-attribute ¶

SESSION_COOKIE_SECURE module-attribute ¶

SITE_ID module-attribute ¶

SOCIALACCOUNT_PROVIDERS module-attribute ¶

STATIC_ROOT module-attribute ¶

STATIC_URL module-attribute ¶

TEMPLATES module-attribute ¶

TIME_ZONE module-attribute ¶

USERSESSIONS_TRACK_ACTIVITY module-attribute ¶

USE_I18N module-attribute ¶

USE_TZ module-attribute ¶

VERSION module-attribute ¶

WSGI_APPLICATION module-attribute ¶

secure_url(address) ¶