Mathis/allianceauth
1
0
Fork 0
mirror of https://gitlab.com/allianceauth/allianceauth.git synced 2025-07-09 20:40:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'csrf-trusted-origins' into 'master'

Browse Source 
Add `CSRF_TRUSTED_ORIGINS` to `local.py`

See merge request allianceauth/allianceauth!1446
This commit is contained in:
Ariel Rin 2022-08-01 08:59:15 +00:00
commit cc88a02001
2 changed files with 14 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
allianceauth/project_template/project_name/settings/local.py
View File

@ -13,6 +13,12 @@ STATIC_ROOT = "/var/www/{{ project_name }}/static/"
# in page titles and the site header. # in page titles and the site header.
SITE_NAME = '{{ project_name }}' SITE_NAME = '{{ project_name }}'
# This is your websites URL, set it accordingly
SITE_URL = "https://example.com"
# Django security
CSRF_TRUSTED_ORIGINS = [SITE_URL]
# Change this to enable/disable debug mode, which displays # Change this to enable/disable debug mode, which displays
# useful error messages but can leak sensitive data. # useful error messages but can leak sensitive data.
DEBUG = False DEBUG = False
@ -39,15 +45,16 @@ DATABASES['default'] = {
# Register an application at https://developers.eveonline.com for Authentication # Register an application at https://developers.eveonline.com for Authentication
# & API Access and fill out these settings. Be sure to set the callback URL # & API Access and fill out these settings. Be sure to set the callback URL
# to https://example.com/sso/callback substituting your domain for example.com # to https://example.com/sso/callback substituting your domain for example.com in
# CCP's developer portal
# Logging in to auth requires the publicData scope (can be overridden through the # Logging in to auth requires the publicData scope (can be overridden through the
# LOGIN_TOKEN_SCOPES setting). Other apps may require more (see their docs). # LOGIN_TOKEN_SCOPES setting). Other apps may require more (see their docs).
ESI_SSO_CLIENT_ID = '' ESI_SSO_CLIENT_ID = ''
ESI_SSO_CLIENT_SECRET = '' ESI_SSO_CLIENT_SECRET = ''
ESI_SSO_CALLBACK_URL = '' ESI_SSO_CALLBACK_URL = f"{SITE_URL}/sso/callback"
ESI_USER_CONTACT_EMAIL = '' # A server maintainer that CCP can contact in case of issues. ESI_USER_CONTACT_EMAIL = '' # A server maintainer that CCP can contact in case of issues.
# By default emails are validated before new users can log in. # By default, emails are validated before new users can log in.
# It's recommended to use a free service like SparkPost or Elastic Email to send email. # It's recommended to use a free service like SparkPost or Elastic Email to send email.
# https://www.sparkpost.com/docs/integrations/django/ # https://www.sparkpost.com/docs/integrations/django/
# https://elasticemail.com/resources/settings/smtp-api/ # https://elasticemail.com/resources/settings/smtp-api/

5
docs/features/services/discord.md
View File

@ -17,8 +17,11 @@ Make the following changes in your auth project's settings file (`local.py`):
```python ```python
# Discord Configuration # Discord Configuration
# Be sure to set the callback URLto https://example.com/discord/callback/
# substituting your domain for example.com in Discord's developer portal
# (Be sure to add the trailing slash)
DISCORD_GUILD_ID = '' DISCORD_GUILD_ID = ''
DISCORD_CALLBACK_URL = '' DISCORD_CALLBACK_URL = f"{SITE_URL}/discord/callback/"
DISCORD_APP_ID = '' DISCORD_APP_ID = ''
DISCORD_APP_SECRET = '' DISCORD_APP_SECRET = ''
DISCORD_BOT_TOKEN = '' DISCORD_BOT_TOKEN = ''