Commit Graph

93 Commits

Author SHA1 Message Date
Alexandre Iooss df5f9b5f1e Harden Django project configuration
Set session and CSRF cookies as secure for production.
Set HSTS header to let browser remember HTTPS for 1 year.
2022-03-09 12:12:56 +01:00
Yohann D'ANELLO 45a10dad00
Refresh token expire between 14 days
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-12-23 22:00:08 +01:00
Yohann D'ANELLO 18a1282773
Implement optional scopes : clients can request scopes, but they are not guaranteed to get them
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-12-23 21:59:37 +01:00
Yohann D'ANELLO dd639d829e
Implement OAuth2 scopes based on permissions
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-09-02 20:58:04 +02:00
Yohann D'ANELLO d5ecb72a71
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-06-14 21:45:56 +02:00
Yohann D'ANELLO 76d1784aea
Add OAuth2 authentication for Django Rest Framework
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 09:44:25 +01:00
Yohann D'ANELLO e95a8b6e18
Add normalized name to services
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-03 18:42:51 +01:00
ynerant 8d71783c42 Merge branch 'docs' into 'beta'
Docs

See merge request bde/nk20!145
2021-01-19 12:01:45 +01:00
Yohann D'ANELLO d9c97628e2
Add Clacks Overhead header on each response. Closes #84
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-31 15:40:18 +01:00
Yohann D'ANELLO e60994e065
API Documentation
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 21:06:30 +01:00
Yohann D'ANELLO d773303d18 Add possibility to authenticate an account with its IP address 2020-10-19 23:44:56 +02:00
Yohann D'ANELLO 65a2e8c08c Better index page: non-Kfet members will be redirected to their profile page, the account note (when it will be managed) will see the consumption page 2020-10-07 11:29:52 +02:00
Alexandre Iooss 3d733ed6af
Use memcached cache 2020-09-21 15:13:43 +02:00
Alexandre Iooss 4f188ca3e5 Admin is autodiscovering partially 2020-09-21 12:34:34 +02:00
Alexandre Iooss 72bac75fbd Add Django OAuth toolkit admin 2020-09-21 12:15:40 +02:00
Alexandre Iooss 8052152ea5
Add OAuth2 endpoints 2020-09-21 11:03:07 +02:00
Alexandre Iooss 36a980555b Revert "Make the nk20 usable for pirates"
This reverts commit 0f53ac45f7.
2020-09-13 20:42:44 +02:00
Alexandre Iooss 826cd4d87f Revert "Use underscore in locales"
This reverts commit 2270a0aa82.
2020-09-13 20:42:34 +02:00
Alexandre Iooss 2270a0aa82 Use underscore in locales 2020-09-13 20:10:26 +02:00
Alexandre Iooss 0f53ac45f7
Make the nk20 usable for pirates 2020-09-13 20:05:06 +02:00
Alexandre Iooss 2a2ecb2acc Activate es locale 2020-09-12 09:17:15 +02:00
Alexandre Iooss b4ef4b8089 Use local javascript and css libs 2020-09-01 14:28:11 +02:00
Yohann D'ANELLO bb2704323a Spam click on invalidity button is no longer possible 2020-08-13 17:04:10 +02:00
Yohann D'ANELLO 3a52af33a2 🍻 Make coffee, closes #54 2020-08-10 15:36:41 +02:00
Alexandre Iooss 7b40ee1ca4 Reorder templates 2020-08-09 19:06:57 +02:00
Alexandre Iooss 53b496546d Add django-bootstrap-datepicker-plus and django-colorfield, move statics 2020-08-09 18:54:20 +02:00
Alexandre Iooss 8c1cf754ed Revert to NOTE_URL 2020-08-09 18:39:17 +02:00
Alexandre Iooss efe833cec3 Merge production settings in base settings 2020-08-09 18:34:51 +02:00
Alexandre Iooss ccfc37d226 Reorder base Django settings and read env vars 2020-08-09 17:52:19 +02:00
Yohann D'ANELLO acf7ecc4ae Use phone number validator 2020-08-05 14:14:51 +02:00
Yohann D'ANELLO ba067f050e Mails to be sent are added in a queue thanks to Django Mailer (todo: configure cron) 2020-08-03 20:09:16 +02:00
Yohann D'ANELLO 2eb601bd66 💥 Improve performances 2020-07-25 17:25:57 +02:00
Yohann D'ANELLO 69ac5cd291 Revert changes on some comments 2020-04-19 20:45:59 +02:00
Yohann D'ANELLO 8113c5cd61 WEI Survey (work in progress) 2020-04-19 20:35:49 +02:00
Yohann D'ANELLO 154ea64b9f Launching WEI app, add models 2020-04-11 03:37:06 +02:00
Yohann D'ANELLO 49807d33d9 Use a separate app for registration 2020-04-05 05:17:28 +02:00
Yohann D'ANELLO f09364d3d8 Custom auto-complete fields, remove DAL requirement 2020-03-27 16:19:33 +01:00
Yohann D'ANELLO f81e2b5b5b Use custom inputs for date picker and amounts 2020-03-27 13:50:02 +01:00
ynerant 57a01c48a8 Merge branch 'master' into 'tresorerie'
# Conflicts:
#   apps/note/fixtures/initial.json
#   templates/base.html
2020-03-25 00:30:14 +01:00
Pierre-antoine Comby da63bd75f1 this is not the place for cas config 2020-03-22 22:22:51 +01:00
Yohann D'ANELLO 18f6daf2ac Merge remote-tracking branch 'origin/master' into tresorerie
# Conflicts:
#	locale/de/LC_MESSAGES/django.po
#	locale/fr/LC_MESSAGES/django.po
#	note_kfet/settings/base.py
#	templates/base.html
2020-03-22 01:04:03 +01:00
Pierre-antoine Comby 6445acedc7 Merge branch 'master' into rights 2020-03-22 00:00:18 +01:00
Yohann D'ANELLO 71346476df Starting treasury app 2020-03-21 00:30:49 +01:00
Pierre-antoine Comby fa5334a741 use the OPTIONALS_APPS from secrets.py 2020-03-20 20:40:26 +01:00
Yohann D'ANELLO 24ea4c0a52 Comment code 2020-03-20 15:58:14 +01:00
Yohann D'ANELLO 091c427707 Restructurate code 2020-03-20 14:43:35 +01:00
Yohann D'ANELLO 7794210cc8 Being superuser is not enough (must have the correct mask), add some initial fixtures 2020-03-19 18:53:06 +01:00
Yohann D'ANELLO 057f42fdb6 Handle permissions (and it seems working!) 2020-03-18 14:42:35 +01:00
Yohann D'ANELLO 112d4b6c5a Merge branch 'consos' into rights
# Conflicts:
#	apps/logs/signals.py
#	note_kfet/settings/base.py
2020-03-17 21:11:14 +01:00
Yohann D'ANELLO 417cd5da04 Improve REST API with filters 2020-03-11 11:15:03 +01:00