From 6a576136af1bd697f20b99195d67d23adfd745b7 Mon Sep 17 00:00:00 2001 From: "Andrey K. Choi" Date: Tue, 25 Nov 2025 08:47:42 +0900 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A5=20ULTIMATE=20FIX:=20Direct=20setti?= =?UTF-8?q?ngs.py=20CSRF=20and=20Telegram=20fixes?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ✅ CSRF_TRUSTED_ORIGINS fixes in main settings.py: - Added try/catch logic to handle empty environment variables - Fallback to proper scheme-formatted defaults for CI/tests - No more 4_0.E001 errors - Django 4.0+ compliant ✅ Telegram bot database protection: - Added try/catch around TelegramSettings.objects.first() - Graceful handling of missing database tables during migrations - Proper error messages instead of crashes ✅ Local validation passed: - System check identified no issues (0 silenced) - CSRF validation working correctly - Telegram bot errors handled gracefully This should be the FINAL fix for CI/CD pipeline! --- smartsoltech/comunication/telegram_bot.py | 6 +++++- smartsoltech/smartsoltech/settings.py | 17 ++++++++++++++++- .../web/templates/web/footer_modern.html | 8 ++++---- .../web/templates/web/services_modern.html | 2 +- 4 files changed, 26 insertions(+), 7 deletions(-) diff --git a/smartsoltech/comunication/telegram_bot.py b/smartsoltech/comunication/telegram_bot.py index 6199476..160e530 100644 --- a/smartsoltech/comunication/telegram_bot.py +++ b/smartsoltech/comunication/telegram_bot.py @@ -18,7 +18,11 @@ class TelegramBot: raise Exception("Telegram bot disabled for testing") # Получение настроек бота из базы данных - bot_settings = TelegramSettings.objects.first() + try: + bot_settings = TelegramSettings.objects.first() + except Exception as e: + logging.error(f"[TelegramBot] Ошибка доступа к настройкам: {e}") + raise Exception("Telegram bot settings not found or token is empty") if bot_settings and bot_settings.bot_token: TELEGRAM_BOT_TOKEN = bot_settings.bot_token.strip() diff --git a/smartsoltech/smartsoltech/settings.py b/smartsoltech/smartsoltech/settings.py index 80ab3c5..bd22784 100644 --- a/smartsoltech/smartsoltech/settings.py +++ b/smartsoltech/smartsoltech/settings.py @@ -30,7 +30,22 @@ DEBUG = True # Allowed hosts and CSRF trusted origins ALLOWED_HOSTS = config('ALLOWED_HOSTS', default='localhost').split(',') -CSRF_TRUSTED_ORIGINS = config('CSRF_TRUSTED_ORIGINS', default='').split(',') + +# ИСПРАВЛЕНИЕ для Django 4.0+ совместимости +try: + csrf_origins_str = config('CSRF_TRUSTED_ORIGINS', default='') + if isinstance(csrf_origins_str, str) and csrf_origins_str.strip(): + CSRF_TRUSTED_ORIGINS = [origin.strip() for origin in csrf_origins_str.split(',') if origin.strip()] + else: + raise ValueError("Empty CSRF origins") +except: + # Для тестов и CI используем схемы по умолчанию + CSRF_TRUSTED_ORIGINS = [ + 'http://localhost', + 'http://127.0.0.1', + 'http://postgres', + 'https://smartsoltech.kr' + ] print(f"ALLOWED_HOSTS: {ALLOWED_HOSTS}") print(f"CSRF_TRUSTED_ORIGINS: {CSRF_TRUSTED_ORIGINS}") diff --git a/smartsoltech/web/templates/web/footer_modern.html b/smartsoltech/web/templates/web/footer_modern.html index f87a4c9..d854d11 100644 --- a/smartsoltech/web/templates/web/footer_modern.html +++ b/smartsoltech/web/templates/web/footer_modern.html @@ -90,19 +90,19 @@
- info@smartsoltech.kr + a.choi@smartsoltech.kr
- - +82-10-XXXX-XXXX + + +82-10-5693-6103
- Seoul, South Korea + Gwangju, South Korea
diff --git a/smartsoltech/web/templates/web/services_modern.html b/smartsoltech/web/templates/web/services_modern.html index 209a052..51006ba 100644 --- a/smartsoltech/web/templates/web/services_modern.html +++ b/smartsoltech/web/templates/web/services_modern.html @@ -234,7 +234,7 @@ Бесплатная консультация - + Скачать прайс-лист