1
0
mirror of https://gitlab.crans.org/bde/nk20 synced 2024-12-27 09:52:22 +00:00
Commit Graph

121 Commits

Author SHA1 Message Date
Alexandre Iooss
df5f9b5f1e Harden Django project configuration
Set session and CSRF cookies as secure for production.
Set HSTS header to let browser remember HTTPS for 1 year.
2022-03-09 12:12:56 +01:00
45a10dad00
Refresh token expire between 14 days
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-12-23 22:00:08 +01:00
18a1282773
Implement optional scopes : clients can request scopes, but they are not guaranteed to get them
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-12-23 21:59:37 +01:00
dd639d829e
Implement OAuth2 scopes based on permissions
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-09-02 20:58:04 +02:00
d5ecb72a71
Update copyright for 2021
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-06-14 21:45:56 +02:00
76d1784aea
Add OAuth2 authentication for Django Rest Framework
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 09:44:25 +01:00
b5ef937a03
Environment file path is absolute
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-09 09:39:57 +01:00
e95a8b6e18
Add normalized name to services
Signed-off-by: Yohann D'ANELLO <ynerant@crans.org>
2021-03-03 18:42:51 +01:00
8d71783c42 Merge branch 'docs' into 'beta'
Docs

See merge request bde/nk20!145
2021-01-19 12:01:45 +01:00
Yohann D'ANELLO
d9c97628e2
Add Clacks Overhead header on each response. Closes #84
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-31 15:40:18 +01:00
Yohann D'ANELLO
e60994e065
API Documentation
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 21:06:30 +01:00
Yohann D'ANELLO
016ab5a9c9
Remove dead code, don't try to cover unnecessary things
Signed-off-by: Yohann D'ANELLO <yohann.danello@gmail.com>
2020-12-23 18:45:05 +01:00
Yohann D'ANELLO
d773303d18 Add possibility to authenticate an account with its IP address 2020-10-19 23:44:56 +02:00
Yohann D'ANELLO
65a2e8c08c Better index page: non-Kfet members will be redirected to their profile page, the account note (when it will be managed) will see the consumption page 2020-10-07 11:29:52 +02:00
Alexandre Iooss
3d733ed6af
Use memcached cache 2020-09-21 15:13:43 +02:00
Alexandre Iooss
4f188ca3e5 Admin is autodiscovering partially 2020-09-21 12:34:34 +02:00
Alexandre Iooss
72bac75fbd Add Django OAuth toolkit admin 2020-09-21 12:15:40 +02:00
Alexandre Iooss
8052152ea5
Add OAuth2 endpoints 2020-09-21 11:03:07 +02:00
Alexandre Iooss
70448db8e5
Remove Django CAS server and add oauth toolkit 2020-09-21 10:31:42 +02:00
Alexandre Iooss
36a980555b Revert "Make the nk20 usable for pirates"
This reverts commit 0f53ac45f7.
2020-09-13 20:42:44 +02:00
Alexandre Iooss
826cd4d87f Revert "Use underscore in locales"
This reverts commit 2270a0aa82.
2020-09-13 20:42:34 +02:00
Alexandre Iooss
2270a0aa82 Use underscore in locales 2020-09-13 20:10:26 +02:00
Alexandre Iooss
0f53ac45f7
Make the nk20 usable for pirates 2020-09-13 20:05:06 +02:00
Alexandre Iooss
2a2ecb2acc Activate es locale 2020-09-12 09:17:15 +02:00
Alexandre Iooss
b4ef4b8089 Use local javascript and css libs 2020-09-01 14:28:11 +02:00
Yohann D'ANELLO
bb2704323a Spam click on invalidity button is no longer possible 2020-08-13 17:04:10 +02:00
Yohann D'ANELLO
3a52af33a2 🍻 Make coffee, closes #54 2020-08-10 15:36:41 +02:00
Alexandre Iooss
d73f7c31a1 Define BASE_DIR in development.py 2020-08-09 19:36:11 +02:00
Alexandre Iooss
7b40ee1ca4 Reorder templates 2020-08-09 19:06:57 +02:00
Alexandre Iooss
53b496546d Add django-bootstrap-datepicker-plus and django-colorfield, move statics 2020-08-09 18:54:20 +02:00
Alexandre Iooss
8c1cf754ed Revert to NOTE_URL 2020-08-09 18:39:17 +02:00
Alexandre Iooss
efe833cec3 Merge production settings in base settings 2020-08-09 18:34:51 +02:00
Alexandre Iooss
ccfc37d226 Reorder base Django settings and read env vars 2020-08-09 17:52:19 +02:00
Yohann D'ANELLO
acf7ecc4ae Use phone number validator 2020-08-05 14:14:51 +02:00
Yohann D'ANELLO
ba067f050e Mails to be sent are added in a queue thanks to Django Mailer (todo: configure cron) 2020-08-03 20:09:16 +02:00
Yohann D'ANELLO
fb775de923 Add backdoor to login as other users (in debug mode only) 2020-07-30 12:50:48 +02:00
Yohann D'ANELLO
76a6260b18 SMTP user and password are None by default, add From Email tag 2020-07-28 18:59:34 +02:00
Yohann D'ANELLO
0b6cb4ef19 Production is not debug 2020-07-25 19:14:27 +02:00
Yohann D'ANELLO
2eb601bd66 💥 Improve performances 2020-07-25 17:25:57 +02:00
Yohann D'ANELLO
f7b68678d8 Prepare production, we will send mails 2020-05-08 15:59:31 +02:00
Yohann D'ANELLO
957344922b Custom error pages 2020-04-25 19:29:18 +02:00
Yohann D'ANELLO
e42680997f Translate all fields, remove old CAS client configuration, remove packaged templates in source 2020-04-25 15:54:29 +02:00
Yohann D'ANELLO
69ac5cd291 Revert changes on some comments 2020-04-19 20:45:59 +02:00
Yohann D'ANELLO
8113c5cd61 WEI Survey (work in progress) 2020-04-19 20:35:49 +02:00
Yohann D'ANELLO
154ea64b9f Launching WEI app, add models 2020-04-11 03:37:06 +02:00
Yohann D'ANELLO
49807d33d9 Use a separate app for registration 2020-04-05 05:17:28 +02:00
Yohann D'ANELLO
f09364d3d8 Custom auto-complete fields, remove DAL requirement 2020-03-27 16:19:33 +01:00
Yohann D'ANELLO
f81e2b5b5b Use custom inputs for date picker and amounts 2020-03-27 13:50:02 +01:00
ynerant
57a01c48a8 Merge branch 'master' into 'tresorerie'
# Conflicts:
#   apps/note/fixtures/initial.json
#   templates/base.html
2020-03-25 00:30:14 +01:00
Pierre-antoine Comby
da63bd75f1 this is not the place for cas config 2020-03-22 22:22:51 +01:00