Version bump to 1.15.0

Change default database usernames
Makes the source of SQL error messages more clear
2026-02-04 14:16:21 +01:00 · 2017-02-23 12:54:18 +10:00 · 2017-02-23 11:08:16 +10:00 · 2017-02-21 17:10:00 +10:00 · 2017-02-20 23:24:19 -05:00 · 2017-02-20 23:22:01 -05:00
411 changed files with 18781 additions and 23225 deletions
--- a/.coveragerc
+++ b/.coveragerc
@@ -0,0 +1,32 @@
+[run]
+branch = True
+source =
+    alliance_auth
+    authentication
+    corputils
+    eveonline
+    fleetactivitytracking
+    fleetup
+    groupmanagement
+    hrapplications
+    notifications
+    optimer
+    permissions_tool
+    services
+    srp
+    timerboard
+
+omit =
+    */migrations/*
+    */example/*
+
+[report]
+exclude_lines =
+    if self.debug:
+    pragma: no cover
+    raise NotImplementedError
+    if __name__ == .__main__.:
+    def __repr__
+    raise AssertionError
+
+ignore_errors = True
--- a/.travis.yml
+++ b/.travis.yml
@@ -0,0 +1,14 @@
+language: python
+python:
+  - "2.7"
+  - "3.5"
+# command to install dependencies
+install:
+  - pip install requests
+  - pip install -r requirements.txt
+  - pip install -r testing-requirements.txt
+# command to run tests
+script: coverage run runtests.py
+cache: pip
+after_success:
+  coveralls
--- a/README.md
+++ b/README.md
@@ -2,74 +2,29 @@ Alliance Auth
 ============

 [![Join the chat at https://gitter.im/R4stl1n/allianceauth](https://badges.gitter.im/R4stl1n/allianceauth.svg)](https://gitter.im/R4stl1n/allianceauth?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Documentation Status](https://readthedocs.org/projects/allianceauth/badge/?version=latest)](http://allianceauth.readthedocs.io/en/latest/?badge=latest)
+[![Build Status](https://travis-ci.org/allianceauth/allianceauth.svg?branch=master)](https://travis-ci.org/allianceauth/allianceauth)
+[![Coverage Status](https://coveralls.io/repos/github/allianceauth/allianceauth/badge.svg?branch=master)](https://coveralls.io/github/allianceauth/allianceauth?branch=master)

-Alliance service auth to help large scale alliances manage services.
-Built for "The 99 Percent" open for anyone to use

-[Documentation and Setup Guides](https://github.com/R4stl1n/allianceauth/wiki)
-
-[Project Website](http://r4stl1n.github.io/allianceauth/)
-
-[Old Dev Setup Guide] (http://r4stl1n.github.io/allianceauth/quicksetup.html)
-
-[Old Production Setup Guide] (http://r4stl1n.github.io/allianceauth/fullsetup.html)
-
-Join us in-game in the channel allianceauth for help and feature requests.
-
-Special Thanks: 
-
-    Thanks to Nikdoof, without his old auth implementation this project wouldn't be as far as it is now.
-
-Note:
-
-    Please keep your admin account and normal accounts separate. If you are the admin only use 
-    the admin account for admin stuff do not attempt to use it for your personal services. 
-    Create a new normal account for this or things will break.
-    
-Requirements:
-
-    # Django Stuff #
-    django 1.10.1
-    django-bootstrap-form
-    django-celery
-    
-    # Python Stuff #
-    python-mysql-connector
-    python-mysqld
-    python-passlib
-    python-evelink
-    python-openfire
-    python-xmpp
-    python-dnspython
-    
-    # Needed Apps #
-    Rabbitmq server
-        
-Startup Instructions:
-
-    ./bootstrap.sh (Sudo if needed)
-    ./startup.sh
-    ./shutdown.sh
-
-Vagrant Instructions:
-
-    Copy the scripts to the root directory before running
+EVE service auth to help corps, alliances, and coalitions manage services.
+Built for "The 99 Percent" open for anyone to use.

 Special Permissions In Admin:

    auth | user | group_management ( Access to add members to groups within the alliance )
-    auth | user | jabber_broadcast ( Access to broadcast a message over jabber to own groups)
-    auth | user | jabber_broadcast_all ( Can choose from all groups and the 'all' option when broadcasting)
+    auth | user | jabber_broadcast ( Access to broadcast a message over jabber to own groups )
+    auth | user | jabber_broadcast_all ( Can choose from all groups and the 'all' option when broadcasting )
    auth | user | corp_apis ( View APIs, and jackKnife, of all members in user's corp. )
    auth | user | alliance_apis ( View APIs, and jackKnife, of all member in user's alliance member corps. )
-    auth | user | timer_management ( Access to create and remove timers)
-    auth | user | timer_view ( Access to timerboard to view timers)
-    auth | user | srp_management ( Allows for an individual to create and remove srp fleets and fleet data)
-    auth | user | sigtracker_management ( Allows for an individual to create and remove signitures)
-    auth | user | sigtracker_view ( Allows for an individual view signitures)
-    auth | user | optimer_management ( Allows for an individual to create and remove fleet operations)
-    auth | user | optimer_view ( Allows for an individual view fleet operations)
-    auth | user | logging_notifications ( Generate notifications from logging)
+    auth | user | timer_management ( Access to create and remove timers )
+    auth | user | timer_view ( Access to timerboard to view timers )
+    auth | user | srp_management ( Allows for an individual to create and remove srp fleets and fleet data )
+    auth | user | sigtracker_management ( Allows for an individual to create and remove signitures )
+    auth | user | sigtracker_view ( Allows for an individual view signitures )
+    auth | user | optimer_management ( Allows for an individual to create and remove fleet operations )
+    auth | user | optimer_view ( Allows for an individual view fleet operations )
+    auth | user | logging_notifications ( Generate notifications from logging )

    auth | user | human_resources ( View applications to user's corp )
    hrapplications | application | delete_application ( Can delete applications )
@@ -78,14 +33,21 @@ Special Permissions In Admin:
    hrapplications | application | view_apis ( Can see applicant's API keys )
    hrapplications | applicationcomment | add_applicationcomment ( Can comment on applications )

-Active Developers
+Vagrant Instructions:
+
+    Copy the scripts to the root directory before running
+
+Active Developers:

    Adarnof
-    Kaezon Rio
-    Mr McClain
+    basraah

 Beta Testers/ Bug Fixers:

-    TrentBartlem ( Testing and Bug Fixes)
+    TrentBartlem ( Testing and Bug Fixes )
    IskFiend ( Bug Fixes and Server Configuration )
-    Mr McClain (Bug Fixes and server configuration)
+    Mr McClain (Bug Fixes and server configuration )
+
+Special Thanks:
+
+    Thanks to Nikdoof, without his old auth implementation this project wouldn't be as far as it is now.
--- a/alliance_auth/init.py
+++ b/alliance_auth/init.py
@@ -1 +1,8 @@
-from __future__ import unicode_literals
+from __future__ import absolute_import, unicode_literals
+
+# This will make sure the app is always imported when
+# Django starts so that shared_task will use this app.
+from .celeryapp import app as celery_app  # noqa
+
+__version__ = '1.15.0'
+NAME = 'Alliance Auth v%s' % __version__
--- a/alliance_auth/celeryapp.py
+++ b/alliance_auth/celeryapp.py
@@ -0,0 +1,17 @@
+from __future__ import absolute_import, unicode_literals
+import os
+from celery import Celery
+
+# set the default Django settings module for the 'celery' program.
+os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'alliance_auth.settings')
+
+from django.conf import settings  # noqa
+
+app = Celery('alliance_auth')
+
+# Using a string here means the worker don't have to serialize
+# the configuration object to child processes.
+app.config_from_object('django.conf:settings')
+
+# Load task modules from all registered Django app configs.
+app.autodiscover_tasks(lambda: settings.INSTALLED_APPS)
--- a/alliance_auth/hooks.py
+++ b/alliance_auth/hooks.py
@@ -0,0 +1,127 @@
+"""
+Copyright (c) 2014 Torchbox Ltd and individual contributors.
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice,
+       this list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    3. Neither the name of Torchbox nor the names of its contributors may be used
+       to endorse or promote products derived from this software without
+       specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+Based on https://github.com/torchbox/wagtail/blob/master/wagtail/wagtailcore/hooks.py
+"""
+
+from __future__ import unicode_literals
+
+from importlib import import_module
+
+from django.apps import apps
+from django.utils.module_loading import module_has_submodule
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+_hooks = {}  # Dict of Name: Fn's of registered hooks
+
+_all_hooks_registered = False  # If all hooks have been searched for and registered yet
+
+
+def register(name, fn=None):
+    """
+    Decorator to register a function as a hook
+
+    Register hook for ``hook_name``. Can be used as a decorator::
+        @register('hook_name')
+        def my_hook(...):
+            pass
+
+    or as a function call::
+        def my_hook(...):
+            pass
+        register('hook_name', my_hook)
+
+    :param name: str Name of the hook/callback to register it as
+    :param fn: function to register in the hook/callback
+    :return: function Decorator if applied as a decorator
+    """
+    def _hook_add(func):
+        if name not in _hooks:
+            logger.debug("Creating new hook %s" % name)
+            _hooks[name] = []
+
+        logger.debug('Registering hook %s for function %s' % (name, fn))
+        _hooks[name].append(func)
+
+    if fn is None:
+        # Behave like a decorator
+        def decorator(func):
+            _hook_add(func)
+            return func
+        return decorator
+    else:
+        # Behave like a function, just register hook
+        _hook_add(fn)
+
+
+def get_app_modules():
+    """
+    Get all the modules of the django app
+    :return: name, module tuple
+    """
+    for app in apps.get_app_configs():
+        yield app.name, app.module
+
+
+def get_app_submodules(module_name):
+    """
+    Get a specific sub module of the app
+    :param module_name: module name to get
+    :return: name, module tuple
+    """
+    for name, module in get_app_modules():
+        if module_has_submodule(module, module_name):
+            yield name, import_module('{0}.{1}'.format(name, module_name))
+
+
+def register_all_hooks():
+    """
+    Register all hooks found in 'auth_hooks' sub modules
+    :return:
+    """
+    global _all_hooks_registered
+    if not _all_hooks_registered:
+        logger.debug("Searching for hooks")
+        hooks = list(get_app_submodules('auth_hooks'))
+        logger.debug("Got %s hooks" % len(hooks))
+        _all_hooks_registered = True
+
+
+def get_hooks(name):
+    """
+    Get all the hook functions for the given hook name
+    :param name: str name of the hook to get the functions for
+    :return: list of hook functions
+    """
+    register_all_hooks()
+    return _hooks.get(name, [])
+
--- a/alliance_auth/settings.py.example
+++ b/alliance_auth/settings.py.example
@@ -15,12 +15,14 @@ import os
 import djcelery

 from django.contrib import messages
+from celery.schedules import crontab

 djcelery.setup_loader()

 # Celery configuration
 BROKER_URL = 'redis://localhost:6379/0'
 CELERYBEAT_SCHEDULER = "djcelery.schedulers.DatabaseScheduler"
+CELERYBEAT_SCHEDULE = dict()

 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
@@ -61,8 +63,24 @@ INSTALLED_APPS = [
    'corputils',
    'fleetactivitytracking',
    'notifications',
-    'eve_sso',
+    'esi',
+    'permissions_tool',
    'geelweb.django.navhelper',
+    'bootstrap_pagination',
+
+    # Services
+    'services.modules.mumble',
+    'services.modules.discord',
+    'services.modules.discourse',
+    'services.modules.ipboard',
+    'services.modules.ips4',
+    'services.modules.market',
+    'services.modules.openfire',
+    'services.modules.seat',
+    'services.modules.smf',
+    'services.modules.phpbb3',
+    'services.modules.xenforo',
+    'services.modules.teamspeak3',
 ]

 MIDDLEWARE = [
@@ -110,7 +128,7 @@ TEMPLATES = [
                'notifications.context_processors.user_notification_count',
                'authentication.context_processors.states',
                'authentication.context_processors.membership_state',
-                'authentication.context_processors.sso',
+                'groupmanagement.context_processors.can_manage_groups',
            ],
        },
    },
@@ -133,6 +151,15 @@ DATABASES = {
    },
 }

+# If you have run the authentication.0013_service_modules migration
+# you will need to set this to True in order to install service modules
+# which were involved in that migration after it has been run.
+# If you are on a fresh install with no existing database you can safely
+# set this to True
+# If you have not run the authentication.0013_service_modules migration
+# leave this set to False.
+SERVICES_MIGRATED = False
+
 # Password validation
 # https://docs.djangoproject.com/en/1.10/ref/settings/#auth-password-validators

@@ -184,21 +211,22 @@ MESSAGE_TAGS = {
    messages.ERROR: 'danger'
 }

+CACHES = {
+    "default": {
+        "BACKEND": "django_redis.cache.RedisCache",
+        "LOCATION": "redis://127.0.0.1:6379/1",
+        "OPTIONS": {
+            "CLIENT_CLASS": "django_redis.client.DefaultClient",
+        }
+    }
+}
+
 #####################################################
 ##
 ## Auth configuration starts here
 ##
 #####################################################

-###########################
-# ALLIANCE / CORP TOGGLE
-###########################
-# Specifies to run membership checks against corp or alliance
-# Set to FALSE for alliance
-# Set to TRUE for corp
-###########################
-IS_CORP = 'True' == os.environ.get('AA_IS_CORP', 'True')
-
 #################
 # EMAIL SETTINGS
 #################
@@ -209,7 +237,7 @@ IS_CORP = 'True' == os.environ.get('AA_IS_CORP', 'True')
 # EMAIL_HOST_PASSWORD - Email Password
 # EMAIL_USE_TLS - Set to use TLS encryption
 #################
-DOMAIN = os.environ.get('AA_DOMAIN', 'https://yourdomain.com')
+DOMAIN = os.environ.get('AA_DOMAIN', 'https://example.com')
 EMAIL_HOST = os.environ.get('AA_EMAIL_HOST', 'smtp.gmail.com')
 EMAIL_PORT = int(os.environ.get('AA_EMAIL_PORT', '587'))
 EMAIL_HOST_USER = os.environ.get('AA_EMAIL_HOST_USER', '')
@@ -222,24 +250,23 @@ EMAIL_USE_TLS = 'True' == os.environ.get('AA_EMAIL_USE_TLS', 'True')
 # KILLBOARD_URL - URL for your killboard. Blank to hide link
 # MEDIA_URL - URL for your media page (youtube etc). Blank to hide link
 # FORUM_URL - URL for your forums. Blank to hide link
-# SMF_URL - URL for your SMF forums.
+# SITE_NAME - Name of the auth site.
 ####################
 KILLBOARD_URL = os.environ.get('AA_KILLBOARD_URL', '')
 EXTERNAL_MEDIA_URL = os.environ.get('AA_EXTERNAL_MEDIA_URL', '')
 FORUM_URL = os.environ.get('AA_FORUM_URL', '')
+SITE_NAME = os.environ.get('AA_SITE_NAME', 'Alliance Auth')

 ###################
 # SSO Settings
 ###################
-# Optional SSO.
 # Get client ID and client secret from registering an app at
 # https://developers.eveonline.com/
-# Callback URL should be http://mydomain.com/sso/callback
-# Leave callback blank to hide SSO button on login page
+# Callback URL should be https://example.com/sso/callback
 ###################
-EVE_SSO_CLIENT_ID = os.environ.get('AA_EVE_SSO_CLIENT_ID', '')
-EVE_SSO_CLIENT_SECRET = os.environ.get('AA_EVE_SSO_CLIENT_SECRET', '')
-EVE_SSO_CALLBACK_URL = os.environ.get('AA_EVE_SSO_CALLBACK_URL', '')
+ESI_SSO_CLIENT_ID = os.environ.get('AA_ESI_SSO_CLIENT_ID', '')
+ESI_SSO_CLIENT_SECRET = os.environ.get('AA_ESI_SSO_CLIENT_SECRET', '')
+ESI_SSO_CALLBACK_URL = os.environ.get('AA_ESI_SSO_CALLBACK_URL', '')

 #########################
 # Default Group Settings
@@ -257,83 +284,32 @@ BLUE_CORP_GROUPS = 'True' == os.environ.get('AA_BLUE_CORP_GROUPS', 'False')
 BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'False')

 #########################
-# Alliance Service Setup
+# Tenant Configuration
 #########################
-# ENABLE_AUTH_FORUM - Enable forum support in the auth for auth'd members
-# ENABLE_AUTH_JABBER - Enable jabber support in the auth for auth'd members
-# ENABLE_AUTH_MUMBLE - Enable mumble support in the auth for auth'd members
-# ENABLE_AUTH_IPBOARD - Enable IPBoard forum support in the auth for auth'd members
-# ENABLE_AUTH_DISCORD - Enable Discord support in the auth for auth'd members
-# ENABLE_AUTH_DISCOURSE - Enable Discourse support in the auth for auth'd members
-# ENABLE_AUTH_IPS4 - Enable IPS4 support in the auth for auth'd members
-# ENABLE_AUTH_SMF - Enable SMF forum support in the auth for auth'd members
-# ENABLE_AUTH_MARKET = Enable Alliance Market support in auth for auth'd members
-# ENABLE_AUTH_PATHFINDER = Enable Alliance Pathfinder suppor in auth for auth'd members
-# ENABLE_AUTH_XENFORO = Enable XenForo forums support in the auth for auth'd members
+# CORP_IDS - A list of corporation IDs to treat as members.
+# ALLIANCE_IDS - A list of alliance IDs to treat as members.
+# Any corps in a specified alliance will be treated as members, so do not include them in CORP_IDS
 #########################
-ENABLE_AUTH_FORUM = 'True' == os.environ.get('AA_ENABLE_AUTH_FORUM', 'False')
-ENABLE_AUTH_JABBER = 'True' == os.environ.get('AA_ENABLE_AUTH_JABBER', 'False')
-ENABLE_AUTH_MUMBLE = 'True' == os.environ.get('AA_ENABLE_AUTH_MUMBLE', 'False')
-ENABLE_AUTH_IPBOARD = 'True' == os.environ.get('AA_ENABLE_AUTH_IPBOARD', 'False')
-ENABLE_AUTH_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_AUTH_TEAMSPEAK3', 'False')
-ENABLE_AUTH_DISCORD = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCORD', 'False')
-ENABLE_AUTH_DISCOURSE = 'True' == os.environ.get('AA_ENABLE_AUTH_DISCOURSE', 'False')
-ENABLE_AUTH_IPS4 = 'True' == os.environ.get('AA_ENABLE_AUTH_IPS4', 'False')
-ENABLE_AUTH_SMF = 'True' == os.environ.get('AA_ENABLE_AUTH_SMF', 'False')
-ENABLE_AUTH_MARKET = 'True' == os.environ.get('AA_ENABLE_AUTH_MARKET', 'False')
-ENABLE_AUTH_XENFORO = 'True' == os.environ.get('AA_ENABLE_AUTH_XENFORO', 'False')
-
-#####################
-# Blue service Setup
-#####################
-# BLUE_STANDING - The default lowest standings setting to consider blue
-# ENABLE_BLUE_FORUM - Enable forum support in the auth for blues
-# ENABLE_BLUE_JABBER - Enable jabber support in the auth for blues
-# ENABLE_BLUE_MUMBLE - Enable mumble support in the auth for blues
-# ENABLE_BLUE_IPBOARD - Enable IPBoard forum support in the auth for blues
-# ENABLE_BLUE_DISCORD - Enable Discord support in the auth for blues
-# ENABLE_BLUE_DISCOURSE - Enable Discord support in the auth for blues
-# ENABLE_BLUE_IPS4 - Enable IPS4 forum support in the auth for blues
-# ENABLE_BLUE_SMF - Enable SMF forum support in the auth for blues
-# ENABLE_BLUE_MARKET - Enable Alliance Market in the auth for blues
-# ENABLE_BLUE_PATHFINDER = Enable Pathfinder support in the auth for blues
-# ENABLE_BLUE_XENFORO = Enable XenForo forum support in the auth for blue 
-#####################
-BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0'))
-ENABLE_BLUE_FORUM = 'True' == os.environ.get('AA_ENABLE_BLUE_FORUM', 'False')
-ENABLE_BLUE_JABBER = 'True' == os.environ.get('AA_ENABLE_BLUE_JABBER', 'False')
-ENABLE_BLUE_MUMBLE = 'True' == os.environ.get('AA_ENABLE_BLUE_MUMBLE', 'False')
-ENABLE_BLUE_IPBOARD = 'True' == os.environ.get('AA_ENABLE_BLUE_IPBOARD', 'False')
-ENABLE_BLUE_TEAMSPEAK3 = 'True' == os.environ.get('AA_ENABLE_BLUE_TEAMSPEAK3', 'False')
-ENABLE_BLUE_DISCORD = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCORD', 'False')
-ENABLE_BLUE_DISCOURSE = 'True' == os.environ.get('AA_ENABLE_BLUE_DISCOURSE', 'False')
-ENABLE_BLUE_IPS4 = 'True' == os.environ.get('AA_ENABLE_BLUE_IPS4', 'False')
-ENABLE_BLUE_SMF = 'True' == os.environ.get('AA_ENABLE_BLUE_SMF', 'False')
-ENABLE_BLUE_MARKET = 'True' == os.environ.get('AA_ENABLE_BLUE_MARKET', 'False')
-ENABLE_BLUE_XENFORO = 'True' == os.environ.get('AA_ENABLE_BLUE_XENFORO', 'False')
+CORP_IDS = []
+ALLIANCE_IDS = []

 #########################
-# Corp Configuration
+# Standings Configuration
 #########################
-# If running in alliance mode, the following should be for the executor corp#
-# CORP_ID - Set this to your corp ID (get this from https://zkillboard.com/corporation/#######)
-# CORP_NAME - Set this to your Corporation Name
+# Add a corp API key to add blue standings to grant access.
 # CORP_API_ID - Set this to the api id for the corp API key
 # CORP_API_VCODE - Set this to the api vcode for the corp API key
+# BLUE_STANDING - The lowest standings value to consider blue
+# STANDING_LEVEL - The level of standings to query. Accepted values are 'corp' and 'alliance'.
+# BLUE_CORP_IDS - A list of corps to remain blue regardless of in-game standings
+# BLUE_ALLIANCE_IDS - A list of alliances to remain blue regardless of in-game standings
 ########################
-CORP_ID = os.environ.get('AA_CORP_ID', '')
-CORP_NAME = os.environ.get('AA_CORP_NAME', '')
 CORP_API_ID = os.environ.get('AA_CORP_API_ID', '')
 CORP_API_VCODE = os.environ.get('AA_CORP_API_VCODE', '')
-
-#########################
-# Alliance Configuration
-#########################
-# ALLIANCE_ID - Set this to your Alliance ID (get this from https://zkillboard.com/alliance/#######)
-# ALLIANCE_NAME - Set this to your Alliance Name
-########################
-ALLIANCE_ID = os.environ.get('AA_ALLIANCE_ID', '')
-ALLIANCE_NAME = os.environ.get('AA_ALLIANCE_NAME', '')
+BLUE_STANDING = float(os.environ.get('AA_BLUE_STANDING', '5.0'))
+STANDING_LEVEL = os.environ.get('AA_STANDING_LEVEL', 'corp')
+BLUE_CORP_IDS = []
+BLUE_ALLIANCE_IDS = []

 ########################
 # API Configuration
@@ -355,14 +331,29 @@ REJECT_OLD_APIS = 'True' == os.environ.get('AA_REJECT_OLD_APIS', 'False')
 REJECT_OLD_APIS_MARGIN = os.environ.get('AA_REJECT_OLD_APIS_MARGIN', 50)
 API_SSO_VALIDATION = 'True' == os.environ.get('AA_API_SSO_VALIDATION', 'False')

+#######################
+# EVE Provider Settings
+#######################
+# EVEONLINE_CHARACTER_PROVIDER - Name of default data source for getting eve character data
+# EVEONLINE_CORP_PROVIDER - Name of default data source for getting eve corporation data
+# EVEONLINE_ALLIANCE_PROVIDER - Name of default data source for getting eve alliance data
+# EVEONLINE_ITEMTYPE_PROVIDER - Name of default data source for getting eve item type data
+#
+# Available sources are 'esi' and 'xml'. Leaving blank results in the default 'esi' being used.
+#######################
+EVEONLINE_CHARACTER_PROVIDER = os.environ.get('AA_EVEONLINE_CHARACTER_PROVIDER', '')
+EVEONLINE_CORP_PROVIDER = os.environ.get('AA_EVEONLINE_CORP_PROVIDER', '')
+EVEONLINE_ALLIANCE_PROVIDER = os.environ.get('AA_EVEONLINE_ALLIANCE_PROVIDER', '')
+EVEONLINE_ITEMTYPE_PROVIDER = os.environ.get('AA_EVEONLINE_ITEMTYPE_PROVIDER', '')
+
 #####################
 # Alliance Market
 #####################
-MARKET_URL = os.environ.get('AA_MARKET_URL', 'http://yourdomain.com/market')
+MARKET_URL = os.environ.get('AA_MARKET_URL', 'http://example.com/market')
 MARKET_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_market',
-    'USER': os.environ.get('AA_DB_MARKET_USER', 'allianceserver'),
+    'USER': os.environ.get('AA_DB_MARKET_USER', 'allianceserver-market'),
    'PASSWORD': os.environ.get('AA_DB_MARKET_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_MARKET_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_MARKET_PORT', '3306'),
@@ -371,10 +362,16 @@ MARKET_DB = {
 #####################
 # HR Configuration
 #####################
-# JACK_KNIFE_URL - Url for the audit page of API Jack knife
-#                  Should seriously replace with your own.
+# API_KEY_AUDIT_URL - URL for viewing API keys.
+# Other URLs are supported. Use string formatting notation {} with parameter names api_id, vcode, pk
+# Example URL formats are shown below:
+#           Old Jacknife: 'https://example.com/jacknife/eveapi/audit.php?usid={api_id}&apik={vcode}'
+#           New Jacknife: 'https://example.com/jacknife/?usid={api_id}&apik={vcode}'
+#           SeAT: 'https://seat.example.com/api-key/detail/{api_id}'
+#           Django Admin: '/admin/eveonline/eveapikeypair/{pk}/change'
+# Leave blank for the verification code to be shown in a popup on click.
 #####################
-JACK_KNIFE_URL = os.environ.get('AA_JACK_KNIFE_URL', 'http://ridetheclown.com/eveapi/audit.php')
+API_KEY_AUDIT_URL = os.environ.get('AA_API_KEY_AUDIT_URL', '')

 #####################
 # Forum Configuration
@@ -383,14 +380,14 @@ JACK_KNIFE_URL = os.environ.get('AA_JACK_KNIFE_URL', 'http://ridetheclown.com/ev
 # IPBOARD_APIKEY - Api key to interact with ipboard
 # IPBOARD_APIMODULE - Module for alliance auth *leave alone*
 #####################
-IPBOARD_ENDPOINT = os.environ.get('AA_IPBOARD_ENDPOINT', 'yourdomain.com/interface/board/index.php')
+IPBOARD_ENDPOINT = os.environ.get('AA_IPBOARD_ENDPOINT', 'example.com/interface/board/index.php')
 IPBOARD_APIKEY = os.environ.get('AA_IPBOARD_APIKEY', 'somekeyhere')
 IPBOARD_APIMODULE = 'aa'

 ########################
 # XenForo Configuration
 ########################
-XENFORO_ENDPOINT = os.environ.get('AA_XENFORO_ENDPOINT', 'yourdomain.com/api.php')
+XENFORO_ENDPOINT = os.environ.get('AA_XENFORO_ENDPOINT', 'example.com/api.php')
 XENFORO_DEFAULT_GROUP = os.environ.get('AA_XENFORO_DEFAULT_GROUP', 0)
 XENFORO_APIKEY   = os.environ.get('AA_XENFORO_APIKEY', 'yourapikey')
 #####################
@@ -407,10 +404,10 @@ XENFORO_APIKEY   = os.environ.get('AA_XENFORO_APIKEY', 'yourapikey')
 # BROADCAST_USER - Broadcast user JID
 # BROADCAST_USER_PASSWORD - Broadcast user password
 ######################
-JABBER_URL = os.environ.get('AA_JABBER_URL', "yourdomain.com")
+JABBER_URL = os.environ.get('AA_JABBER_URL', "example.com")
 JABBER_PORT = int(os.environ.get('AA_JABBER_PORT', '5223'))
-JABBER_SERVER = os.environ.get('AA_JABBER_SERVER', "yourdomain.com")
-OPENFIRE_ADDRESS = os.environ.get('AA_OPENFIRE_ADDRESS', "http://yourdomain.com:9090")
+JABBER_SERVER = os.environ.get('AA_JABBER_SERVER', "example.com")
+OPENFIRE_ADDRESS = os.environ.get('AA_OPENFIRE_ADDRESS', "http://example.com:9090")
 OPENFIRE_SECRET_KEY = os.environ.get('AA_OPENFIRE_SECRET_KEY', "somekey")
 BROADCAST_USER = os.environ.get('AA_BROADCAST_USER', "broadcast@") + JABBER_URL
 BROADCAST_USER_PASSWORD = os.environ.get('AA_BROADCAST_USER_PASSWORD', "somepassword")
@@ -422,7 +419,7 @@ BROADCAST_SERVICE_NAME = os.environ.get('AA_BROADCAST_SERVICE_NAME', "broadcast"
 # MUMBLE_URL - Mumble server url
 # MUMBLE_SERVER_ID - Mumble server id
 ######################################
-MUMBLE_URL = os.environ.get('AA_MUMBLE_URL', "yourdomain.com")
+MUMBLE_URL = os.environ.get('AA_MUMBLE_URL', "https://example.com")
 MUMBLE_SERVER_ID = int(os.environ.get('AA_MUMBLE_SERVER_ID', '1'))

 ######################################
@@ -431,7 +428,7 @@ MUMBLE_SERVER_ID = int(os.environ.get('AA_MUMBLE_SERVER_ID', '1'))
 PHPBB3_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_forum',
-    'USER': os.environ.get('AA_DB_PHPBB3_USER', 'allianceserver'),
+    'USER': os.environ.get('AA_DB_PHPBB3_USER', 'allianceserver-phpbb3'),
    'PASSWORD': os.environ.get('AA_DB_PHPBB3_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_PHPBB3_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_PHPBB3_PORT', '3306'),
@@ -453,7 +450,7 @@ TEAMSPEAK3_SERVER_PORT = int(os.environ.get('AA_TEAMSPEAK3_SERVER_PORT', '10011'
 TEAMSPEAK3_SERVERQUERY_USER = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_USER', 'serveradmin')
 TEAMSPEAK3_SERVERQUERY_PASSWORD = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_PASSWORD', 'passwordhere')
 TEAMSPEAK3_VIRTUAL_SERVER = int(os.environ.get('AA_TEAMSPEAK3_VIRTUAL_SERVER', '1'))
-TEAMSPEAK3_PUBLIC_URL = os.environ.get('AA_TEAMSPEAK3_PUBLIC_URL', 'yourdomain.com')
+TEAMSPEAK3_PUBLIC_URL = os.environ.get('AA_TEAMSPEAK3_PUBLIC_URL', 'example.com')

 ######################################
 # Discord Configuration
@@ -471,7 +468,7 @@ DISCORD_BOT_TOKEN = os.environ.get('AA_DISCORD_BOT_TOKEN', '')
 DISCORD_INVITE_CODE = os.environ.get('AA_DISCORD_INVITE_CODE', '')
 DISCORD_APP_ID = os.environ.get('AA_DISCORD_APP_ID', '')
 DISCORD_APP_SECRET = os.environ.get('AA_DISCORD_APP_SECRET', '')
-DISCORD_CALLBACK_URL = os.environ.get('AA_DISCORD_CALLBACK_URL', 'http://mydomain.com/discord_callback')
+DISCORD_CALLBACK_URL = os.environ.get('AA_DISCORD_CALLBACK_URL', 'http://example.com/discord/callback')
 DISCORD_SYNC_NAMES = 'True' == os.environ.get('AA_DISCORD_SYNC_NAMES', 'False')

 ######################################
@@ -493,26 +490,34 @@ DISCOURSE_SSO_SECRET = os.environ.get('AA_DISCOURSE_SSO_SECRET', '')
 # IPS4_URL - base url of the IPS4 install (no trailing slash)
 # IPS4_API_KEY - API key provided by IPS4
 #####################################
-IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://yourdomain.com/ips4')
+IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://example.com/ips4')
 IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
 IPS4_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_ips4',
-    'USER': os.environ.get('AA_DB_IPS4_USER', 'allianceserver'),
+    'USER': os.environ.get('AA_DB_IPS4_USER', 'allianceserver-ips4'),
    'PASSWORD': os.environ.get('AA_DB_IPS4_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_IPS4_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_IPS4_PORT', '3306'),
 }

+#####################################
+# SEAT Configuration
+#####################################
+# SEAT_URL - base url of the seat install (no trailing slash)
+# SEAT_XTOKEN - API key X-Token provided by SeAT
+#####################################
+SEAT_URL = os.environ.get('AA_SEAT_URL', 'http://example.com/seat')
+SEAT_XTOKEN = os.environ.get('AA_SEAT_XTOKEN', '')

 ######################################
 # SMF Configuration
 ######################################
-SMF_URL = os.environ.get('AA_SMF_URL', '')
+SMF_URL = os.environ.get('AA_SMF_URL', 'https://example.com')
 SMF_DB = {
    'ENGINE': 'django.db.backends.mysql',
    'NAME': 'alliance_smf',
-    'USER': os.environ.get('AA_DB_SMF_USER', 'allianceserver'),
+    'USER': os.environ.get('AA_DB_SMF_USER', 'allianceserver-smf'),
    'PASSWORD': os.environ.get('AA_DB_SMF_PASSWORD', 'password'),
    'HOST': os.environ.get('AA_DB_SMF_HOST', '127.0.0.1'),
    'PORT': os.environ.get('AA_DB_SMF_PORT', '3306'),
@@ -645,11 +650,30 @@ LOGGING = {
 }

 # Conditionally add databases only if configured
-if ENABLE_AUTH_FORUM or ENABLE_BLUE_FORUM:
+if 'services.modules.phpbb3' in INSTALLED_APPS:
    DATABASES['phpbb3'] = PHPBB3_DB
-if ENABLE_AUTH_SMF or ENABLE_BLUE_SMF:
+if 'services.modules.smf' in INSTALLED_APPS:
    DATABASES['smf'] = SMF_DB
-if ENABLE_AUTH_MARKET or ENABLE_BLUE_MARKET:
+if 'services.modules.market' in INSTALLED_APPS:
    DATABASES['market'] = MARKET_DB
-if ENABLE_AUTH_IPS4 or ENABLE_BLUE_IPS4:
+if 'services.modules.ips4' in INSTALLED_APPS:
    DATABASES['ips4'] = IPS4_DB
+
+# Ensure corp/alliance IDs are expected types
+STR_CORP_IDS = [str(id) for id in CORP_IDS]
+STR_ALLIANCE_IDS = [str(id) for id in ALLIANCE_IDS]
+STR_BLUE_CORP_IDS = [str(id) for id in BLUE_CORP_IDS]
+STR_BLUE_ALLIANCE_IDS = [str(id) for id in BLUE_ALLIANCE_IDS]
+
+# Conditionally add periodic tasks for services if installed
+if 'services.modules.teamspeak3' in INSTALLED_APPS:
+    CELERYBEAT_SCHEDULE['run_ts3_group_update'] = {
+        'task': 'services.modules.teamspeak3.tasks.run_ts3_group_update',
+        'schedule': crontab(minute='*/30'),
+    }
+
+if 'services.modules.seat' in INSTALLED_APPS:
+    CELERYBEAT_SCHEDULE['run_seat_api_sync'] = {
+        'task': 'services.modules.seat.tasks.run_api_sync',
+        'schedule': crontab(minute='*/30'),
+    }
--- a/alliance_auth/tests/init.py
+++ b/alliance_auth/tests/init.py
--- a/alliance_auth/tests/auth_utils.py
+++ b/alliance_auth/tests/auth_utils.py
@@ -0,0 +1,98 @@
+from __future__ import unicode_literals
+
+from django.db.models.signals import m2m_changed, pre_save
+from django.contrib.auth.models import User, Group, Permission
+
+from services.signals import m2m_changed_user_groups, pre_save_user
+from services.signals import m2m_changed_group_permissions, m2m_changed_user_permissions
+from authentication.signals import pre_save_auth_state
+
+from authentication.tasks import make_member, make_blue
+from authentication.models import AuthServicesInfo
+from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE
+
+from eveonline.models import EveCharacter
+
+
+class AuthUtils:
+    def __init__(self):
+        pass
+
+    @staticmethod
+    def _create_user(username):
+        return User.objects.create(username=username)
+
+    @classmethod
+    def create_user(cls, username, disconnect_signals=False):
+        if disconnect_signals:
+            cls.disconnect_signals()
+        user = cls._create_user(username)
+        user.authservicesinfo.state = NONE_STATE
+        user.authservicesinfo.save()
+        if disconnect_signals:
+            cls.connect_signals()
+        return user
+
+    @classmethod
+    def create_member(cls, username):
+        cls.disconnect_signals()
+        user = cls._create_user(username)
+        user.authservicesinfo.state = MEMBER_STATE
+        user.authservicesinfo.save()
+        make_member(user.authservicesinfo)
+        cls.connect_signals()
+        return user
+
+    @classmethod
+    def create_blue(cls, username):
+        cls.disconnect_signals()
+        user = cls._create_user(username)
+        user.authservicesinfo.state = BLUE_STATE
+        user.authservicesinfo.save()
+        make_blue(user.authservicesinfo)
+        cls.connect_signals()
+        return user
+
+    @classmethod
+    def disconnect_signals(cls):
+        m2m_changed.disconnect(m2m_changed_user_groups, sender=User.groups.through)
+        m2m_changed.disconnect(m2m_changed_group_permissions, sender=Group.permissions.through)
+        m2m_changed.disconnect(m2m_changed_user_permissions, sender=User.user_permissions.through)
+        pre_save.disconnect(pre_save_user, sender=User)
+        pre_save.disconnect(pre_save_auth_state, sender=AuthServicesInfo)
+
+    @classmethod
+    def connect_signals(cls):
+        m2m_changed.connect(m2m_changed_user_groups, sender=User.groups.through)
+        m2m_changed.connect(m2m_changed_group_permissions, sender=Group.permissions.through)
+        m2m_changed.connect(m2m_changed_user_permissions, sender=User.user_permissions.through)
+        pre_save.connect(pre_save_user, sender=User)
+        pre_save.connect(pre_save_auth_state, sender=AuthServicesInfo)
+
+    @classmethod
+    def add_main_character(cls, user, name, character_id, corp_id='', corp_name='', corp_ticker='', alliance_id='',
+                           alliance_name=''):
+        EveCharacter.objects.create(
+            character_id=character_id,
+            character_name=name,
+            corporation_id=corp_id,
+            corporation_name=corp_name,
+            corporation_ticker=corp_ticker,
+            alliance_id=alliance_id,
+            alliance_name=alliance_name,
+            api_id='1234',
+            user=user
+        )
+        AuthServicesInfo.objects.update_or_create(user=user, defaults={'main_char_id': character_id})
+
+    @classmethod
+    def add_permissions_to_groups(cls, perms, groups, disconnect_signals=True):
+        if disconnect_signals:
+            cls.disconnect_signals()
+
+        for group in groups:
+            for perm in perms:
+                group.permissions.add(perm)
+
+        if disconnect_signals:
+            cls.connect_signals()
--- a/alliance_auth/tests/test_settings.py
+++ b/alliance_auth/tests/test_settings.py
@@ -0,0 +1,558 @@
+"""
+Alliance Auth Test Suite Django settings.
+"""
+
+import os
+
+import djcelery
+
+from django.contrib import messages
+
+import alliance_auth
+
+djcelery.setup_loader()
+
+# Use nose to run all tests
+TEST_RUNNER = 'django_nose.NoseTestSuiteRunner'
+
+NOSE_ARGS = [
+    #'--with-coverage',
+    #'--cover-package=',
+]
+
+# Celery configuration
+CELERY_ALWAYS_EAGER = True  # Forces celery to run locally for testing
+
+# Build paths inside the project like this: os.path.join(BASE_DIR, ...)
+BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(alliance_auth.__file__)))
+
+SECRET_KEY = 'testing only'
+
+DEBUG = True
+
+# Application definition
+
+INSTALLED_APPS = [
+    'django.contrib.admin',
+    'django.contrib.auth',
+    'django.contrib.contenttypes',
+    'django.contrib.sessions',
+    'django.contrib.messages',
+    'django.contrib.staticfiles',
+    'django.contrib.humanize',
+    'djcelery',
+    'bootstrapform',
+    'authentication',
+    'services',
+    'eveonline',
+    'groupmanagement',
+    'hrapplications',
+    'timerboard',
+    'srp',
+    'optimer',
+    'corputils',
+    'fleetactivitytracking',
+    'notifications',
+    'esi',
+    'permissions_tool',
+    'geelweb.django.navhelper',
+    'bootstrap_pagination',
+    'services.modules.mumble',
+    'services.modules.discord',
+    'services.modules.discourse',
+    'services.modules.ipboard',
+    'services.modules.ips4',
+    'services.modules.market',
+    'services.modules.openfire',
+    'services.modules.seat',
+    'services.modules.smf',
+    'services.modules.phpbb3',
+    'services.modules.xenforo',
+    'services.modules.teamspeak3',
+    'django_nose',
+]
+
+MIDDLEWARE = [
+    'django.middleware.security.SecurityMiddleware',
+    'django.contrib.sessions.middleware.SessionMiddleware',
+    'django.middleware.common.CommonMiddleware',
+    'django.middleware.csrf.CsrfViewMiddleware',
+    'django.contrib.auth.middleware.AuthenticationMiddleware',
+    'django.contrib.messages.middleware.MessageMiddleware',
+    'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'django.middleware.locale.LocaleMiddleware',
+]
+
+ROOT_URLCONF = 'alliance_auth.urls'
+
+LOCALE_PATHS = (
+    os.path.join(BASE_DIR, 'locale/'),
+)
+
+ugettext = lambda s: s
+LANGUAGES = (
+    ('en', ugettext('English')),
+    ('de', ugettext('German')),
+)
+
+TEMPLATES = [
+    {
+        'BACKEND': 'django.template.backends.django.DjangoTemplates',
+        'DIRS': [
+            os.path.join(BASE_DIR, 'customization/templates'),
+            os.path.join(BASE_DIR, 'stock/templates'),
+        ],
+        'APP_DIRS': True,
+        'OPTIONS': {
+            'context_processors': [
+                'django.template.context_processors.debug',
+                'django.template.context_processors.request',
+                'django.contrib.auth.context_processors.auth',
+                'django.contrib.messages.context_processors.messages',
+                'django.template.context_processors.i18n',
+                'django.template.context_processors.media',
+                'django.template.context_processors.static',
+                'django.template.context_processors.tz',
+                'services.context_processors.auth_settings',
+                'notifications.context_processors.user_notification_count',
+                'authentication.context_processors.states',
+                'authentication.context_processors.membership_state',
+                'groupmanagement.context_processors.can_manage_groups',
+            ],
+        },
+    },
+]
+
+# Database
+# https://docs.djangoproject.com/en/1.10/ref/settings/#databases
+
+DATABASES = {
+    'default': {
+        'ENGINE': 'django.db.backends.sqlite3',
+        'NAME': 'alliance_auth',
+        'USER': os.environ.get('AA_DB_DEFAULT_USER', None),
+        'PASSWORD': os.environ.get('AA_DB_DEFAULT_PASSWORD', None),
+        'HOST': os.environ.get('AA_DB_DEFAULT_HOST', None)
+    },
+}
+
+LOGIN_URL = 'auth_login_user'
+
+SUPERUSER_STATE_BYPASS = 'True' == os.environ.get('AA_SUPERUSER_STATE_BYPASS', 'True')
+
+# Internationalization
+# https://docs.djangoproject.com/en/1.10/topics/i18n/
+
+LANGUAGE_CODE = os.environ.get('AA_LANGUAGE_CODE', 'en')
+
+TIME_ZONE = os.environ.get('AA_TIME_ZONE', 'UTC')
+
+USE_I18N = True
+
+USE_L10N = True
+
+USE_TZ = True
+
+
+# Static files (CSS, JavaScript, Images)
+
+STATIC_URL = '/static/'
+STATIC_ROOT = os.path.join(BASE_DIR, "static")
+STATICFILES_DIRS = (
+    os.path.join(BASE_DIR, "customization/static"),
+    os.path.join(BASE_DIR, "stock/static"),
+)
+
+# Bootstrap messaging css workaround
+MESSAGE_TAGS = {
+    messages.ERROR: 'danger'
+}
+
+CACHES = {
+    'default': {
+        'BACKEND': 'django.core.cache.backends.dummy.DummyCache',
+    }
+}
+
+#####################################################
+##
+## Auth configuration starts here
+##
+#####################################################
+
+###########################
+# ALLIANCE / CORP TOGGLE
+###########################
+# Specifies to run membership checks against corp or alliance
+# Set to FALSE for alliance
+# Set to TRUE for corp
+###########################
+IS_CORP = 'True' == os.environ.get('AA_IS_CORP', 'True')
+
+#################
+# EMAIL SETTINGS
+#################
+# DOMAIN - The alliance auth domain_url
+# EMAIL_HOST - SMTP Server URL
+# EMAIL_PORT - SMTP Server PORT
+# EMAIL_HOST_USER - Email Username (for gmail, the entire address)
+# EMAIL_HOST_PASSWORD - Email Password
+# EMAIL_USE_TLS - Set to use TLS encryption
+#################
+DOMAIN = os.environ.get('AA_DOMAIN', 'https://example.com')
+EMAIL_HOST = os.environ.get('AA_EMAIL_HOST', 'smtp.example.com')
+EMAIL_PORT = int(os.environ.get('AA_EMAIL_PORT', '587'))
+EMAIL_HOST_USER = os.environ.get('AA_EMAIL_HOST_USER', '')
+EMAIL_HOST_PASSWORD = os.environ.get('AA_EMAIL_HOST_PASSWORD', '')
+EMAIL_USE_TLS = 'True' == os.environ.get('AA_EMAIL_USE_TLS', 'True')
+
+####################
+# Front Page Links
+####################
+# KILLBOARD_URL - URL for your killboard. Blank to hide link
+# MEDIA_URL - URL for your media page (youtube etc). Blank to hide link
+# FORUM_URL - URL for your forums. Blank to hide link
+# SITE_NAME - Name of the auth site.
+####################
+KILLBOARD_URL = os.environ.get('AA_KILLBOARD_URL', '')
+EXTERNAL_MEDIA_URL = os.environ.get('AA_EXTERNAL_MEDIA_URL', '')
+FORUM_URL = os.environ.get('AA_FORUM_URL', '')
+SITE_NAME = os.environ.get('AA_SITE_NAME', 'Test Alliance Auth')
+
+###################
+# SSO Settings
+###################
+# Optional SSO.
+# Get client ID and client secret from registering an app at
+# https://developers.eveonline.com/
+# Callback URL should be http://mydomain.com/sso/callback
+# Leave callback blank to hide SSO button on login page
+###################
+ESI_SSO_CLIENT_ID = os.environ.get('AA_ESI_SSO_CLIENT_ID', '')
+ESI_SSO_CLIENT_SECRET = os.environ.get('AA_ESI_SSO_CLIENT_SECRET', '')
+ESI_SSO_CALLBACK_URL = os.environ.get('AA_ESI_SSO_CALLBACK_URL', '')
+
+#########################
+# Default Group Settings
+#########################
+# DEFAULT_AUTH_GROUP - Default group members are put in
+# DEFAULT_BLUE_GROUP - Default group for blue members
+# MEMBER_CORP_GROUPS - Assign members to a group representing their main corp
+# BLUE_CORP_GROUPS - Assign blues to a group representing their main corp
+#########################
+DEFAULT_AUTH_GROUP = os.environ.get('AA_DEFAULT_ALLIANCE_GROUP', 'Member')
+DEFAULT_BLUE_GROUP = os.environ.get('AA_DEFAULT_BLUE_GROUP', 'Blue')
+MEMBER_CORP_GROUPS = 'True' == os.environ.get('AA_MEMBER_CORP_GROUPS', 'True')
+MEMBER_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_MEMBER_ALLIANCE_GROUPS', 'False')
+BLUE_CORP_GROUPS = 'True' == os.environ.get('AA_BLUE_CORP_GROUPS', 'False')
+BLUE_ALLIANCE_GROUPS = 'True' == os.environ.get('AA_BLUE_ALLIANCE_GROUPS', 'False')
+
+#########################
+# Corp Configuration
+#########################
+# If running in alliance mode, the following should be for the executor corp#
+# CORP_ID - Set this to your corp ID (get this from https://zkillboard.com/corporation/#######)
+# CORP_NAME - Set this to your Corporation Name
+# CORP_API_ID - Set this to the api id for the corp API key
+# CORP_API_VCODE - Set this to the api vcode for the corp API key
+########################
+CORP_ID = os.environ.get('AA_CORP_ID', '1234')
+CORP_NAME = os.environ.get('AA_CORP_NAME', 'Alliance Auth Test Corp')
+CORP_API_ID = os.environ.get('AA_CORP_API_ID', '')
+CORP_API_VCODE = os.environ.get('AA_CORP_API_VCODE', '')
+
+#########################
+# Alliance Configuration
+#########################
+# ALLIANCE_ID - Set this to your Alliance ID (get this from https://zkillboard.com/alliance/#######)
+# ALLIANCE_NAME - Set this to your Alliance Name
+########################
+ALLIANCE_ID = os.environ.get('AA_ALLIANCE_ID', '12345')
+ALLIANCE_NAME = os.environ.get('AA_ALLIANCE_NAME', 'Alliance Auth Test Alliance')
+
+########################
+# API Configuration
+########################
+# MEMBER_API_MASK - Numeric value of minimum API mask required for members
+# MEMBER_API_ACCOUNT - Require API to be for Account and not character restricted
+# BLUE_API_MASK - Numeric value of minimum API mask required for blues
+# BLUE_API_ACCOUNT - Require API to be for Account and not character restricted
+# REJECT_OLD_APIS - Require each submitted API be newer than the latest submitted API
+# REJECT_OLD_APIS_MARGIN - Margin from latest submitted API ID within which a newly submitted API is still accepted
+# API_SSO_VALIDATION - Require users to prove ownership of newly entered API keys via SSO
+#                      Requires SSO to be configured.
+#######################
+MEMBER_API_MASK = os.environ.get('AA_MEMBER_API_MASK', 268435455)
+MEMBER_API_ACCOUNT = 'True' == os.environ.get('AA_MEMBER_API_ACCOUNT', 'True')
+BLUE_API_MASK = os.environ.get('AA_BLUE_API_MASK', 8388608)
+BLUE_API_ACCOUNT = 'True' == os.environ.get('AA_BLUE_API_ACCOUNT', 'True')
+REJECT_OLD_APIS = 'True' == os.environ.get('AA_REJECT_OLD_APIS', 'False')
+REJECT_OLD_APIS_MARGIN = os.environ.get('AA_REJECT_OLD_APIS_MARGIN', 50)
+API_SSO_VALIDATION = 'True' == os.environ.get('AA_API_SSO_VALIDATION', 'False')
+
+#######################
+# EVE Provider Settings
+#######################
+# EVEONLINE_CHARACTER_PROVIDER - Name of default data source for getting eve character data
+# EVEONLINE_CORP_PROVIDER - Name of default data source for getting eve corporation data
+# EVEONLINE_ALLIANCE_PROVIDER - Name of default data source for getting eve alliance data
+# EVEONLINE_ITEMTYPE_PROVIDER - Name of default data source for getting eve item type data
+#
+# Available sources are 'esi' and 'xml'. Leaving blank results in the default 'esi' being used.
+#######################
+EVEONLINE_CHARACTER_PROVIDER = os.environ.get('AA_EVEONLINE_CHARACTER_PROVIDER', 'xml')
+EVEONLINE_CORP_PROVIDER = os.environ.get('AA_EVEONLINE_CORP_PROVIDER', 'xml')
+EVEONLINE_ALLIANCE_PROVIDER = os.environ.get('AA_EVEONLINE_ALLIANCE_PROVIDER', 'xml')
+EVEONLINE_ITEMTYPE_PROVIDER = os.environ.get('AA_EVEONLINE_ITEMTYPE_PROVIDER', 'xml')
+
+#####################
+# Alliance Market
+#####################
+MARKET_URL = os.environ.get('AA_MARKET_URL', 'http://yourdomain.com/market')
+
+#####################
+# HR Configuration
+#####################
+# JACK_KNIFE_URL - Url for the audit page of API Jack knife
+#                  Should seriously replace with your own.
+#####################
+JACK_KNIFE_URL = os.environ.get('AA_JACK_KNIFE_URL', 'http://example.com/eveapi/audit.php')
+
+#####################
+# Forum Configuration
+#####################
+# IPBOARD_ENDPOINT - Api endpoint if using ipboard
+# IPBOARD_APIKEY - Api key to interact with ipboard
+# IPBOARD_APIMODULE - Module for alliance auth *leave alone*
+#####################
+IPBOARD_ENDPOINT = os.environ.get('AA_IPBOARD_ENDPOINT', 'example.com/interface/board/index.php')
+IPBOARD_APIKEY = os.environ.get('AA_IPBOARD_APIKEY', 'somekeyhere')
+IPBOARD_APIMODULE = 'aa'
+
+########################
+# XenForo Configuration
+########################
+XENFORO_ENDPOINT = os.environ.get('AA_XENFORO_ENDPOINT', 'example.com/api.php')
+XENFORO_DEFAULT_GROUP = os.environ.get('AA_XENFORO_DEFAULT_GROUP', 0)
+XENFORO_APIKEY   = os.environ.get('AA_XENFORO_APIKEY', 'yourapikey')
+#####################
+
+######################
+# Jabber Configuration
+######################
+# JABBER_URL - Jabber address url
+# JABBER_PORT - Jabber service portal
+# JABBER_SERVER - Jabber server url
+# OPENFIRE_ADDRESS - Address of the openfire admin console including port
+#                    Please use http with 9090 or https with 9091
+# OPENFIRE_SECRET_KEY - Openfire REST API secret key
+# BROADCAST_USER - Broadcast user JID
+# BROADCAST_USER_PASSWORD - Broadcast user password
+######################
+JABBER_URL = os.environ.get('AA_JABBER_URL', "example.com")
+JABBER_PORT = int(os.environ.get('AA_JABBER_PORT', '5223'))
+JABBER_SERVER = os.environ.get('AA_JABBER_SERVER', "example.com")
+OPENFIRE_ADDRESS = os.environ.get('AA_OPENFIRE_ADDRESS', "http://example.com:9090")
+OPENFIRE_SECRET_KEY = os.environ.get('AA_OPENFIRE_SECRET_KEY', "somekey")
+BROADCAST_USER = os.environ.get('AA_BROADCAST_USER', "broadcast@") + JABBER_URL
+BROADCAST_USER_PASSWORD = os.environ.get('AA_BROADCAST_USER_PASSWORD', "somepassword")
+BROADCAST_SERVICE_NAME = os.environ.get('AA_BROADCAST_SERVICE_NAME', "broadcast")
+
+######################################
+# Mumble Configuration
+######################################
+# MUMBLE_URL - Mumble server url
+# MUMBLE_SERVER_ID - Mumble server id
+######################################
+MUMBLE_URL = os.environ.get('AA_MUMBLE_URL', "example.com")
+MUMBLE_SERVER_ID = int(os.environ.get('AA_MUMBLE_SERVER_ID', '1'))
+
+######################################
+# PHPBB3 Configuration
+######################################
+
+######################################
+# Teamspeak3 Configuration
+######################################
+# TEAMSPEAK3_SERVER_IP - Teamspeak3 server ip
+# TEAMSPEAK3_SERVER_PORT - Teamspeak3 server port
+# TEAMSPEAK3_SERVERQUERY_USER - Teamspeak3 serverquery username
+# TEAMSPEAK3_SERVERQUERY_PASSWORD - Teamspeak3 serverquery password
+# TEAMSPEAK3_VIRTUAL_SERVER - Virtual server id
+# TEAMSPEAK3_AUTHED_GROUP_ID - Default authed group id
+# TEAMSPEAK3_PUBLIC_URL - teamspeak3 public url used for link creation
+######################################
+TEAMSPEAK3_SERVER_IP = os.environ.get('AA_TEAMSPEAK3_SERVER_IP', '127.0.0.1')
+TEAMSPEAK3_SERVER_PORT = int(os.environ.get('AA_TEAMSPEAK3_SERVER_PORT', '10011'))
+TEAMSPEAK3_SERVERQUERY_USER = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_USER', 'serveradmin')
+TEAMSPEAK3_SERVERQUERY_PASSWORD = os.environ.get('AA_TEAMSPEAK3_SERVERQUERY_PASSWORD', 'passwordhere')
+TEAMSPEAK3_VIRTUAL_SERVER = int(os.environ.get('AA_TEAMSPEAK3_VIRTUAL_SERVER', '1'))
+TEAMSPEAK3_PUBLIC_URL = os.environ.get('AA_TEAMSPEAK3_PUBLIC_URL', 'example.com')
+
+######################################
+# Discord Configuration
+######################################
+# DISCORD_GUILD_ID - ID of the guild to manage
+# DISCORD_BOT_TOKEN - oauth token of the app bot user
+# DISCORD_INVITE_CODE - invite code to the server
+# DISCORD_APP_ID - oauth app client ID
+# DISCORD_APP_SECRET - oauth app secret
+# DISCORD_CALLBACK_URL - oauth callback url
+# DISCORD_SYNC_NAMES - enable to force discord nicknames to be set to eve char name (bot needs Manage Nicknames permission)
+######################################
+DISCORD_GUILD_ID = os.environ.get('AA_DISCORD_GUILD_ID', '')
+DISCORD_BOT_TOKEN = os.environ.get('AA_DISCORD_BOT_TOKEN', '')
+DISCORD_INVITE_CODE = os.environ.get('AA_DISCORD_INVITE_CODE', '')
+DISCORD_APP_ID = os.environ.get('AA_DISCORD_APP_ID', '')
+DISCORD_APP_SECRET = os.environ.get('AA_DISCORD_APP_SECRET', '')
+DISCORD_CALLBACK_URL = os.environ.get('AA_DISCORD_CALLBACK_URL', 'http://example.com/discord_callback')
+DISCORD_SYNC_NAMES = 'True' == os.environ.get('AA_DISCORD_SYNC_NAMES', 'False')
+
+######################################
+# Discourse Configuration
+######################################
+# DISCOURSE_URL - Web address of the forums (no trailing slash)
+# DISCOURSE_API_USERNAME - API account username
+# DISCOURSE_API_KEY - API Key
+# DISCOURSE_SSO_SECRET - SSO secret key
+######################################
+DISCOURSE_URL = os.environ.get('AA_DISCOURSE_URL', 'https://example.com')
+DISCOURSE_API_USERNAME = os.environ.get('AA_DISCOURSE_API_USERNAME', '')
+DISCOURSE_API_KEY = os.environ.get('AA_DISCOURSE_API_KEY', '')
+DISCOURSE_SSO_SECRET = 'd836444a9e4084d5b224a60c208dce14'
+# Example secret from https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045
+
+#####################################
+# IPS4 Configuration
+#####################################
+# IPS4_URL - base url of the IPS4 install (no trailing slash)
+# IPS4_API_KEY - API key provided by IPS4
+#####################################
+IPS4_URL = os.environ.get('AA_IPS4_URL', 'http://example.com/ips4')
+IPS4_API_KEY = os.environ.get('AA_IPS4_API_KEY', '')
+
+#####################################
+# SEAT Configuration
+#####################################
+# SEAT_URL - base url of the seat install (no trailing slash)
+# SEAT_XTOKEN - API key X-Token provided by SeAT
+#####################################
+SEAT_URL = os.environ.get('AA_SEAT_URL', 'http://example.com/seat')
+SEAT_XTOKEN = os.environ.get('AA_SEAT_XTOKEN', 'tokentokentoken')
+
+######################################
+# SMF Configuration
+######################################
+SMF_URL = os.environ.get('AA_SMF_URL', '')
+
+######################################
+# Fleet-Up Configuration
+######################################
+# FLEETUP_APP_KEY - The app key from http://fleet-up.com/Api/MyApps
+# FLEETUP_USER_ID - The user id from http://fleet-up.com/Api/MyKeys
+# FLEETUP_API_ID - The API id from http://fleet-up.com/Api/MyKeys
+# FLEETUP_GROUP_ID - The id of the group you want to pull data from, see http://fleet-up.com/Api/Endpoints#groups_mygroupmemberships
+######################################
+FLEETUP_APP_KEY = os.environ.get('AA_FLEETUP_APP_KEY', '')
+FLEETUP_USER_ID = os.environ.get('AA_FLEETUP_USER_ID', '')
+FLEETUP_API_ID = os.environ.get('AA_FLEETUP_API_ID', '')
+FLEETUP_GROUP_ID = os.environ.get('AA_FLEETUP_GROUP_ID', '')
+
+PASSWORD_HASHERS = [
+    'django.contrib.auth.hashers.MD5PasswordHasher',
+]
+
+
+LOGGING = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'formatters': {
+        'verbose': {
+            'format' : "[%(asctime)s] %(levelname)s [%(name)s:%(lineno)s] %(message)s",
+            'datefmt' : "%d/%b/%Y %H:%M:%S"
+        },
+        'simple': {
+            'format': '%(levelname)s %(message)s'
+        },
+    },
+    'handlers': {
+        'console': {
+            'level': 'DEBUG',        # edit this line to change logging level to console
+            'class': 'logging.StreamHandler',
+            'formatter': 'verbose',
+        },
+        'notifications': {           # creates notifications for users with logging_notifications permission
+            'level': 'ERROR',        # edit this line to change logging level to notifications
+            'class': 'notifications.handlers.NotificationHandler',
+            'formatter': 'verbose',
+        },
+    },
+    'loggers': {
+        'authentication': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'celerytask': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'eveonline': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'groupmanagement': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'hrapplications': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'portal': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'registration': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'services': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'srp': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'timerboard': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'sigtracker': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'optimer': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'corputils': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'fleetactivitytracking': {
+            'handlers': ['console', 'notifications'],
+            'level': 'ERROR',
+        },
+        'util': {
+            'handlers': ['console', 'notifications'],
+            'level': 'DEBUG',
+        },
+        'django': {
+            'handlers': ['console', 'notifications'],
+            'level': 'ERROR',
+        },
+    }
+}
+
+LOGGING = None  # Comment out to enable logging for debugging
--- a/alliance_auth/urls.py
+++ b/alliance_auth/urls.py
@@ -10,13 +10,19 @@ import services.views
 import groupmanagement.views
 import optimer.views
 import timerboard.views
-import corputils.views
 import fleetactivitytracking.views
 import fleetup.views
 import srp.views
 import notifications.views
 import hrapplications.views
-import eve_sso.urls
+import corputils.urls
+import esi.urls
+import permissions_tool.urls
+from alliance_auth import NAME
+
+admin.site.site_header = NAME
+
+from alliance_auth.hooks import get_hooks

 # Functional/Untranslated URL's
 urlpatterns = [
@@ -27,8 +33,8 @@ urlpatterns = [
    url(r'^admin/', include(admin.site.urls)),

    # SSO
-    url (r'^sso/', include(eve_sso.urls, namespace='eve_sso')),
-    url (r'^sso/login$', authentication.views.sso_login, name='auth_sso_login'),
+    url(r'^sso/', include(esi.urls, namespace='esi')),
+    url(r'^sso/login$', authentication.views.sso_login, name='auth_sso_login'),

    # Index
    url(_(r'^$'), authentication.views.index_view, name='auth_index'),
@@ -41,85 +47,6 @@ urlpatterns = [
        name='auth_main_character_change'),
    url(r'^api_verify_owner/(\w+)/$', eveonline.views.api_sso_validate, name='auth_api_sso'),

-    # Forum Service Control
-    url(r'^activate_forum/$', services.views.activate_forum, name='auth_activate_forum'),
-    url(r'^deactivate_forum/$', services.views.deactivate_forum, name='auth_deactivate_forum'),
-    url(r'^reset_forum_password/$', services.views.reset_forum_password,
-        name='auth_reset_forum_password'),
-    url(r'^set_forum_password/$', services.views.set_forum_password, name='auth_set_forum_password'),
-
-    # Jabber Service Control
-    url(r'^activate_jabber/$', services.views.activate_jabber, name='auth_activate_jabber'),
-    url(r'^deactivate_jabber/$', services.views.deactivate_jabber, name='auth_deactivate_jabber'),
-    url(r'^reset_jabber_password/$', services.views.reset_jabber_password,
-        name='auth_reset_jabber_password'),
-
-    # Mumble service control
-    url(r'^activate_mumble/$', services.views.activate_mumble, name='auth_activate_mumble'),
-    url(r'^deactivate_mumble/$', services.views.deactivate_mumble, name='auth_deactivate_mumble'),
-    url(r'^reset_mumble_password/$', services.views.reset_mumble_password,
-        name='auth_reset_mumble_password'),
-    url(r'^set_mumble_password/$', services.views.set_mumble_password, name='auth_set_mumble_password'),
-
-    # Ipboard service control
-    url(r'^activate_ipboard/$', services.views.activate_ipboard_forum,
-        name='auth_activate_ipboard'),
-    url(r'^deactivate_ipboard/$', services.views.deactivate_ipboard_forum,
-        name='auth_deactivate_ipboard'),
-    url(r'^reset_ipboard_password/$', services.views.reset_ipboard_password,
-        name='auth_reset_ipboard_password'),
-    url(r'^set_ipboard_password/$', services.views.set_ipboard_password, name='auth_set_ipboard_password'),
-
-    # XenForo service control
-    url(r'^activate_xenforo/$', services.views.activate_xenforo_forum,
-        name='auth_activate_xenforo'),
-    url(r'^deactivate_xenforo/$', services.views.deactivate_xenforo_forum,
-        name='auth_deactivate_xenforo'),
-    url(r'^reset_xenforo_password/$', services.views.reset_xenforo_password,
-        name='auth_reset_xenforo_password'),
-    url(r'^set_xenforo_password/$', services.views.set_xenforo_password, name='auth_set_xenforo_password'),
-
-    # Teamspeak3 service control
-    url(r'^activate_teamspeak3/$', services.views.activate_teamspeak3,
-        name='auth_activate_teamspeak3'),
-    url(r'^deactivate_teamspeak3/$', services.views.deactivate_teamspeak3,
-        name='auth_deactivate_teamspeak3'),
-    url(r'reset_teamspeak3_perm/$', services.views.reset_teamspeak3_perm,
-        name='auth_reset_teamspeak3_perm'),
-
-    # Discord Service Control
-    url(r'^activate_discord/$', services.views.activate_discord, name='auth_activate_discord'),
-    url(r'^deactivate_discord/$', services.views.deactivate_discord, name='auth_deactivate_discord'),
-    url(r'^reset_discord/$', services.views.reset_discord, name='auth_reset_discord'),
-    url(r'^discord_callback/$', services.views.discord_callback, name='auth_discord_callback'),
-    url(r'^discord_add_bot/$', services.views.discord_add_bot, name='auth_discord_add_bot'),
-
-    # Discourse Service Control
-    url(r'^discourse_sso$', services.views.discourse_sso, name='auth_discourse_sso'),
-
-    # IPS4 Service Control
-    url(r'^activate_ips4/$', services.views.activate_ips4,
-        name='auth_activate_ips4'),
-    url(r'^deactivate_ips4/$', services.views.deactivate_ips4,
-        name='auth_deactivate_ips4'),
-    url(r'^reset_ips4_password/$', services.views.reset_ips4_password,
-        name='auth_reset_ips4_password'),
-    url(r'^set_ips4_password/$', services.views.set_ips4_password, name='auth_set_ips4_password'),
-
-    # SMF Service Control
-    url(r'^activate_smf/$', services.views.activate_smf, name='auth_activate_smf'),
-    url(r'^deactivate_smf/$', services.views.deactivate_smf, name='auth_deactivate_smf'),
-    url(r'^reset_smf_password/$', services.views.reset_smf_password,
-        name='auth_reset_smf_password'),
-    url(r'^set_smf_password/$', services.views.set_smf_password, name='auth_set_smf_password'),
-
-    # Alliance Market Control
-    url(r'^activate_market/$', services.views.activate_market, name='auth_activate_market'),
-    url(r'^deactivate_market/$', services.views.deactivate_market, name='auth_deactivate_market'),
-    url(r'^reset_market_password/$', services.views.reset_market_password,
-        name='auth_reset_market_password'),
-    url(r'^set_market_password/$', services.views.set_market_password, name='auth_set_market_password'),
-
    # SRP URLS
    url(r'^srp_fleet_remove/(\w+)$', srp.views.srp_fleet_remove, name='auth_srp_fleet_remove'),
    url(r'^srp_fleet_disable/(\w+)$', srp.views.srp_fleet_disable, name='auth_srp_fleet_disable'),
@@ -144,14 +71,6 @@ urlpatterns = [
 # User viewed/translated URLS
 urlpatterns += i18n_patterns(

-    # corputils
-    url(r'^corputils/$', corputils.views.corp_member_view, name='auth_corputils'),
-    url(r'^corputils/(?P<corpid>[0-9]+)/$', corputils.views.corp_member_view, name='auth_corputils_corp_view'),
-    url(r'^corputils/(?P<corpid>[0-9]+)/(?P<year>[0-9]+)/(?P<month>[0-9]+)/$', corputils.views.corp_member_view,
-        name='auth_corputils_month'),
-    url(r'^corputils/search/$', corputils.views.corputils_search, name="auth_corputils_search"),
-    url(r'^corputils/search/(?P<corpid>[0-9]+)/$', corputils.views.corputils_search, name='auth_corputils_search_corp'),
-
    # Fleetup
    url(r'^fleetup/$', fleetup.views.fleetup_view, name='auth_fleetup_view'),
    url(r'^fleetup/fittings/$', fleetup.views.fleetup_fittings, name='auth_fleetup_fittings'),
@@ -177,21 +96,28 @@ urlpatterns += i18n_patterns(
        django.contrib.auth.views.password_reset_confirm, name='password_reset_confirm'),

    # Portal Urls
-    url(_(r'^dashboard/$'), authentication.views.dashboard_view, name='auth_dashboard'),
+    url(_(r'^dashboard/$'), eveonline.views.dashboard_view, name='auth_dashboard'),
    url(_(r'^help/$'), authentication.views.help_view, name='auth_help'),

    # Eveonline Urls
    url(_(r'^add_api_key/'), eveonline.views.add_api_key, name='auth_add_api_key'),
-    url(_(r'^api_key_management/'), eveonline.views.api_key_management_view,
-        name='auth_api_key_management'),
    url(_(r'^refresh_api_pair/([0-9]+)/$'), eveonline.views.user_refresh_api, name='auth_user_refresh_api'),
    url(_(r'^delete_api_pair/(\w+)/$'), eveonline.views.api_key_removal, name='auth_api_key_removal'),
    url(_(r'^characters/'), eveonline.views.characters_view, name='auth_characters'),
+    
+    # Corputils
+    url(_(r'^corpstats/'), include(corputils.urls, namespace='corputils')),

    # Group management
    url(_(r'^groups/'), groupmanagement.views.groups_view, name='auth_groups'),
    url(_(r'^group/management/'), groupmanagement.views.group_management,
        name='auth_group_management'),
+    url(_(r'^group/membership/$'), groupmanagement.views.group_membership,
+        name='auth_group_membership'),
+    url(_(r'^group/membership/(\w+)/$'), groupmanagement.views.group_membership_list,
+        name='auth_group_membership_list'),
+    url(_(r'^group/membership/(\w+)/remove/(\w+)/$'), groupmanagement.views.group_membership_remove,
+        name='auth_group_membership_remove'),
    url(_(r'^group/request_add/(\w+)'), groupmanagement.views.group_request_add,
        name='auth_group_request_add'),
    url(_(r'^group/request/accept/(\w+)'), groupmanagement.views.group_accept_request,
@@ -239,17 +165,6 @@ urlpatterns += i18n_patterns(

    # Service Urls
    url(_(r'^services/$'), services.views.services_view, name='auth_services'),
-    url(_(r'^services/jabber_broadcast/$'), services.views.jabber_broadcast_view,
-        name='auth_jabber_broadcast_view'),
-
-    # Teamspeak Urls
-    url(r'verify_teamspeak3/$', services.views.verify_teamspeak3, name='auth_verify_teamspeak3'),
-
-    # corputils
-    url(_(r'^corputils/$'), corputils.views.corp_member_view, name='auth_corputils'),
-    url(_(r'^corputils/(?P<corpid>[0-9]+)/$'), corputils.views.corp_member_view, name='auth_corputils_corp_view'),
-    url(_(r'^corputils/search/$'), corputils.views.corputils_search, name="auth_corputils_search"),
-    url(_(r'^corputils/search/(?P<corpid>[0-9]+)/$'), corputils.views.corputils_search, name='auth_corputils_search_corp'),

    # Timer URLS
    url(_(r'^timers/$'), timerboard.views.timer_view, name='auth_timer_view'),
@@ -275,9 +190,6 @@ urlpatterns += i18n_patterns(
    url(_(r'^notifications/$'), notifications.views.notification_list, name='auth_notification_list'),
    url(_(r'^notifications/(\w+)/$'), notifications.views.notification_view, name='auth_notification_view'),

-    # Jabber
-    url(_(r'^set_jabber_password/$'), services.views.set_jabber_password, name='auth_set_jabber_password'),
-
    # FleetActivityTracking (FAT)
    url(r'^fat/$', fleetactivitytracking.views.fatlink_view, name='auth_fatlink_view'),
    url(r'^fat/statistics/$', fleetactivitytracking.views.fatlink_statistics_view, name='auth_fatlink_view_statistics'),
@@ -300,4 +212,12 @@ urlpatterns += i18n_patterns(
    url(r'^fat/link/$', fleetactivitytracking.views.fatlink_view, name='auth_click_fatlink_view'),
    url(r'^fat/link/(?P<hash>[a-zA-Z0-9]+)/(?P<fatname>[a-z0-9_-]+)/$',
        fleetactivitytracking.views.click_fatlink_view),
+
+    url(r'^permissions/', include(permissions_tool.urls))
 )
+
+# Append hooked service urls
+services = get_hooks('services_hook')
+for svc in services:
+    urlpatterns += svc().urlpatterns
+
--- a/authentication/admin.py
+++ b/authentication/admin.py
@@ -1,22 +1,19 @@
 from __future__ import unicode_literals

 from django.contrib import admin
+from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
+from django.contrib.auth.models import User
+from django.utils.text import slugify

 from authentication.models import AuthServicesInfo
 from eveonline.models import EveCharacter
-from services.tasks import update_jabber_groups
-from services.tasks import update_mumble_groups
-from services.tasks import update_forum_groups
-from services.tasks import update_ipboard_groups
-from services.tasks import update_smf_groups
-from services.tasks import update_teamspeak3_groups
-from services.tasks import update_discord_groups
-from services.tasks import update_discord_nickname
-from services.tasks import update_discourse_groups
+from alliance_auth.hooks import get_hooks
+from services.hooks import ServicesHook


@admin.register(AuthServicesInfo)
 class AuthServicesInfoManager(admin.ModelAdmin):
+
    @staticmethod
    def main_character(obj):
        if obj.main_char_id:
@@ -26,120 +23,77 @@ class AuthServicesInfoManager(admin.ModelAdmin):
                pass
        return None

-    def sync_jabber(self, request, queryset):
-        count = 0
-        for a in queryset:  # queryset filtering doesn't work here?
-            if a.jabber_username != "":
-                update_jabber_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s jabber accounts queued for group sync." % count)
+    @staticmethod
+    def has_delete_permission(request, obj=None):
+        return False

-    sync_jabber.short_description = "Sync groups for selected jabber accounts"
-
-    def sync_mumble(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.mumble_username != "":
-                update_mumble_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s mumble accounts queued for group sync." % count)
-
-    sync_mumble.short_description = "Sync groups for selected mumble accounts"
-
-    def sync_forum(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.forum_username != "":
-                update_forum_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s forum accounts queued for group sync." % count)
-
-    sync_forum.short_description = "Sync groups for selected forum accounts"
-
-    def sync_ipboard(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.ipboard_username != "":
-                update_ipboard_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s ipboard accounts queued for group sync." % count)
-
-    sync_ipboard.short_description = "Sync groups for selected ipboard accounts"
-
-    def sync_smf(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.smf_username != "":
-                update_smf_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s smf accounts queued for group sync." % count)
-
-    sync_smf.short_description = "Sync groups for selected smf accounts"
-
-    def sync_teamspeak(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.teamspeak3_uid != "":
-                update_teamspeak3_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s teamspeak accounts queued for group sync." % count)
-
-    sync_teamspeak.short_description = "Sync groups for selected teamspeak accounts"
-
-    def sync_discord(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.discord_uid != "":
-                update_discord_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s discord accounts queued for group sync." % count)
-
-    sync_discord.short_description = "Sync groups for selected discord accounts"
-
-    def sync_discourse(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.discourse_enabled:
-                update_discourse_groups.delay(a.user.pk)
-                count += 1
-        self.message_user(request, "%s discourse accounts queued for group sync." % count)
-
-    sync_discourse.short_description = "Sync groups for selected discourse accounts"
-
-    def sync_nicknames(self, request, queryset):
-        count = 0
-        for a in queryset:
-            if a.discord_uid != "":
-                update_discord_nickname(a.user.pk)
-                count += 1
-        self.message_user(request, "%s discord accounts queued for nickname sync." % count)
-
-    sync_nicknames.short_description = "Sync nicknames for selected discord accounts"
-
-    actions = [
-        'sync_jabber',
-        'sync_mumble',
-        'sync_forum',
-        'sync_ipboard',
-        'sync_smf',
-        'sync_teamspeak',
-        'sync_discord',
-        'sync_discourse',
-        'sync_nicknames',
-    ]
+    @staticmethod
+    def has_add_permission(request, obj=None):
+        return False

    search_fields = [
        'user__username',
-        'ipboard_username',
-        'xenforo_username',
-        'forum_username',
-        'jabber_username',
-        'mumble_username',
-        'teamspeak3_uid',
-        'discord_uid',
-        'ips4_username',
-        'smf_username',
-        'market_username',
        'main_char_id',
    ]
    list_display = ('user', 'main_character')
+
+
+def make_service_hooks_update_groups_action(service):
+    """
+    Make a admin action for the given service
+    :param service: services.hooks.ServicesHook
+    :return: fn to update services groups for the selected users
+    """
+    def update_service_groups(modeladmin, request, queryset):
+        for user in queryset:  # queryset filtering doesn't work here?
+            service.update_groups(user)
+
+    update_service_groups.__name__ = str('update_{}_groups'.format(slugify(service.name)))
+    update_service_groups.short_description = "Sync groups for selected {} accounts".format(service.title)
+    return update_service_groups
+
+
+def make_service_hooks_sync_nickname_action(service):
+    """
+    Make a sync_nickname admin action for the given service
+    :param service: services.hooks.ServicesHook
+    :return: fn to sync nickname for the selected users
+    """
+    def sync_nickname(modeladmin, request, queryset):
+        for user in queryset:  # queryset filtering doesn't work here?
+            service.sync_nickname(user)
+
+    sync_nickname.__name__ = str('sync_{}_nickname'.format(slugify(service.name)))
+    sync_nickname.short_description = "Sync nicknames for selected {} accounts".format(service.title)
+    return sync_nickname
+
+
+class UserAdmin(BaseUserAdmin):
+    """
+    Extending Django's UserAdmin model
+    """
+    def get_actions(self, request):
+        actions = super(BaseUserAdmin, self).get_actions(request)
+
+        for hook in get_hooks('services_hook'):
+            svc = hook()
+            # Check update_groups is redefined/overloaded
+            if svc.update_groups.__module__ != ServicesHook.update_groups.__module__:
+                action = make_service_hooks_update_groups_action(svc)
+                actions[action.__name__] = (action,
+                                            action.__name__,
+                                            action.short_description)
+            # Create sync nickname action if service implements it
+            if svc.sync_nickname.__module__ != ServicesHook.sync_nickname.__module__:
+                action = make_service_hooks_sync_nickname_action(svc)
+                actions[action.__name__] = (action,
+                                            action.__name__,
+                                            action.short_description)
+
+        return actions
+
+# Re-register UserAdmin
+try:
+    admin.site.unregister(User)
+finally:
+    admin.site.register(User, UserAdmin)
--- a/authentication/context_processors.py
+++ b/authentication/context_processors.py
@@ -1,14 +1,11 @@
 from __future__ import unicode_literals
-from authentication.models import AuthServicesInfo
 from authentication.states import NONE_STATE, BLUE_STATE, MEMBER_STATE
+from authentication.managers import UserState
 from django.conf import settings


 def membership_state(request):
-    if request.user.is_authenticated:
-        auth = AuthServicesInfo.objects.get_or_create(user=request.user)[0]
-        return {'STATE': auth.state}
-    return {'STATE': NONE_STATE}
+    return UserState.get_membership_state(request)


 def states(request):
@@ -18,8 +15,3 @@ def states(request):
        'NONE_STATE': NONE_STATE,
        'MEMBER_BLUE_STATE': [MEMBER_STATE, BLUE_STATE],
    }
-
-def sso(request):
-    return {
-        'EVE_SSO_CALLBACK_URL': settings.EVE_SSO_CALLBACK_URL,
-    }
--- a/authentication/decorators.py
+++ b/authentication/decorators.py
@@ -1,33 +1,23 @@
 from __future__ import unicode_literals
 from django.contrib.auth.decorators import user_passes_test
-from authentication.models import AuthServicesInfo
-from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE
-from django.conf import settings
+from authentication.managers import UserState


-def _state_required(states, *args, **kwargs):
-    def test_func(user):
-        if user.is_superuser and settings.SUPERUSER_STATE_BYPASS:
-            return True
-        if user.is_authenticated:
-            auth = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            return auth.state in states
-        return False
-
-    return user_passes_test(test_func, *args, **kwargs)
+def _state_required(state_test, *args, **kwargs):
+    return user_passes_test(state_test, *args, **kwargs)


 def members(*args, **kwargs):
-    return _state_required([MEMBER_STATE], *args, **kwargs)
+    return _state_required(UserState.member_state, *args, **kwargs)


 def blues(*args, **kwargs):
-    return _state_required([BLUE_STATE], *args, **kwargs)
+    return _state_required(UserState.blue_state, *args, **kwargs)


 def members_and_blues(*args, **kwargs):
-    return _state_required([MEMBER_STATE, BLUE_STATE], *args, **kwargs)
+    return _state_required(UserState.member_or_blue_state, *args, **kwargs)


 def none_state(*args, **kwargs):
-    return _state_required([NONE_STATE], *args, **kwargs)
+    return _state_required(UserState.none_state, *args, **kwargs)
--- a/authentication/managers.py
+++ b/authentication/managers.py
@@ -1,6 +1,7 @@
 from __future__ import unicode_literals
 from django.contrib.auth.models import User
-
+from django.conf import settings
+from authentication.states import NONE_STATE, BLUE_STATE, MEMBER_STATE
 from authentication.models import AuthServicesInfo

 import logging
@@ -16,130 +17,59 @@ class AuthServicesInfoManager:
    def update_main_char_id(char_id, user):
        if User.objects.filter(username=user.username).exists():
            logger.debug("Updating user %s main character to id %s" % (user, char_id))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
+            authserviceinfo = AuthServicesInfo.objects.get(user=user)
            authserviceinfo.main_char_id = char_id
            authserviceinfo.save(update_fields=['main_char_id'])
            logger.info("Updated user %s main character to id %s" % (user, char_id))
        else:
            logger.error("Failed to update user %s main character id to %s: user does not exist." % (user, char_id))

-    @staticmethod
-    def update_user_forum_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s forum info: username %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.forum_username = username
-            authserviceinfo.save(update_fields=['forum_username'])
-            logger.info("Updated user %s forum info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s forum info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_jabber_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s jabber info: username %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.jabber_username = username
-            authserviceinfo.save(update_fields=['jabber_username'])
-            logger.info("Updated user %s jabber info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s jabber info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_mumble_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s mumble info: username %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.mumble_username = username
-            authserviceinfo.save(update_fields=['mumble_username'])
-            logger.info("Updated user %s mumble info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s mumble info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_ipboard_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s ipboard info: uername %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.ipboard_username = username
-            authserviceinfo.save(update_fields=['ipboard_username'])
-            logger.info("Updated user %s ipboard info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s ipboard info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_xenforo_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s xenforo info: uername %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.xenforo_username = username
-            authserviceinfo.save(update_fields=['xenforo_username'])
-            logger.info("Updated user %s xenforo info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s xenforo info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_teamspeak3_info(uid, perm_key, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s teamspeak3 info: uid %s" % (user, uid))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.teamspeak3_uid = uid
-            authserviceinfo.teamspeak3_perm_key = perm_key
-            authserviceinfo.save(update_fields=['teamspeak3_uid', 'teamspeak3_perm_key'])
-            logger.info("Updated user %s teamspeak3 info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s teamspeak3 info: user does not exist." % user)
-
    @staticmethod
    def update_is_blue(is_blue, user):
        if User.objects.filter(username=user.username).exists():
            logger.debug("Updating user %s blue status: %s" % (user, is_blue))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
+            authserviceinfo = AuthServicesInfo.objects.get(user=user)
            authserviceinfo.is_blue = is_blue
            authserviceinfo.save(update_fields=['is_blue'])
            logger.info("Updated user %s blue status to %s in authservicesinfo model." % (user, is_blue))

-    @staticmethod
-    def update_user_discord_info(user_id, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s discord info: user_id %s" % (user, user_id))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.discord_uid = user_id
-            authserviceinfo.save(update_fields=['discord_uid'])
-            logger.info("Updated user %s discord info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s discord info: user does not exist." % user)
+
+class UserState:
+    def __init__(self):
+        pass
+
+    MEMBER_STATE = MEMBER_STATE
+    BLUE_STATE = BLUE_STATE
+    NONE_STATE = NONE_STATE
+
+    @classmethod
+    def member_state(cls, user):
+        return cls.state_required(user, [cls.MEMBER_STATE])
+
+    @classmethod
+    def member_or_blue_state(cls, user):
+        return cls.state_required(user, [cls.MEMBER_STATE, cls.BLUE_STATE])
+
+    @classmethod
+    def blue_state(cls, user):
+        return cls.state_required(user, [cls.BLUE_STATE])
+
+    @classmethod
+    def none_state(cls, user):
+        return cls.state_required(user, [cls.NONE_STATE])
+
+    @classmethod
+    def get_membership_state(cls, request):
+        if request.user.is_authenticated:
+            auth = AuthServicesInfo.objects.get(user=request.user)
+            return {'STATE': auth.state}
+        return {'STATE': cls.NONE_STATE}

    @staticmethod
-    def update_user_ips4_info(username, id, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s IPS4 info: username %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.ips4_username = username
-            authserviceinfo.ips4_id = id
-            authserviceinfo.save(update_fields=['ips4_username', 'ips4_id'])
-            logger.info("Updated user %s IPS4 info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s IPS4 info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_smf_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s forum info: username %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.smf_username = username
-            authserviceinfo.save(update_fields=['smf_username'])
-            logger.info("Updated user %s smf info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s smf info: user does not exist." % user)
-
-    @staticmethod
-    def update_user_market_info(username, user):
-        if User.objects.filter(username=user.username).exists():
-            logger.debug("Updating user %s market info: username %s" % (user, username))
-            authserviceinfo = AuthServicesInfo.objects.get_or_create(user=user)[0]
-            authserviceinfo.market_username = username
-            authserviceinfo.save(update_fields=['market_username'])
-            logger.info("Updated user %s market info in authservicesinfo model." % user)
-        else:
-            logger.error("Failed to update user %s market info: user does not exist." % user)
+    def state_required(user, states):
+        if user.is_superuser and settings.SUPERUSER_STATE_BYPASS:
+            return True
+        if user.is_authenticated:
+            auth = AuthServicesInfo.objects.get(user=user)
+            return auth.state in states
+        return False
--- a/authentication/migrations/0008_set_state.py
+++ b/authentication/migrations/0008_set_state.py
@@ -8,12 +8,10 @@ from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE
 from django.conf import settings

 def determine_membership_by_character(char, apps):
-    if settings.IS_CORP:
-        if int(char.corporation_id) == int(settings.CORP_ID):
-            return MEMBER_STATE
-    else:
-        if int(char.alliance_id) == int(settings.ALLIANCE_ID):
-            return MEMBER_STATE
+    if str(char.corporation_id) in settings.STR_CORP_IDS:
+        return MEMBER_STATE
+    elif str(char.alliance_id) in settings.STR_ALLIANCE_IDS:
+        return MEMBER_STATE
    EveCorporationInfo = apps.get_model('eveonline', 'EveCorporationInfo')
    if EveCorporationInfo.objects.filter(corporation_id=char.corporation_id).exists() is False:
         return NONE_STATE
@@ -26,7 +24,7 @@ def determine_membership_by_character(char, apps):

 def determine_membership_by_user(user, apps):
    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
-    auth, c = AuthServicesInfo.objects.get_or_create(user=user)
+    auth = AuthServicesInfo.objects.get(user=user)
    if auth.main_char_id:
        EveCharacter = apps.get_model('eveonline', 'EveCharacter')
        if EveCharacter.objects.filter(character_id=auth.main_char_id).exists():
@@ -43,7 +41,7 @@ def set_state(user, apps):
    else:
        state = NONE_STATE
    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
-    auth = AuthServicesInfo.objects.get_or_create(user=user)[0]
+    auth = AuthServicesInfo.objects.get(user=user)
    if auth.state != state:
       auth.state = state
       auth.save()
--- a/authentication/migrations/0010_only_one_authservicesinfo.py
+++ b/authentication/migrations/0010_only_one_authservicesinfo.py
@@ -0,0 +1,40 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.1 on 2017-01-07 06:47
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+def count_completed_fields(model):
+    return len([True for key, value in model.__dict__.items() if bool(value)])
+
+def forward(apps, schema_editor):
+    # this ensures only one model exists per user
+    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
+    users = set([a.user for a in AuthServicesInfo.objects.all()])
+    for u in users:
+        auths = AuthServicesInfo.objects.filter(user=u)
+        if auths.count() > 1:
+            pk = auths[0].pk
+            largest = 0
+            for auth in auths:
+                completed = count_completed_fields(auth)
+                if completed > largest:
+                    largest = completed
+                    pk = auth.pk
+            auths.exclude(pk=pk).delete()
+
+    # ensure all users have a model
+    User = apps.get_model('auth', 'User')
+    for u in User.objects.exclude(pk__in=[user.pk for user in users]):
+        AuthServicesInfo.objects.create(user=u)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0009_auto_20161021_0228'),
+    ]
+
+    operations = [
+        migrations.RunPython(forward, migrations.RunPython.noop)
+    ]
--- a/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py
+++ b/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py
@@ -0,0 +1,22 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.1 on 2017-01-07 07:11
+from __future__ import unicode_literals
+
+from django.conf import settings
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0010_only_one_authservicesinfo'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='authservicesinfo',
+            name='user',
+            field=models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+        ),
+    ]
--- a/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py
+++ b/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py
@@ -0,0 +1,39 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.5 on 2017-01-12 00:59
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+def remove_permissions(apps, schema_editor):
+    ContentType = apps.get_model('contenttypes', 'ContentType')
+    Permission = apps.get_model('auth', 'Permission')
+    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
+
+    # delete the add and remove permissions for AuthServicesInfo
+    ct = ContentType.objects.get_for_model(AuthServicesInfo)
+    Permission.objects.filter(content_type=ct).filter(codename__in=['add_authservicesinfo', 'delete_authservicesinfo']).delete()
+
+
+def add_permissions(apps, schema_editor):
+    ContentType = apps.get_model('contenttypes', 'ContentType')
+    Permission = apps.get_model('auth', 'Permission')
+    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
+
+    # recreate the add and remove permissions for AuthServicesInfo
+    ct = ContentType.objects.get_for_model(AuthServicesInfo)
+    Permission.objects.create(content_type=ct, codename='add_authservicesinfo', name='Can add auth services info')
+    Permission.objects.create(content_type=ct, codename='delete_authservicesinfo', name='Can delete auth services info')
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0011_authservicesinfo_user_onetoonefield'),
+    ]
+
+    operations = [
+        migrations.AlterModelOptions(
+            name='authservicesinfo',
+            options={'default_permissions': ('change',)},
+        ),
+        migrations.RunPython(remove_permissions, add_permissions),
+    ]
--- a/authentication/migrations/0013_service_modules.py
+++ b/authentication/migrations/0013_service_modules.py
@@ -0,0 +1,323 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.2 on 2016-12-11 23:14
+from __future__ import unicode_literals
+
+from django.db import migrations
+from django.conf import settings
+from django.core.exceptions import ObjectDoesNotExist
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+def optional_dependencies():
+    """
+    Only require these migrations if the given app
+    is installed. If the app isn't installed then
+    the relevant AuthServicesInfo field will be LOST
+    when the data migration is run.
+    """
+    installed_apps = settings.INSTALLED_APPS
+
+    dependencies = []
+
+    # Skip adding module dependencies if the settings specifies that services have been migrated
+    if hasattr(settings, 'SERVICES_MIGRATED') and settings.SERVICES_MIGRATED:
+        return dependencies
+
+    if 'services.modules.xenforo' in installed_apps:
+        dependencies.append(('xenforo', '0001_initial'))
+    if 'services.modules.discord' in installed_apps:
+        dependencies.append(('discord', '0001_initial'))
+    if 'services.modules.discourse' in installed_apps:
+        dependencies.append(('discourse', '0001_initial'))
+    if 'services.modules.ipboard' in installed_apps:
+        dependencies.append(('ipboard', '0001_initial'))
+    if 'services.modules.ips4' in installed_apps:
+        dependencies.append(('ips4', '0001_initial'))
+    if 'services.modules.market' in installed_apps:
+        dependencies.append(('market', '0001_initial'))
+    if 'services.modules.openfire' in installed_apps:
+        dependencies.append(('openfire', '0001_initial'))
+    if 'services.modules.smf' in installed_apps:
+        dependencies.append(('smf', '0001_initial'))
+    if 'services.modules.teamspeak3' in installed_apps:
+        dependencies.append(('teamspeak3', '0003_teamspeak3user'))
+    if 'services.modules.mumble' in installed_apps:
+        dependencies.append(('mumble', '0003_mumbleuser_user'))
+    if 'services.modules.phpbb3' in installed_apps:
+        dependencies.append(('phpbb3', '0001_initial'))
+
+    return dependencies
+
+
+class DatalossException(Exception):
+    def __init__(self, field, app):
+        message = "This migration would cause a loss of data for the %s field, ensure the %s app is installed and" \
+                  " run the migration again" % (field, app)
+        super(Exception, self).__init__(message)
+
+
+def check_for_dataloss(authservicesinfo):
+    """
+    Check if any of the authservicesinfo contain a field which contains data
+    that would be lost because the target module for migration is not installed.
+    If a record is found with no matching target installed an exception is raised.
+    :param authservicesinfo: AuthServicesInfo records to check
+    """
+    installed_apps = settings.INSTALLED_APPS
+
+    for authinfo in authservicesinfo:
+        if authinfo.xenforo_username and 'services.modules.xenforo' not in installed_apps:
+            raise DatalossException('xenforo_username', 'services.modules.xenforo')
+        if authinfo.discord_uid and 'services.modules.discord' not in installed_apps:
+            raise DatalossException('discord_uid', 'services.modules.discord')
+        if authinfo.discourse_enabled and 'services.modules.discourse' not in installed_apps:
+            raise DatalossException('discourse_enabled', 'services.modules.discourse')
+        if authinfo.ipboard_username and 'services.modules.ipboard' not in installed_apps:
+            raise DatalossException('ipboard_username', 'services.modules.ipboard')
+        if authinfo.ips4_id and 'services.modules.ips4' not in installed_apps:
+            raise DatalossException('ips4_id', 'services.modules.ips4')
+        if authinfo.market_username and 'services.modules.market' not in installed_apps:
+            raise DatalossException('market_username', 'services.modules.market')
+        if authinfo.jabber_username and 'services.modules.openfire' not in installed_apps:
+            raise DatalossException('jabber_username', 'services.modules.openfire')
+        if authinfo.smf_username and 'services.modules.smf' not in installed_apps:
+            raise DatalossException('smf_username', 'services.modules.smf')
+        if authinfo.teamspeak3_uid and 'services.modules.teamspeak3' not in installed_apps:
+            raise DatalossException('teamspeak3_uid', 'services.modules.teamspeak3')
+        if authinfo.mumble_username and 'services.modules.mumble' not in installed_apps:
+            raise DatalossException('mumble_username', 'services.modules.mumble')
+        if authinfo.forum_username and 'services.modules.phpbb3' not in installed_apps:
+            raise DatalossException('forum_username', 'services.modules.phpbb3')
+
+
+def forward(apps, schema_editor):
+    installed_apps = settings.INSTALLED_APPS
+    AuthServicesInfo = apps.get_model("authentication", "AuthServicesInfo")
+
+    # Check if any records would result in dataloss
+    check_for_dataloss(AuthServicesInfo.objects.all())
+
+    XenforoUser = apps.get_model('xenforo', 'XenforoUser') if 'services.modules.xenforo' in installed_apps else None
+    DiscordUser = apps.get_model('discord', 'DiscordUser') if 'services.modules.discord' in installed_apps else None
+    DiscourseUser = apps.get_model('discourse', 'DiscourseUser') if 'services.modules.discourse' in installed_apps else None
+    IpboardUser = apps.get_model('ipboard', 'IpboardUser') if 'services.modules.ipboard' in installed_apps else None
+    Ips4User = apps.get_model('ips4', 'Ips4User') if 'services.modules.ips4' in installed_apps else None
+    MarketUser = apps.get_model('market', 'MarketUser') if 'services.modules.market' in installed_apps else None
+    OpenfireUser = apps.get_model('openfire', 'OpenfireUser') if 'services.modules.openfire' in installed_apps else None
+    SmfUser = apps.get_model('smf', 'SmfUser') if 'services.modules.smf' in installed_apps else None
+    Teamspeak3User = apps.get_model('teamspeak3', 'Teamspeak3User') if 'services.modules.teamspeak3' in installed_apps else None
+    MumbleUser = apps.get_model('mumble', 'MumbleUser') if 'services.modules.mumble' in installed_apps else None
+    Phpbb3User = apps.get_model('phpbb3', 'Phpbb3User') if 'services.modules.phpbb3' in installed_apps else None
+
+    for authinfo in AuthServicesInfo.objects.all():
+        user = authinfo.user
+
+        if XenforoUser is not None and authinfo.xenforo_username:
+            logging.debug('Updating Xenforo info for %s' % user.username)
+            xfu = XenforoUser()
+            xfu.user = user
+            xfu.username = authinfo.xenforo_username
+            xfu.save()
+
+        if DiscordUser is not None and authinfo.discord_uid:
+            logging.debug('Updating Discord info for %s' % user.username)
+            du = DiscordUser()
+            du.user = user
+            du.uid = authinfo.discord_uid
+            du.save()
+
+        if DiscourseUser is not None and authinfo.discourse_enabled:
+            logging.debug('Updating Discourse info for %s' % user.username)
+            du = DiscourseUser()
+            du.user = user
+            du.enabled = authinfo.discourse_enabled
+            du.save()
+
+        if IpboardUser is not None and authinfo.ipboard_username:
+            logging.debug('Updating IPBoard info for %s' % user.username)
+            ipb = IpboardUser()
+            ipb.user = user
+            ipb.username = authinfo.ipboard_username
+            ipb.save()
+
+        if Ips4User is not None and authinfo.ips4_id:
+            logging.debug('Updating Ips4 info for %s' % user.username)
+            ips = Ips4User()
+            ips.user = user
+            ips.id = authinfo.ips4_id
+            ips.username = authinfo.ips4_username
+            ips.save()
+
+        if MarketUser is not None and authinfo.market_username:
+            logging.debug('Updating Market info for %s' % user.username)
+            mkt = MarketUser()
+            mkt.user = user
+            mkt.username = authinfo.market_username
+            mkt.save()
+
+        if OpenfireUser is not None and authinfo.jabber_username:
+            logging.debug('Updating Openfire (jabber) info for %s' % user.username)
+            ofu = OpenfireUser()
+            ofu.user = user
+            ofu.username = authinfo.jabber_username
+            ofu.save()
+
+        if SmfUser is not None and authinfo.smf_username:
+            logging.debug('Updating SMF info for %s' % user.username)
+            smf = SmfUser()
+            smf.user = user
+            smf.username = authinfo.smf_username
+            smf.save()
+
+        if Teamspeak3User is not None and authinfo.teamspeak3_uid:
+            logging.debug('Updating Teamspeak3 info for %s' % user.username)
+            ts3 = Teamspeak3User()
+            ts3.user = user
+            ts3.uid = authinfo.teamspeak3_uid
+            ts3.perm_key = authinfo.teamspeak3_perm_key
+            ts3.save()
+
+        if MumbleUser is not None and authinfo.mumble_username:
+            logging.debug('Updating mumble info for %s' % user.username)
+            try:
+                mbl = MumbleUser.objects.get(username=authinfo.mumble_username)
+                mbl.user = user
+                mbl.save()
+            except ObjectDoesNotExist:
+                logger.warn('AuthServiceInfo mumble_username for {} but no '
+                            'corresponding record in MumbleUser, dropping'.format(user.username))
+
+        if Phpbb3User is not None and authinfo.forum_username:
+            logging.debug('Updating phpbb3 info for %s' % user.username)
+            phb = Phpbb3User()
+            phb.user = user
+            phb.username = authinfo.forum_username
+            phb.save()
+
+
+def reverse(apps, schema_editor):
+    User = apps.get_model('auth', 'User')
+    AuthServicesInfo = apps.get_model("authentication", "AuthServicesInfo")
+
+    for user in User.objects.all():
+        authinfo, c = AuthServicesInfo.objects.get_or_create(user=user)
+
+        if hasattr(user, 'xenforo'):
+            logging.debug('Reversing xenforo for %s' % user.username)
+            authinfo.xenforo_username = user.xenforo.username
+
+        if hasattr(user, 'discord'):
+            logging.debug('Reversing discord for %s' % user.username)
+            authinfo.discord_uid = user.discord.uid
+
+        if hasattr(user, 'discourse'):
+            logging.debug('Reversing discourse for %s' % user.username)
+            authinfo.discourse_enabled = user.discourse.enabled
+
+        if hasattr(user, 'ipboard'):
+            logging.debug('Reversing ipboard for %s' % user.username)
+            authinfo.ipboard_username = user.ipboard.username
+
+        if hasattr(user, 'ips4'):
+            logging.debug('Reversing ips4 for %s' % user.username)
+            authinfo.ips4_id = user.ips4.id
+            authinfo.ips4_username = user.ips4.username
+
+        if hasattr(user, 'market'):
+            logging.debug('Reversing market for %s' % user.username)
+            authinfo.market_username = user.market.username
+
+        if hasattr(user, 'openfire'):
+            logging.debug('Reversing openfire (jabber) for %s' % user.username)
+            authinfo.jabber_username = user.openfire.username
+
+        if hasattr(user, 'smf'):
+            logging.debug('Reversing smf for %s' % user.username)
+            authinfo.smf_username = user.smf.username
+
+        if hasattr(user, 'teamspeak3'):
+            logging.debug('Reversing teamspeak3 for %s' % user.username)
+            authinfo.teamspeak3_uid = user.teamspeak3.uid
+            authinfo.teamspeak3_perm_key = user.teamspeak3.perm_key
+
+        if hasattr(user, 'mumble'):
+            logging.debug('Reversing mumble for %s' % user.username)
+            try:
+                authinfo.mumble_username = user.mumble.all()[:1].get().username
+            except ObjectDoesNotExist:
+                logging.debug('Failed to reverse mumble for %s' % user.username)
+
+        if hasattr(user, 'phpbb3'):
+            logging.debug('Reversing phpbb3 for %s' % user.username)
+            authinfo.forum_username = user.phpbb3.username
+
+        logging.debug('Saving AuthServicesInfo for %s ' % user.username)
+        authinfo.save()
+
+
+class Migration(migrations.Migration):
+
+    dependencies = optional_dependencies() + [
+        ('authentication', '0012_remove_add_delete_authservicesinfo_permissions'),
+    ]
+
+    operations = [
+        # Migrate data
+        migrations.RunPython(forward, reverse),
+        # Remove fields
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='discord_uid',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='discourse_enabled',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='forum_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='ipboard_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='ips4_id',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='ips4_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='jabber_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='market_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='mumble_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='smf_username',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='teamspeak3_perm_key',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='teamspeak3_uid',
+        ),
+        migrations.RemoveField(
+            model_name='authservicesinfo',
+            name='xenforo_username',
+        ),
+    ]
--- a/authentication/models.py
+++ b/authentication/models.py
@@ -7,27 +7,17 @@ from authentication.states import MEMBER_STATE, BLUE_STATE, NONE_STATE

@python_2_unicode_compatible
 class AuthServicesInfo(models.Model):
+    class Meta:
+        default_permissions = ('change',)
+
    STATE_CHOICES = (
        (NONE_STATE, 'None'),
        (BLUE_STATE, 'Blue'),
        (MEMBER_STATE, 'Member'),
    )

-    ipboard_username = models.CharField(max_length=254, blank=True, default="")
-    xenforo_username = models.CharField(max_length=254, blank=True, default="")
-    forum_username = models.CharField(max_length=254, blank=True, default="")
-    jabber_username = models.CharField(max_length=254, blank=True, default="")
-    mumble_username = models.CharField(max_length=254, blank=True, default="")
-    teamspeak3_uid = models.CharField(max_length=254, blank=True, default="")
-    teamspeak3_perm_key = models.CharField(max_length=254, blank=True, default="")
-    discord_uid = models.CharField(max_length=254, blank=True, default="")
-    discourse_enabled = models.BooleanField(default=False, blank=True)
-    ips4_username = models.CharField(max_length=254, blank=True, default="")
-    ips4_id = models.CharField(max_length=254, blank=True, default="")
-    smf_username = models.CharField(max_length=254, blank=True, default="")
-    market_username = models.CharField(max_length=254, blank=True, default="")
    main_char_id = models.CharField(max_length=64, blank=True, default="")
-    user = models.ForeignKey(User)
+    user = models.OneToOneField(User)
    state = models.CharField(blank=True, null=True, choices=STATE_CHOICES, default=NONE_STATE, max_length=10)

    def __str__(self):
--- a/authentication/signals.py
+++ b/authentication/signals.py
@@ -1,6 +1,7 @@
 from __future__ import unicode_literals
-from django.db.models.signals import pre_save
+from django.db.models.signals import pre_save, post_save
 from django.dispatch import receiver
+from django.contrib.auth.models import User
 from authentication.models import AuthServicesInfo
 from authentication.states import MEMBER_STATE, BLUE_STATE
 from authentication.tasks import make_member, make_blue, disable_member
@@ -22,4 +23,12 @@ def pre_save_auth_state(sender, instance, *args, **kwargs):
                make_blue(instance)
            else:
                disable_member(instance.user)
-            validate_services(instance.user, instance.state)
+            validate_services.apply(args=(instance.user,))
+
+
+@receiver(post_save, sender=User)
+def post_save_user(sender, instance, created, *args, **kwargs):
+    # ensure all users have a model
+    if created:
+        AuthServicesInfo.objects.get_or_create(user=instance)
+
--- a/authentication/tasks.py
+++ b/authentication/tasks.py
@@ -20,14 +20,35 @@ def generate_alliance_group_name(alliancename):


 def disable_member(user):
+    """
+    Disable a member who is transitioning to a NONE state.
+    :param user: django.contrib.auth.models.User to disable
+    :return:
+    """
    logger.debug("Disabling member %s" % user)
+    if user.user_permissions.all().exists():
+        logger.info("Clearning user %s permission to deactivate user." % user)
+        user.user_permissions.clear()
+    if user.groups.all().exists():
+        logger.info("Clearing all non-public user %s groups to disable member." % user)
+        user.groups.remove(*user.groups.filter(authgroup__public=False))
+    validate_services.apply(args=(user,))
+
+
+def disable_user(user):
+    """
+    Disable a user who is being set inactive or deleted
+    :param user: django.contrib.auth.models.User to disable
+    :return:
+    """
+    logger.debug("Disabling user %s" % user)
    if user.user_permissions.all().exists():
        logger.info("Clearning user %s permission to deactivate user." % user)
        user.user_permissions.clear()
    if user.groups.all().exists():
        logger.info("Clearing user %s groups to deactivate user." % user)
        user.groups.clear()
-    validate_services(user, None)
+    validate_services.apply(args=(user,))


 def make_member(auth):
@@ -63,15 +84,13 @@ def make_blue(auth):


 def determine_membership_by_character(char):
-    if settings.IS_CORP:
-        if int(char.corporation_id) == int(settings.CORP_ID):
-            logger.debug("Character %s in owning corp id %s" % (char, char.corporation_id))
-            return MEMBER_STATE
-    else:
-        if int(char.alliance_id) == int(settings.ALLIANCE_ID):
-            logger.debug("Character %s in owning alliance id %s" % (char, char.alliance_id))
-            return MEMBER_STATE
-    if EveCorporationInfo.objects.filter(corporation_id=char.corporation_id).exists() is False:
+    if str(char.corporation_id) in settings.STR_CORP_IDS:
+        logger.debug("Character %s in member corp id %s" % (char, char.corporation_id))
+        return MEMBER_STATE
+    elif str(char.alliance_id) in settings.STR_ALLIANCE_IDS:
+        logger.debug("Character %s in member alliance id %s" % (char, char.alliance_id))
+        return MEMBER_STATE
+    elif not EveCorporationInfo.objects.filter(corporation_id=char.corporation_id).exists():
        logger.debug("No corp model for character %s corp id %s. Unable to check standings. Non-member." % (
            char, char.corporation_id))
        return NONE_STATE
@@ -87,7 +106,7 @@ def determine_membership_by_character(char):

 def determine_membership_by_user(user):
    logger.debug("Determining membership of user %s" % user)
-    auth, c = AuthServicesInfo.objects.get_or_create(user=user)
+    auth = AuthServicesInfo.objects.get(user=user)
    if auth.main_char_id:
        if EveCharacter.objects.filter(character_id=auth.main_char_id).exists():
            char = EveCharacter.objects.get(character_id=auth.main_char_id)
@@ -107,11 +126,13 @@ def set_state(user):
    else:
        state = NONE_STATE
    logger.debug("Assigning user %s to state %s" % (user, state))
-    auth = AuthServicesInfo.objects.get_or_create(user=user)[0]
+    auth = AuthServicesInfo.objects.get(user=user)
    if auth.state != state:
        auth.state = state
        auth.save()
        notify(user, "Membership State Change", message="You membership state has been changed to %s" % state)
+    assign_corp_group(auth)
+    assign_alliance_group(auth)


 def assign_corp_group(auth):
--- a/authentication/tests.py
+++ b/authentication/tests.py
@@ -1 +0,0 @@
-# Create your tests here.
--- a/authentication/tests/init.py
+++ b/authentication/tests/init.py
--- a/authentication/tests/test_tasks.py
+++ b/authentication/tests/test_tasks.py
@@ -0,0 +1,84 @@
+from __future__ import unicode_literals
+
+try:
+    # Py3
+    from unittest import mock
+except ImportError:
+    # Py2
+    import mock
+
+from django.test import TestCase
+from django.contrib.auth.models import Group, Permission
+
+from alliance_auth.tests.auth_utils import AuthUtils
+
+from authentication.tasks import disable_member, disable_user
+
+
+class AuthenticationTasksTestCase(TestCase):
+    def setUp(self):
+        self.member = AuthUtils.create_member('auth_member')
+        self.none_user = AuthUtils.create_user('none_user', disconnect_signals=True)
+
+    @mock.patch('services.signals.transaction')
+    def test_disable_member(self, transaction):
+        # Inert signals action
+        transaction.on_commit.side_effect = lambda fn: fn()
+
+        # Add permission
+        perm = Permission.objects.create(codename='test_perm', name='test perm', content_type_id=1)
+
+        # Add public group
+        pub_group = Group.objects.create(name="A Public group")
+        pub_group.authgroup.internal = False
+        pub_group.authgroup.public = True
+        pub_group.save()
+
+        # Setup member
+        self.member.user_permissions.add(perm)
+        self.member.groups.add(pub_group)
+
+        # Pre assertion
+        self.assertIn(pub_group, self.member.groups.all())
+        self.assertGreater(len(self.member.groups.all()), 1)
+
+        # Act
+        disable_member(self.member)
+
+        # Assert
+        self.assertIn(pub_group, self.member.groups.all())
+        # Everything but the single public group wiped
+        self.assertEqual(len(self.member.groups.all()), 1)
+        # All permissions wiped
+        self.assertEqual(len(self.member.user_permissions.all()), 0)
+
+    @mock.patch('services.signals.transaction')
+    def test_disable_user(self, transaction):
+        # Inert signals action
+        transaction.on_commit.side_effect = lambda fn: fn()
+
+        # Add permission
+        perm = Permission.objects.create(codename='test_perm', name='test perm', content_type_id=1)
+
+        # Add public group
+        pub_group = Group.objects.create(name="A Public group")
+        pub_group.authgroup.internal = False
+        pub_group.authgroup.public = True
+        pub_group.save()
+
+        # Setup member
+        self.member.user_permissions.add(perm)
+        self.member.groups.add(pub_group)
+
+        # Pre assertion
+        self.assertIn(pub_group, self.member.groups.all())
+        self.assertGreater(len(self.member.groups.all()), 1)
+
+        # Act
+        disable_user(self.member)
+
+        # Assert
+        # All groups wiped
+        self.assertEqual(len(self.member.groups.all()), 0)
+        # All permissions wiped
+        self.assertEqual(len(self.member.user_permissions.all()), 0)
--- a/authentication/views.py
+++ b/authentication/views.py
@@ -4,13 +4,14 @@ from django.contrib.auth import logout
 from django.contrib.auth import authenticate
 from django.shortcuts import render, redirect
 from django.contrib.auth.decorators import login_required
+from django.utils.translation import ugettext_lazy as _
 from eveonline.managers import EveManager
 from eveonline.models import EveCharacter
 from authentication.models import AuthServicesInfo
 from authentication.forms import LoginForm, RegistrationForm
 from django.contrib.auth.models import User
 from django.contrib import messages
-from eve_sso.decorators import token_required
+from esi.decorators import token_required
 import logging

 logger = logging.getLogger(__name__)
@@ -34,10 +35,10 @@ def login_user(request):
                    return redirect(redirect_to)
                else:
                    logger.info("Login attempt failed for user %s: user marked inactive." % user)
-                    messages.warning(request, 'Your account has been disabled.')
+                    messages.warning(request, _('Your account has been disabled.'))
            else:
                logger.info("Failed login attempt: provided username %s" % form.cleaned_data['username'])
-                messages.error(request, 'Username/password invalid.')
+                messages.error(request, _('Username/password invalid.'))
            return render(request, 'public/login.html', context={'form': form})
    else:
        logger.debug("Providing new login form.")
@@ -67,7 +68,8 @@ def register_user_view(request):

                user.save()
                logger.info("Created new user %s" % user)
-                messages.warning(request, 'Add an API key to set up your account.')
+                login(request, user)
+                messages.warning(request, _('Add an API key to set up your account.'))
                return redirect("auth_dashboard")

            else:
@@ -88,32 +90,27 @@ def index_view(request):
    return render(request, 'public/index.html')


-@login_required
-def dashboard_view(request):
-    logger.debug("dashboard_view called by user %s" % request.user)
-    render_items = {'characters': EveManager.get_characters_by_owner_id(request.user.id),
-                    'authinfo': AuthServicesInfo.objects.get_or_create(user=request.user)[0]}
-    return render(request, 'registered/dashboard.html', context=render_items)
-
-
@login_required
 def help_view(request):
    logger.debug("help_view called by user %s" % request.user)
    return render(request, 'registered/help.html')

+
@token_required(new=True)
-def sso_login(request, tokens=[]):
-    token = tokens[0]
+def sso_login(request, token):
    try:
        char = EveCharacter.objects.get(character_id=token.character_id)
        if char.user:
            if char.user.is_active:
                login(request, char.user)
-                return redirect(dashboard_view)
+                token.user = char.user
+                token.save()
+                return redirect('auth_dashboard')
            else:
-                messages.error(request, 'Your account has been disabled.')
+                messages.error(request, _('Your account has been disabled.'))
        else:
-            messages.warning(request, 'Authenticated character has no owning account. Please log in with username and password.')
+            messages.warning(request,
+                             _('Authenticated character has no owning account. Please log in with username and password.'))
    except EveCharacter.DoesNotExist:
-        messages.error(request, 'No account exists with the authenticated character. Please create an account first.')
+        messages.error(request, _('No account exists with the authenticated character. Please create an account first.'))
    return redirect(login_user)
--- a/corputils/admin.py
+++ b/corputils/admin.py
@@ -1 +1,5 @@
 from __future__ import unicode_literals
+from corputils.models import CorpStats
+from django.contrib import admin
+
+admin.site.register(CorpStats)
--- a/corputils/forms.py
+++ b/corputils/forms.py
@@ -1,8 +0,0 @@
-from __future__ import unicode_literals
-from django import forms
-from django.utils.translation import ugettext_lazy as _
-
-
-class CorputilsSearchForm(forms.Form):
-    search_string = forms.CharField(max_length=254, required=True, label="",
-                                    widget=forms.TextInput(attrs={'placeholder': _('Search characters...')}))
--- a/corputils/managers.py
+++ b/corputils/managers.py
@@ -0,0 +1,42 @@
+from django.db import models
+from authentication.models import AuthServicesInfo
+from eveonline.models import EveCharacter
+
+
+class CorpStatsQuerySet(models.QuerySet):
+    def visible_to(self, user):
+        # superusers get all visible
+        if user.is_superuser:
+            return self
+
+        auth = AuthServicesInfo.objects.get(user=user)
+        try:
+            char = EveCharacter.objects.get(character_id=auth.main_char_id)
+            # build all accepted queries
+            queries = []
+            if user.has_perm('corputils.view_corp_corpstats'):
+                queries.append(models.Q(corp__corporation_id=char.corporation_id))
+            if user.has_perm('corputils.view_alliance_corpstats'):
+                queries.append(models.Q(corp__alliance__alliance_id=char.alliance_id))
+            if user.has_perm('corputils.view_blue_corpstats'):
+                queries.append(models.Q(corp__is_blue=True))
+
+            # filter based on queries
+            if queries:
+                query = queries.pop()
+                for q in queries:
+                    query |= q
+                return self.filter(query)
+            else:
+                # not allowed to see any
+                return self.none()
+        except EveCharacter.DoesNotExist:
+            return self.none()        
+
+
+class CorpStatsManager(models.Manager):
+    def get_queryset(self):
+        return CorpStatsQuerySet(self.model, using=self._db)
+
+    def visible_to(self, user):
+        return self.get_queryset().visible_to(user)
--- a/corputils/migrations/0001_initial.py
+++ b/corputils/migrations/0001_initial.py
@@ -0,0 +1,35 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.1 on 2016-12-14 21:36
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+import django.db.models.deletion
+
+
+class Migration(migrations.Migration):
+
+    initial = True
+
+    dependencies = [
+        ('esi', '0002_scopes_20161208'),
+        ('eveonline', '0004_eveapikeypair_sso_verified'),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name='CorpStats',
+            fields=[
+                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
+                ('last_update', models.DateTimeField(auto_now=True)),
+                ('_members', models.TextField(default='{}')),
+                ('corp', models.OneToOneField(on_delete=django.db.models.deletion.CASCADE, to='eveonline.EveCorporationInfo')),
+                ('token', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='esi.Token')),
+            ],
+            options={
+                'default_permissions': ('add', 'change', 'remove', 'view_corp', 'view_alliance', 'view_blue'),
+                'verbose_name': 'corp stats',
+                'verbose_name_plural': 'corp stats',
+                'permissions': (('corp_apis', 'Can view API keys of members of their corporation.'), ('alliance_apis', 'Can view API keys of members of their alliance.'), ('blue_apis', 'Can view API keys of members of blue corporations.')),
+            },
+        ),
+    ]
--- a/corputils/migrations/0002_migrate_permissions.py
+++ b/corputils/migrations/0002_migrate_permissions.py
@@ -0,0 +1,125 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.1 on 2016-12-14 21:48
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+PERMISSIONS = {
+    'user': [
+        'corp_apis',
+        'alliance_apis',
+    ],
+    'corpstats': {
+        'corp_apis': 'Can view API keys of members of their corporation.',
+        'alliance_apis': 'Can view API keys of members of their alliance.',
+        'blue_apis': 'Can view API keys of members of blue corporations.',
+        'view_corp_corpstats': 'Can view corp stats of their corporation.',
+        'view_alliance_corpstats': 'Can view corp stats of members of their alliance.',
+        'view_blue_corpstats': 'Can view corp stats of blue corporations.',
+    }
+}
+
+def user_permissions_dict(apps):
+    Permission = apps.get_model('auth', 'Permission')
+    ContentType = apps.get_model('contenttypes', 'ContentType')
+    User = apps.get_model('auth', 'User')
+    CorpStats = apps.get_model('corputils', 'CorpStats')
+
+    user_ct = ContentType.objects.get_for_model(User)
+    corpstats_ct = ContentType.objects.get_for_model(CorpStats)
+
+    return {
+        'user': {x: Permission.objects.get_or_create(name=x, codename=x, content_type=user_ct)[0] for x in PERMISSIONS['user']},
+        'corpstats': {x: Permission.objects.get_or_create(codename=x, name=y, content_type=corpstats_ct)[0] for x, y in PERMISSIONS['corpstats'].items()},
+    }
+
+def users_with_permission(apps, perm):
+    User = apps.get_model('auth', 'User')
+    return User.objects.filter(user_permissions=perm.pk)
+
+def groups_with_permission(apps, perm):
+    Group = apps.get_model('auth', 'Group')
+    return Group.objects.filter(permissions=perm.pk)
+
+def forward(apps, schema_editor):
+    perm_dict = user_permissions_dict(apps)
+
+    corp_users = users_with_permission(apps, perm_dict['user']['corp_apis'])
+    for u in corp_users:
+        u.user_permissions.add(perm_dict['corpstats']['corp_apis'].pk)
+        u.user_permissions.add(perm_dict['corpstats']['view_corp_corpstats'].pk)
+
+    alliance_users = users_with_permission(apps, perm_dict['user']['alliance_apis'])
+    for u in alliance_users:
+        u.user_permissions.add(perm_dict['corpstats']['alliance_apis'].pk)
+        u.user_permissions.add(perm_dict['corpstats']['view_alliance_corpstats'].pk)
+
+    corp_groups = groups_with_permission(apps, perm_dict['user']['corp_apis'])
+    for g in corp_groups:
+        g.permissions.add(perm_dict['corpstats']['corp_apis'].pk)
+        g.permissions.add(perm_dict['corpstats']['view_corp_corpstats'].pk)
+
+    alliance_groups = groups_with_permission(apps, perm_dict['user']['alliance_apis'])
+    for g in alliance_groups:
+        g.permissions.add(perm_dict['corpstats']['alliance_apis'].pk)
+        g.permissions.add(perm_dict['corpstats']['view_alliance_corpstats'].pk)
+
+    for name, perm in perm_dict['user'].items():
+        perm.delete()
+    
+def reverse(apps, schema_editor):        
+    perm_dict = user_permissions_dict(apps)
+
+    corp_users = users_with_permission(apps, perm_dict['corpstats']['view_corp_corpstats'])
+    corp_api_users = users_with_permission(apps, perm_dict['corpstats']['corp_apis'])
+    corp_us = corp_users | corp_api_users
+    for u in corp_us.distinct():
+        u.user_permissions.add(perm_dict['user']['corp_apis'].pk)
+    for u in corp_users:
+        u.user_permissions.remove(perm_dict['corpstats']['view_corp_corpstats'].pk)
+    for u in corp_api_users:
+        u.user_permissions.remove(perm_dict['corpstats']['corp_apis'].pk)
+        
+
+    alliance_users = users_with_permission(apps, perm_dict['corpstats']['view_alliance_corpstats'])
+    alliance_api_users = users_with_permission(apps, perm_dict['corpstats']['alliance_apis'])
+    alliance_us = alliance_users | alliance_api_users
+    for u in alliance_us.distinct():
+        u.user_permissions.add(perm_dict['user']['alliance_apis'].pk)
+    for u in alliance_users:
+        u.user_permissions.remove(perm_dict['corpstats']['view_alliance_corpstats'].pk)
+    for u in alliance_api_users:
+        u.user_permissions.remove(perm_dict['corpstats']['alliance_apis'].pk)
+
+    corp_groups = groups_with_permission(apps, perm_dict['corpstats']['view_corp_corpstats'])
+    corp_api_groups = groups_with_permission(apps, perm_dict['corpstats']['corp_apis'])
+    corp_gs = corp_groups | corp_api_groups
+    for g in corp_groups.distinct():
+        g.permissions.add(perm_dict['user']['corp_apis'].pk)
+    for g in corp_groups:
+        g.permissions.remove(perm_dict['corpstats']['view_corp_corpstats'].pk)
+    for g in corp_api_groups:
+        g.permissions.remove(perm_dict['corpstats']['corp_apis'].pk)
+
+    alliance_groups = groups_with_permission(apps, perm_dict['corpstats']['view_alliance_corpstats'])
+    alliance_api_groups = groups_with_permission(apps, perm_dict['corpstats']['alliance_apis'])
+    alliance_gs = alliance_groups | alliance_api_groups
+    for g in alliance_gs.distinct():
+        g.permissions.add(perm_dict['user']['alliance_apis'].pk)
+    for g in alliance_groups:
+        g.permissions.remove(perm_dict['corpstats']['view_alliance_corpstats'].pk)
+    for g in alliance_api_groups:
+        g.permissions.remove(perm_dict['corpstats']['alliance_apis'].pk)
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('corputils', '0001_initial'),
+        ('authentication', '0005_delete_perms'),
+        ('auth', '0008_alter_user_username_max_length'),
+    ]
+
+    operations = [
+        migrations.RunPython(forward, reverse),
+    ]
--- a/corputils/migrations/init.py
+++ b/corputils/migrations/init.py
--- a/corputils/models.py
+++ b/corputils/models.py
@@ -1 +1,196 @@
 from __future__ import unicode_literals
+from django.utils.encoding import python_2_unicode_compatible
+from django.db import models
+from eveonline.models import EveCorporationInfo, EveCharacter, EveApiKeyPair
+from esi.models import Token
+from esi.errors import TokenError
+from notifications import notify
+from authentication.models import AuthServicesInfo
+from bravado.exception import HTTPForbidden
+from corputils.managers import CorpStatsManager
+from operator import attrgetter
+import json
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+@python_2_unicode_compatible
+class CorpStats(models.Model):
+    token = models.ForeignKey(Token, on_delete=models.CASCADE)
+    corp = models.OneToOneField(EveCorporationInfo)
+    last_update = models.DateTimeField(auto_now=True)
+    _members = models.TextField(default='{}')
+
+    class Meta:
+        permissions = (
+            ('corp_apis', 'Can view API keys of members of their corporation.'),
+            ('alliance_apis', 'Can view API keys of members of their alliance.'),
+            ('blue_apis', 'Can view API keys of members of blue corporations.'),
+            ('view_corp_corpstats', 'Can view corp stats of their corporation.'),
+            ('view_alliance_corpstats', 'Can view corp stats of members of their alliance.'),
+            ('view_blue_corpstats', 'Can view corp stats of blue corporations.'),
+        )
+        verbose_name = "corp stats"
+        verbose_name_plural = "corp stats"
+
+    objects = CorpStatsManager()
+
+    def __str__(self):
+        return "%s for %s" % (self.__class__.__name__, self.corp)
+
+    def update(self):
+        try:
+            c = self.token.get_esi_client(Character='v4', Corporation='v2')
+            assert c.Character.get_characters_character_id(character_id=self.token.character_id).result()[
+                       'corporation_id'] == int(self.corp.corporation_id)
+            members = c.Corporation.get_corporations_corporation_id_members(
+                corporation_id=self.corp.corporation_id).result()
+            member_ids = [m['character_id'] for m in members]
+
+            # requesting too many ids per call results in a HTTP400
+            # the swagger spec doesn't have a maxItems count
+            # manual testing says we can do over 350, but let's not risk it
+            member_id_chunks = [member_ids[i:i + 255] for i in range(0, len(member_ids), 255)]
+            member_name_chunks = [c.Character.get_characters_names(character_ids=id_chunk).result() for id_chunk in
+                                  member_id_chunks]
+            member_list = {}
+            for name_chunk in member_name_chunks:
+                member_list.update({m['character_id']: m['character_name'] for m in name_chunk})
+
+            self.members = member_list
+            self.save()
+        except TokenError as e:
+            logger.warning("%s failed to update: %s" % (self, e))
+            if self.token.user:
+                notify(self.token.user, "%s failed to update with your ESI token." % self,
+                       message="Your token has expired or is no longer valid. Please add a new one to create a new CorpStats.",
+                       level="error")
+            self.delete()
+        except HTTPForbidden as e:
+            logger.warning("%s failed to update: %s" % (self, e))
+            if self.token.user:
+                notify(self.token.user, "%s failed to update with your ESI token." % self,
+                       message="%s: %s" % (e.status_code, e.message), level="error")
+            self.delete()
+        except AssertionError:
+            logger.warning("%s token character no longer in corp." % self)
+            if self.token.user:
+                notify(self.token.user, "%s cannot update with your ESI token." % self,
+                       message="%s cannot update with your ESI token as you have left corp." % self, level="error")
+            self.delete()
+
+    @property
+    def members(self):
+        return json.loads(self._members)
+
+    @members.setter
+    def members(self, dict):
+        self._members = json.dumps(dict)
+
+    @property
+    def member_ids(self):
+        return [id for id, name in self.members.items()]
+
+    @property
+    def member_names(self):
+        return [name for id, name in self.members.items()]
+
+    def show_apis(self, user):
+        auth = AuthServicesInfo.objects.get(user=user)
+        if auth.main_char_id:
+            try:
+                char = EveCharacter.objects.get(character_id=auth.main_char_id)
+                if char.corporation_id == self.corp.corporation_id and user.has_perm('corputils.corp_apis'):
+                    return True
+                if self.corp.alliance and char.alliance_id == self.corp.alliance.alliance_id and user.has_perm(
+                        'corputils.alliance_apis'):
+                    return True
+                if user.has_perm('corputils.blue_apis') and self.corp.is_blue:
+                    return True
+            except EveCharacter.DoesNotExist:
+                pass
+        return user.is_superuser
+
+    def entered_apis(self):
+        return EveCharacter.objects.filter(character_id__in=self.member_ids).exclude(api_id__isnull=True).count()
+
+    def member_count(self):
+        return len(self.members)
+
+    def user_count(self, members):
+        mainchars = []
+        for member in members:
+            if hasattr(member.main, 'character_name'):
+                mainchars.append(member.main.character_name)
+        return len(set(mainchars))
+
+    @python_2_unicode_compatible
+    class MemberObject(object):
+        def __init__(self, character_id, character_name, show_apis=False):
+            self.character_id = character_id
+            self.character_name = character_name
+            try:
+                char = EveCharacter.objects.get(character_id=character_id)
+                auth = AuthServicesInfo.objects.get(user=char.user)
+                try:
+                    self.main = EveCharacter.objects.get(character_id=auth.main_char_id)
+                    self.main_user = self.main.character_name
+                except EveCharacter.DoesNotExist:
+                    self.main = None
+                    self.main_user = ''
+                api = EveApiKeyPair.objects.get(api_id=char.api_id)
+                self.registered = True
+                if show_apis:
+                    self.api = api
+                else:
+                    self.api = None
+            except (EveCharacter.DoesNotExist, AuthServicesInfo.DoesNotExist):
+                self.main = None
+                self.api = None
+                self.registered = False
+                self.main_user = ''
+            except EveApiKeyPair.DoesNotExist:
+                self.api = None
+                self.registered = False
+                self.main_user = ''
+
+        def __str__(self):
+            return self.character_name
+
+        def portrait_url(self, size=32):
+            return "https://image.eveonline.com/Character/%s_%s.jpg" % (self.character_id, size)
+
+    def get_member_objects(self, user):
+        show_apis = self.show_apis(user)
+        return sorted([CorpStats.MemberObject(id, name, show_apis=show_apis) for id, name in self.members.items()], key=attrgetter('main_user', 'character_name'))
+
+    def can_update(self, user):
+        return user.is_superuser or user == self.token.user
+
+    @python_2_unicode_compatible
+    class ViewModel(object):
+        def __init__(self, corpstats, user):
+            self.corp = corpstats.corp
+            self.members = corpstats.get_member_objects(user)
+            self.can_update = corpstats.can_update(user)
+            self.total_members = len(self.members)
+            self.total_users = corpstats.user_count(self.members)
+            self.registered_members = corpstats.entered_apis()
+            self.show_apis = corpstats.show_apis(user)
+            self.last_updated = corpstats.last_update
+
+        def __str__(self):
+            return str(self.corp)
+
+        def corp_logo(self, size=128):
+            return "https://image.eveonline.com/Corporation/%s_%s.png" % (self.corp.corporation_id, size)
+
+        def alliance_logo(self, size=128):
+            if self.corp.alliance:
+                return "https://image.eveonline.com/Alliance/%s_%s.png" % (self.corp.alliance.alliance_id, size)
+            else:
+                return "https://image.eveonline.com/Alliance/1_%s.png" % size
+
+    def get_view_model(self, user):
+        return CorpStats.ViewModel(self, user)
--- a/corputils/tasks.py
+++ b/corputils/tasks.py
@@ -0,0 +1,15 @@
+from corputils.models import CorpStats
+from celery.task import task, periodic_task
+from celery.task.schedules import crontab
+
+
+@task
+def update_corpstats(pk):
+    cs = CorpStats.objects.get(pk=pk)
+    cs.update()
+
+
+@periodic_task(run_every=crontab(minute=0, hour="*/6"))
+def update_all_corpstats():
+    for cs in CorpStats.objects.all():
+        update_corpstats.delay(cs.pk)
--- a/corputils/templates/corputils/base.html
+++ b/corputils/templates/corputils/base.html
@@ -0,0 +1,39 @@
+{% extends 'public/base.html' %}
+{% load i18n %}
+{% block title %}{% trans "Corporation Member Data" %}{% endblock %}
+{% block page_title %}{% trans "Corporation Member Data" %}{% endblock %}
+{% block content %}
+    <div class="col-lg-12">
+        <h1 class="page-header text-center">{% trans "Corporation Member Data" %}</h1>
+        <div class="col-lg-10 col-lg-offset-1 container">
+            <nav class="navbar navbar-default">
+                <div class="container-fluid">
+                    <ul class="nav navbar-nav">
+                        <li class="dropdown">
+                            <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">{% trans "Corporations" %}<span class="caret"></span></a>
+                            <ul class="dropdown-menu">
+                                {% for corpstat in available %}
+                                    <li>
+                                        <a href="{% url 'corputils:view_corp' corpstat.corp.corporation_id %}">{{ corpstat.corp.corporation_name }}</a>
+                                    </li>
+                                {% endfor %}
+                            </ul>
+                        </li>
+                        {% if perms.corputils.add_corpstats %}
+                            <li>
+                                <a href="{% url 'corputils:add' %}">{% trans "Add" %}</a>
+                            </li>
+                        {% endif %}
+                    </ul>
+                    <form class="navbar-form navbar-right" role="search" action="{% url 'corputils:search' %}" method="GET">
+                        <div class="form-group">
+                            <input type="text" class="form-control" name="search_string" placeholder="{% if search_string %}{{ search_string }}{% else %}{% trans "Search characters..." %}{% endif %}">
+                        </div>
+                    </form>
+                </div>
+            </nav>
+            {% block member_data %}{% endblock %}
+        </div>
+    </div>
+{% endblock %}
+
--- a/corputils/templates/corputils/corpstats.html
+++ b/corputils/templates/corputils/corpstats.html
@@ -0,0 +1,93 @@
+{% extends 'corputils/base.html' %}
+{% load i18n %}
+{% load humanize %}
+{% load bootstrap_pagination %}
+{% load eveonline_extras %}
+{% block member_data %}
+            {% if corpstats %}
+                <div class="row">
+                    <div class="col-lg-12 text-center">
+                        <table class="table">
+                            <tr>
+                                <td class="text-center col-lg-6 {% if corpstats.corp.alliance %}{% else %}col-lg-offset-3{% endif %}"><img class="ra-avatar" src="{{ corpstats.corp_logo }}"></td>
+                                {% if corpstats.corp.alliance %}
+                                    <td class="text-center col-lg-6"><img class="ra-avatar" src="{{ corpstats.alliance_logo }}"></td>
+                                {% endif %}
+                            </tr>
+                            <tr>
+                                <td class="text-center"><h4>{{ corpstats.corp.corporation_name }}</h4></td>
+                                {% if corpstats.corp.alliance %}
+                                    <td class="text-center"><h4>{{ corpstats.corp.alliance.alliance_name }}</h4></td>
+                                {% endif %}
+                            </tr>
+                        </table>
+                    </div>
+                </div>
+                <div class="row">
+                    <div class="col-lg-12">
+                        <b>{% trans "API Index: " %}</b> {{ corpstats.total_users }} Main Characters
+                        <div class="progress">
+                            <div class="progress-bar" role="progressbar" aria-valuenow="{{ corpstats.registered_members }}" aria-valuemin="0" aria-valuemax="{{ corpstats.total_members }}" style="width: {% widthratio corpstats.registered_members corpstats.total_members 100 %}%;">
+                                {{ corpstats.registered_members }}/{{ corpstats.total_members }}
+                            </div>
+                        </div>
+                    </div>
+                </div>
+                <div class="row">
+                    <div class="col-lg-12">
+                        <div class="panel panel-default">
+                            <div class="panel-heading clearfix">
+                                <div class="panel-title pull-left">
+                                    <h4>{% trans "Members" %}</h4>
+                                </div>
+                                <div class="panel-title pull-right">
+                                    {% trans "Last update:" %} {{ corpstats.last_updated|naturaltime }}
+                                    {% if corpstats.can_update %}
+                                        <a class="btn btn-success" type="button" href="{% url 'corputils:update' corpstats.corp.corporation_id %}" title="Update Now">
+                                            <span class="glyphicon glyphicon-refresh"></span>
+                                        </a>
+                                    {% endif %}
+                                </div>
+                            </div>
+                            <div class="panel-body">
+                                <div class="text-center">
+                                    {% bootstrap_paginate members range=10 %}
+                                </div>
+                                <div class="table-responsive">
+                                    <table class="table table-hover">
+                                        <tr>
+                                            <th></th>
+                                            <th class="text-center">{% trans "Character" %}</th>
+                                            {% if corpstats.show_apis %}
+                                                <th class="text-center">API</th>
+                                            {% endif %}
+                                            <th class="text-center">{% trans "zKillboard" %}</th>
+                                            <th class="text-center">{% trans "Main Character" %}</th>
+                                            <th class="text-center">{% trans "Main Corporation" %}</th>
+                                            <th class="text-center">{% trans "Main Alliance" %}</th>
+                                        </tr>
+                                        {% for member in members %}
+                                            <tr {% if not member.registered %}class="danger"{% endif %}>
+                                                <td><img src="{{ member.portrait_url }}" class="img-circle"></td>
+                                                <td class="text-center">{{ member.character_name }}</td>
+                                                {% if corpstats.show_apis %}
+                                                    {% if member.api %}
+                                                        <td class="text-center">{{ member.api|api_link:'label label-primary' }}</td>
+                                                    {% else %}
+                                                        <td></td>
+                                                    {% endif %}
+                                                {% endif %}
+                                                <td class="text-center"><a href="https://zkillboard.com/character/{{ member.character_id }}/" class="label label-danger" target="_blank">{% trans "Killboard" %}</a></td>
+                                                <td class="text-center">{{ member.main.character_name }}</td>
+                                                <td class="text-center">{{ member.main.corporation_name }}</td>
+                                                <td class="text-center">{{ member.main.alliance_name }}</td>
+                                            </tr>
+                                        {% endfor %}
+                                    </table>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            {% endif %}
+{% endblock %}
--- a/corputils/templates/corputils/search.html
+++ b/corputils/templates/corputils/search.html
@@ -0,0 +1,44 @@
+{% extends "corputils/base.html" %}
+{% load i18n %}
+{% load bootstrap_pagination %}
+{% load eveonline_extras %}
+{% block member_data %}
+    <div class="panel panel-default">
+        <div class="panel-heading clearfix">
+            <div class="panel-title pull-left">{% trans "Search Results" %}</div>
+        </div>
+        <div class="panel-body">
+            <div class="text-center">
+                {% bootstrap_paginate results range=10 %}
+            </div>
+            <table class="table table-hover">
+                <tr>
+                    <th class="text-center"></th>
+                    <th class="text-center">{% trans "Character" %}</th>
+                    <th class="text-center">{% trans "Corporation" %}</th>
+                    <th class="text-center">{% trans "API" %}</th>
+                    <th class="text-center">{% trans "zKillboard" %}</th>
+                    <th class="text-center">{% trans "Main Character" %}</th>
+                    <th class="text-center">{% trans "Main Corporation" %}</th>
+                    <th class="text-center">{% trans "Main Alliance" %}</th>
+                </tr>
+                {% for result in results %}
+                    <tr {% if not result.1.registered %}class="danger"{% endif %}>
+                        <td class="text-center"><img src="{{ result.1.portrait_url }}" class="img-circle"></td>
+                        <td class="text-center">{{ result.1.character_name }}</td>
+                        <td class="text-center">{{ result.0.corp.corporation_name }}</td>
+                        {% if result.1.api %}
+                            <td class="text-center">{{ result.1.api|api_link:"label label-primary" }}</td>
+                        {% else %}
+                            <td></td>
+                        {% endif %}
+                        <td class="text-center"><a href="https://zkillboard.com/character/{{ result.1.character_id }}/" class="label label-danger" target="_blank">{% trans "Killboard" %}</a></td>
+                        <td class="text-center">{{ result.1.main.character_name }}</td>
+                        <td class="text-center">{{ result.1.main.corporation_name }}</td>
+                        <td class="text-center">{{ result.1.main.alliance_name }}</td>
+                    </tr>
+                {% endfor %}
+            </table>
+        </div>
+    </div>
+{% endblock %}
--- a/corputils/urls.py
+++ b/corputils/urls.py
@@ -0,0 +1,11 @@
+from django.conf.urls import url
+import corputils.views
+
+app_name = 'corputils'
+urlpatterns = [
+    url(r'^$', corputils.views.corpstats_view, name='view'),
+    url(r'^add/$', corputils.views.corpstats_add, name='add'),
+    url(r'^(?P<corp_id>(\d)*)/$', corputils.views.corpstats_view, name='view_corp'),
+    url(r'^(?P<corp_id>(\d)+)/update/$', corputils.views.corpstats_update, name='update'),
+    url(r'^search/$', corputils.views.corpstats_search, name='search'),
+    ]
--- a/corputils/views.py
+++ b/corputils/views.py
@@ -1,325 +1,143 @@
 from __future__ import unicode_literals
 from django.conf import settings
-from django.contrib.auth.decorators import login_required
-from django.shortcuts import render, redirect
+from django.contrib.auth.decorators import login_required, permission_required, user_passes_test
+from django.shortcuts import render, redirect, get_object_or_404
+from django.contrib import messages
+from django.core.exceptions import PermissionDenied
+from django.db import IntegrityError
+from django.core.paginator import Paginator, EmptyPage, PageNotAnInteger
+from django.utils.translation import ugettext_lazy as _
+from django.conf import settings
+from eveonline.models import EveCharacter, EveCorporationInfo
+from corputils.models import CorpStats
+from esi.decorators import token_required
+from bravado.exception import HTTPError

-from collections import namedtuple
-
-from authentication.models import AuthServicesInfo
-from services.managers.eve_api_manager import EveApiManager
-from services.managers.evewho_manager import EveWhoManager
-from eveonline.models import EveCorporationInfo
-from eveonline.models import EveAllianceInfo
-from eveonline.models import EveCharacter
-from eveonline.models import EveApiKeyPair
-from fleetactivitytracking.models import Fat
-from corputils.forms import CorputilsSearchForm
-from evelink.api import APIError
-
-import logging
-import datetime
-
-logger = logging.getLogger(__name__)
+MEMBERS_PER_PAGE = int(getattr(settings, 'CORPSTATS_MEMBERS_PER_PAGE', 20))


-class Player(object):
-    def __init__(self, main, user, maincorp, maincorpid, altlist, apilist, n_fats):
-        self.main = main
-        self.user = user
-        self.maincorp = maincorp
-        self.maincorpid = maincorpid
-        self.altlist = altlist
-        self.apilist = apilist
-        self.n_fats = n_fats
+def get_page(model_list, page_num):
+    p = Paginator(model_list, MEMBERS_PER_PAGE)
+    try:
+        members = p.page(page_num)
+    except PageNotAnInteger:
+        members = p.page(1)
+    except EmptyPage:
+        members = p.page(p.num_pages)
+    return members


-def first_day_of_next_month(year, month):
-    if month == 12:
-        return datetime.datetime(year + 1, 1, 1)
-    else:
-        return datetime.datetime(year, month + 1, 1)
-
-
-def first_day_of_previous_month(year, month):
-    if month == 1:
-        return datetime.datetime(year - 1, 12, 1)
-    else:
-        return datetime.datetime(year, month - 1, 1)
+def access_corpstats_test(user):
+    return user.has_perm('corputils.view_corp_corpstats') or user.has_perm(
+        'corputils.view_alliance_corpstats') or user.has_perm('corputils.view_blue_corpstats')


@login_required
-def corp_member_view(request, corpid=None, year=datetime.date.today().year, month=datetime.date.today().month):
-    year = int(year)
-    month = int(month)
-    start_of_month = datetime.datetime(year, month, 1)
-    start_of_next_month = first_day_of_next_month(year, month)
-    start_of_previous_month = first_day_of_previous_month(year, month)
-    logger.debug("corp_member_view called by user %s" % request.user)
-
+@user_passes_test(access_corpstats_test)
+@permission_required('corputils.add_corpstats')
+@token_required(scopes='esi-corporations.read_corporation_membership.v1')
+def corpstats_add(request, token):
    try:
-        user_main = EveCharacter.objects.get(
-            character_id=AuthServicesInfo.objects.get_or_create(user=request.user)[0].main_char_id)
-        user_corp_id = user_main.corporation_id
-    except (ValueError, EveCharacter.DoesNotExist):
-        user_corp_id = settings.CORP_ID
-
-    if not settings.IS_CORP:
-        alliance = EveAllianceInfo.objects.get(alliance_id=settings.ALLIANCE_ID)
-        alliancecorps = EveCorporationInfo.objects.filter(alliance=alliance)
-        membercorplist = [(int(membercorp.corporation_id), str(membercorp.corporation_name)) for membercorp in
-                          alliancecorps]
-        membercorplist.sort(key=lambda tup: tup[1])
-        membercorp_id_list = [int(membercorp.corporation_id) for membercorp in alliancecorps]
-
-        bluecorps = EveCorporationInfo.objects.filter(is_blue=True)
-        bluecorplist = [(int(bluecorp.corporation_id), str(bluecorp.corporation_name)) for bluecorp in bluecorps]
-        bluecorplist.sort(key=lambda tup: tup[1])
-        bluecorp_id_list = [int(bluecorp.corporation_id) for bluecorp in bluecorps]
-
-        if not (user_corp_id in membercorp_id_list or user_corp_id not in bluecorp_id_list):
-            user_corp_id = None
-
-    if not corpid:
-        if settings.IS_CORP:
-            corpid = settings.CORP_ID
-        elif user_corp_id:
-            corpid = user_corp_id
+        if EveCharacter.objects.filter(character_id=token.character_id).exists():
+            corp_id = EveCharacter.objects.get(character_id=token.character_id).corporation_id
        else:
-            corpid = membercorplist[0][0]
-
-    corp = EveCorporationInfo.objects.get(corporation_id=corpid)
-    if request.user.has_perm('auth.alliance_apis') or (request.user.has_perm('auth.corp_apis') and user_corp_id == corpid):
-        logger.debug("Retreiving and sending API-information")
-
-        if settings.IS_CORP:
-            try:
-                member_list = EveApiManager.get_corp_membertracking(settings.CORP_API_ID, settings.CORP_API_VCODE)
-            except APIError:
-                logger.debug("Corp API does not have membertracking scope, using EveWho data instead.")
-                member_list = EveWhoManager.get_corporation_members(corpid)
-        else:
-            member_list = EveWhoManager.get_corporation_members(corpid)
-
-        characters_with_api = {}
-        characters_without_api = {}
-
-        num_registered_characters = 0
-        for char_id, member_data in member_list.items():
-            try:
-                char = EveCharacter.objects.get(character_id=char_id)
-                char_owner = char.user
-                try:
-                    if not char_owner:
-                        raise AttributeError("Character has no assigned user.")
-                    mainid = int(AuthServicesInfo.objects.get_or_create(user=char_owner)[0].main_char_id)
-                    mainchar = EveCharacter.objects.get(character_id=mainid)
-                    mainname = mainchar.character_name
-                    maincorp = mainchar.corporation_name
-                    maincorpid = mainchar.corporation_id
-                    api_pair = EveApiKeyPair.objects.get(api_id=char.api_id)
-                except (ValueError, EveCharacter.DoesNotExist, EveApiKeyPair.DoesNotExist):
-                    logger.debug("No main character seem to be set for character %s" % char.character_name)
-                    mainname = "User: " + char_owner.username
-                    mainchar = char
-                    maincorp = "Not set."
-                    maincorpid = None
-                    api_pair = None
-                except AttributeError:
-                    logger.debug("No associated user for character %s" % char.character_name)
-                    mainname = None
-                    mainchar = char
-                    maincorp = None
-                    maincorpid = None
-                    try:
-                        api_pair = EveApiKeyPair.objects.get(api_id=char.api_id)
-                    except EveApiKeyPair.DoesNotExist:
-                        api_pair = None
-                num_registered_characters += 1
-                characters_with_api.setdefault(mainname, Player(main=mainchar,
-                                                                user=char_owner,
-                                                                maincorp=maincorp,
-                                                                maincorpid=maincorpid,
-                                                                altlist=[],
-                                                                apilist=[],
-                                                                n_fats=0)
-                                               ).altlist.append(char)
-                if api_pair:
-                    characters_with_api[mainname].apilist.append(api_pair)
-
-            except EveCharacter.DoesNotExist:
-                characters_without_api.update({member_data["name"]: member_data["id"]})
-
-        for char in EveCharacter.objects.filter(corporation_id=corpid):
-            if not int(char.character_id) in member_list:
-                logger.debug("Character '%s' does not exist in EveWho dump." % char.character_name)
-                char_owner = char.user
-                try:
-                    if not char_owner:
-                        raise AttributeError("Character has no assigned user.")
-                    mainid = int(AuthServicesInfo.objects.get_or_create(user=char_owner)[0].main_char_id)
-                    mainchar = EveCharacter.objects.get(character_id=mainid)
-                    mainname = mainchar.character_name
-                    maincorp = mainchar.corporation_name
-                    maincorpid = mainchar.corporation_id
-                    api_pair = EveApiKeyPair.objects.get(api_id=char.api_id)
-                except (ValueError, EveCharacter.DoesNotExist, EveApiKeyPair.DoesNotExist):
-                    logger.debug("No main character seem to be set for character %s" % char.character_name)
-                    mainname = "User: " + char_owner.username
-                    mainchar = char
-                    maincorp = "Not set."
-                    maincorpid = None
-                    api_pair = None
-                except AttributeError:
-                    logger.debug("No associated user for character %s" % char.character_name)
-                    mainname = None
-                    mainchar = char
-                    maincorp = None
-                    maincorpid = None
-                    try:
-                        api_pair = EveApiKeyPair.objects.get(api_id=char.api_id)
-                    except EveApiKeyPair.DoesNotExist:
-                        api_pair = None
-                num_registered_characters += 1
-                characters_with_api.setdefault(mainname, Player(main=mainchar,
-                                                                user=char_owner,
-                                                                maincorp=maincorp,
-                                                                maincorpid=maincorpid,
-                                                                altlist=[],
-                                                                apilist=[],
-                                                                n_fats=0)
-                                               ).altlist.append(char)
-                if api_pair:
-                    characters_with_api[mainname].apilist.append(api_pair)
-
-        n_unacounted = corp.member_count - (num_registered_characters + len(characters_without_api))
-
-        for mainname, player in characters_with_api.items():
-            fats_this_month = Fat.objects.filter(user=player.user).filter(
-                fatlink__fatdatetime__gte=start_of_month).filter(fatlink__fatdatetime__lt=start_of_next_month)
-            characters_with_api[mainname].n_fats = len(fats_this_month)
-
-        if start_of_next_month > datetime.datetime.now():
-            start_of_next_month = None
-
-        if not settings.IS_CORP:
-            context = {"membercorplist": membercorplist,
-                       "corp": corp,
-                       "characters_with_api": sorted(characters_with_api.items()),
-                       'n_registered': num_registered_characters,
-                       'n_unacounted': n_unacounted,
-                       "characters_without_api": sorted(characters_without_api.items()),
-                       "search_form": CorputilsSearchForm()}
-        else:
-            logger.debug("corp_member_view running in corportation mode")
-            context = {"corp": corp,
-                       "characters_with_api": sorted(characters_with_api.items()),
-                       'n_registered': num_registered_characters,
-                       'n_unacounted': n_unacounted,
-                       "characters_without_api": sorted(characters_without_api.items()),
-                       "search_form": CorputilsSearchForm()}
-
-        context["next_month"] = start_of_next_month
-        context["previous_month"] = start_of_previous_month
-        context["this_month"] = start_of_month
-
-        return render(request, 'registered/corputils.html', context=context)
-    else:
-        logger.warn('User %s (%s) not authorized to view corp stats for corp id %s' % (request.user, user_corp_id, corpid))
-    return redirect("auth_dashboard")
-
-
-def can_see_api(user, character):
-    if user.has_perm('auth.alliance_apis'):
-        return True
-    try:
-        user_main = EveCharacter.objects.get(
-                    character_id=AuthServicesInfo.objects.get_or_create(user=user)[0].main_char_id)
-        if user.has_perm('auth.corp_apis') and user_main.corporation_id == character.corporation_id:
-            return True
-    except EveCharacter.DoesNotExist:
-        return False
-    return False
+            corp_id = \
+                token.get_esi_client(Character='v4').Character.get_characters_character_id(character_id=token.character_id).result()[
+                    'corporation_id']
+        corp = EveCorporationInfo.objects.get(corporation_id=corp_id)
+        cs = CorpStats.objects.create(token=token, corp=corp)
+        cs.update()
+        assert cs.pk  # ensure update was successful
+        if CorpStats.objects.filter(pk=cs.pk).visible_to(request.user).exists():
+            return redirect('corputils:view_corp', corp_id=corp.corporation_id)
+    except EveCorporationInfo.DoesNotExist:
+        messages.error(request, _('Unrecognized corporation. Please ensure it is a member of the alliance or a blue.'))
+    except IntegrityError:
+        messages.error(request, _('Selected corp already has a statistics module.'))
+    except AssertionError:
+        messages.error(request, _('Failed to gather corporation statistics with selected token.'))
+    return redirect('corputils:view')


@login_required
-def corputils_search(request, corpid=settings.CORP_ID):
-    logger.debug("corputils_search called by user %s" % request.user)
+@user_passes_test(access_corpstats_test)
+def corpstats_view(request, corp_id=None):
+    corpstats = None

-    corp = EveCorporationInfo.objects.get(corporation_id=corpid)
+    # get requested model
+    if corp_id:
+        corp = get_object_or_404(EveCorporationInfo, corporation_id=corp_id)
+        corpstats = get_object_or_404(CorpStats, corp=corp)

-    authorized = False
-    try:
-        user_main = EveCharacter.objects.get(
-            character_id=AuthServicesInfo.objects.get_or_create(user=request.user)[0].main_char_id)
-        if request.user.has_perm('auth.alliance_apis') or (
-                    request.user.has_perm('auth.corp_apis') and (user_main.corporation_id == corpid)):
-            logger.debug("Retreiving and sending API-information")
-            authorized = True
-    except (ValueError, EveCharacter.DoesNotExist):
-        if request.user.has_perm('auth.alliance_apis'):
-            logger.debug("Retrieving and sending API-information")
-            authorized = True
+    # get available models
+    available = CorpStats.objects.visible_to(request.user)

-    if authorized:
-        if request.method == 'POST':
-            form = CorputilsSearchForm(request.POST)
-            logger.debug("Request type POST contains form valid: %s" % form.is_valid())
-            if form.is_valid():
-                # Really dumb search and only checks character name
-                # This can be improved but it does the job for now
-                searchstring = form.cleaned_data['search_string']
-                logger.debug("Searching for player with character name %s for user %s" % (searchstring, request.user))
+    # ensure we can see the requested model
+    if corpstats and corpstats not in available:
+        raise PermissionDenied('You do not have permission to view the selected corporation statistics module.')

-                member_list = {}
-                if settings.IS_CORP:
-                    member_list = EveApiManager.get_corp_membertracking(settings.CORP_API_ID, settings.CORP_API_VCODE)
-                if not member_list:
-                    logger.debug('Unable to fetch members from API. Pulling from EveWho')
-                    member_list = EveWhoManager.get_corporation_members(corpid)
+    # get default model if none requested
+    if not corp_id and available.count() == 1:
+        corpstats = available[0]

-                SearchResult = namedtuple('SearchResult',
-                                          ['name', 'id', 'main', 'api_registered', 'character', 'apiinfo'])
+    context = {
+        'available': available,
+    }

-                searchresults = []
-                for memberid, member_data in member_list.items():
-                    if searchstring.lower() in member_data["name"].lower():
-                        try:
-                            char = EveCharacter.objects.get(character_name=member_data["name"])
-                            user = char.user
-                            mainid = int(AuthServicesInfo.objects.get_or_create(user=user)[0].main_char_id)
-                            main = EveCharacter.objects.get(character_id=mainid)
-                            if can_see_api(request.user, char):
-                                api_registered = True
-                                apiinfo = EveApiKeyPair.objects.get(api_id=char.api_id)
-                            else:
-                                api_registered = False
-                                apiinfo = None
-                        except EveCharacter.DoesNotExist:
-                            api_registered = False
-                            char = None
-                            main = ""
-                            apiinfo = None
+    # paginate
+    members = []
+    if corpstats:
+        page = request.GET.get('page', 1)
+        members = get_page(corpstats.get_member_objects(request.user), page)

-                        searchresults.append(SearchResult(name=member_data["name"], id=memberid, main=main,
-                                                          api_registered=api_registered,
-                                                          character=char, apiinfo=apiinfo))
+    if corpstats:
+        context.update({
+            'corpstats': corpstats.get_view_model(request.user),
+            'members': members,
+        })

-                logger.info("Found %s members for user %s matching search string %s" % (
-                    len(searchresults), request.user, searchstring))
+    return render(request, 'corputils/corpstats.html', context=context)

-                context = {'corp': corp, 'results': searchresults, 'search_form': CorputilsSearchForm(),
-                           "year": datetime.datetime.now().year, "month": datetime.datetime.now().month}

-                return render(request, 'registered/corputilssearchview.html',
-                              context=context)
-            else:
-                logger.debug("Form invalid - returning for user %s to retry." % request.user)
-                context = {'corp': corp, 'members': None, 'search_form': CorputilsSearchForm()}
-                return render(request, 'registered/corputilssearchview.html', context=context)
-
-        else:
-            logger.debug("Returning empty search form for user %s" % request.user)
-            return redirect("auth_corputils")
+@login_required
+@user_passes_test(access_corpstats_test)
+def corpstats_update(request, corp_id):
+    corp = get_object_or_404(EveCorporationInfo, corporation_id=corp_id)
+    corpstats = get_object_or_404(CorpStats, corp=corp)
+    if corpstats.can_update(request.user):
+        try:
+            corpstats.update()
+        except HTTPError as e:
+            messages.error(request, str(e))
    else:
-        logger.warn('User %s not authorized to view corp stats for corp ID %s' % (request.user, corpid))
-    return redirect("auth_dashboard")
+        raise PermissionDenied(
+            'You do not have permission to update member data for the selected corporation statistics module.')
+    if corpstats.pk:
+        return redirect('corputils:view_corp', corp_id=corp.corporation_id)
+    else:
+        return redirect('corputils:view')
+
+
+@login_required
+@user_passes_test(access_corpstats_test)
+def corpstats_search(request):
+    results = []
+    search_string = request.GET.get('search_string', None)
+    if search_string:
+        has_similar = CorpStats.objects.filter(_members__icontains=search_string).visible_to(request.user)
+        for corpstats in has_similar:
+            similar = [(member_id, corpstats.members[member_id]) for member_id in corpstats.members if
+                       search_string.lower() in corpstats.members[member_id].lower()]
+            for s in similar:
+                results.append(
+                    (corpstats, CorpStats.MemberObject(s[0], s[1], show_apis=corpstats.show_apis(request.user))))
+        page = request.GET.get('page', 1)
+        results = sorted(results, key=lambda x: x[1].character_name)
+        results_page = get_page(results, page)
+        context = {
+            'available': CorpStats.objects.visible_to(request.user),
+            'results': results_page,
+            'search_string': search_string,
+        }
+        return render(request, 'corputils/search.html', context=context)
+    return redirect('corputils:view')
--- a/docs/.gitignore
+++ b/docs/.gitignore
@@ -0,0 +1 @@
+_build/
--- a/docs/Makefile
+++ b/docs/Makefile
@@ -0,0 +1,20 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line.
+SPHINXOPTS    =
+SPHINXBUILD   = sphinx-build
+SPHINXPROJ    = AllianceAuth
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
--- a/docs/_static/images/features/group-admin.png
+++ b/docs/_static/images/features/group-admin.png
--- a/docs/_static/images/features/group-member-management.png
+++ b/docs/_static/images/features/group-member-management.png
--- a/docs/_static/images/features/group-membership.png
+++ b/docs/_static/images/features/group-membership.png
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -0,0 +1,173 @@
+# -*- coding: utf-8 -*-
+#
+# Alliance Auth documentation build configuration file, created by
+# sphinx-quickstart on Tue Jan  3 12:56:59 2017.
+#
+# This file is execfile()d with the current directory set to its
+# containing dir.
+#
+# Note that not all possible configuration values are present in this
+# autogenerated file.
+#
+# All configuration values have a default; values that are commented out
+# serve to show the default.
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#
+import os
+import sys
+sys.path.insert(0, os.path.abspath('.'))
+
+# on_rtd is whether we are on readthedocs.org, this line of code grabbed from docs.readthedocs.org
+on_rtd = os.environ.get('READTHEDOCS', None) == 'True'
+
+# Support for recommonmark module
+import recommonmark
+
+from recommonmark.parser import CommonMarkParser
+from recommonmark.transform import AutoStructify
+
+# -- General configuration ------------------------------------------------
+
+# If your documentation needs a minimal Sphinx version, state it here.
+#
+# needs_sphinx = '1.0'
+
+# Add any Sphinx extension module names here, as strings. They can be
+# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
+# ones.
+extensions = []
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ['_templates']
+
+# The suffix(es) of source filenames.
+# You can specify multiple suffix as a list of string:
+#
+# source_suffix = ['.rst', '.md']
+source_suffix = ['.md', '.rst']
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u'Alliance Auth'
+copyright = u'2017, Alliance Auth'
+author = u'R4stl1n'
+
+# The version info for the project you're documenting, acts as replacement for
+# |version| and |release|, also used in various other places throughout the
+# built documents.
+#
+# The short X.Y version.
+version = u'1.14'
+# The full version, including alpha/beta/rc tags.
+# release = u'1.14.0'
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#
+# This is also used if you do content translation via gettext catalogs.
+# Usually you set "language" from the command line for these cases.
+language = None
+
+# List of patterns, relative to source directory, that match files and
+# directories to ignore when looking for source files.
+# This patterns also effect to html_static_path and html_extra_path
+exclude_patterns = ['_build', 'Thumbs.db', '.DS_Store']
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# If true, `todo` and `todoList` produce output, else they produce nothing.
+todo_include_todos = False
+
+
+# -- Options for HTML output ----------------------------------------------
+
+# The theme to use for HTML and HTML Help pages.  See the documentation for
+# a list of builtin themes.
+#
+html_theme = 'sphinx_rtd_theme'
+
+# Theme options are theme-specific and customize the look and feel of a theme
+# further.  For a list of options available for each theme, see the
+# documentation.
+#
+# html_theme_options = {}
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = ['_static']
+
+
+# -- Options for HTMLHelp output ------------------------------------------
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'AllianceAuthdoc'
+
+
+# -- Options for LaTeX output ---------------------------------------------
+
+latex_elements = {
+    # The paper size ('letterpaper' or 'a4paper').
+    #
+    # 'papersize': 'letterpaper',
+
+    # The font size ('10pt', '11pt' or '12pt').
+    #
+    # 'pointsize': '10pt',
+
+    # Additional stuff for the LaTeX preamble.
+    #
+    # 'preamble': '',
+
+    # Latex figure (float) alignment
+    #
+    # 'figure_align': 'htbp',
+}
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title,
+#  author, documentclass [howto, manual, or own class]).
+latex_documents = [
+    (master_doc, 'AllianceAuth.tex', u'Alliance Auth Documentation',
+     u'R4stl1n', 'manual'),
+]
+
+
+# -- Options for manual page output ---------------------------------------
+
+# One entry per manual page. List of tuples
+# (source start file, name, description, authors, manual section).
+man_pages = [
+    (master_doc, 'allianceauth', u'Alliance Auth Documentation',
+     [author], 1)
+]
+
+
+# -- Options for Texinfo output -------------------------------------------
+
+# Grouping the document tree into Texinfo files. List of tuples
+# (source start file, target name, title, author,
+#  dir menu entry, description, category)
+texinfo_documents = [
+    (master_doc, 'AllianceAuth', u'Alliance Auth Documentation',
+     author, 'AllianceAuth', 'Alliance service auth to help large scale alliances manage services.',
+     'Miscellaneous'),
+]
+
+# Markdown support
+source_parsers = {
+    '.md': CommonMarkParser,
+}
+
+
+def setup(app):
+    app.add_config_value('recommonmark_config', {
+            'auto_toc_tree_section': 'Contents',
+            }, True)
+    app.add_transform(AutoStructify)
--- a/docs/development/documentation.md
+++ b/docs/development/documentation.md
@@ -0,0 +1,38 @@
+# Documentation
+
+The documentation for Alliance Auth uses [Sphinx](http://www.sphinx-doc.org/) to build documentation. When a new commit
+ to specific branches is made (master, primarily), the repository is automatically pulled, docs built and deployed on
+ [readthedocs.org](https://readthedocs.org/).
+
+
+Documentation was migrated from the Github wiki pages and into the repository to allow documentation changes to be
+included with pull requests. This means that documentation can be guaranteed to be updated when a pull request is
+accepted rather than hoping documentation is updated afterwards or relying on maintainers to do the work. It also
+allows for documentation to be maintained at different versions more easily.
+
+## Building Documentation
+If you're developing new documentation, its likely you'll want or need to test build it before committing to your
+branch. To achieve this you can use Sphinx to build the documentation locally as it appears on Read the Docs.
+
+Activate your virtual environment (if you're using one) and install the documentation requirements found in
+`docs/requirements.txt` using pip, e.g. `pip install -r docs/requirements.txt`.
+
+You can then build the docs by changing to the `docs/` directory and running `make html` or `make dirhtml`, depending
+on how the Read the Docs project is configured. Either should work fine for testing. You can now find the output of the
+build in the `/docs/_build/` directory.
+
+Occasionally you may need to fully rebuild the documents by running `make clean` first, usually when you add or
+rearrange toctrees.
+
+
+## Documentation Format
+
+CommonMark Markdown is the current preferred format, via [recommonmark](https://github.com/rtfd/recommonmark).
+reStructuredText is supported if required, or you can execute snippets of reST inside Markdown by using a code block:
+
+    ```eval_rst
+    reStructuredText here
+    ```
+
+Markdown is used elsewhere on Github so it provides the most portability of documentation from Issues and Pull Requests
+as well as providing an easier initial migration path from the Github wiki.
--- a/docs/development/index.md
+++ b/docs/development/index.md
@@ -0,0 +1,9 @@
+# Development
+
+```eval_rst
+.. toctree::
+
+    documentation
+    integrating-services
+    menu-hooks
+```
--- a/docs/development/integrating-services.md
+++ b/docs/development/integrating-services.md
@@ -0,0 +1,302 @@
+# Integrating Services
+
+One of the primary roles of Alliance Auth is integrating with external services in order to authenticate and manage users. This is achieved through the use of service modules. 
+
+## The Service Module
+
+Each service module is its own self contained Django app. It will likely contain views, models, migrations and templates. Anything that is valid in a Django app is valid in a service module.
+
+Normally service modules live in `services.modules` though they may also be installed as external packages and installed via `pip` if you wish. A module is installed by including it in the `INSTALLED_APPS` setting.
+
+### Service Module Structure
+
+Typically a service will contain 5 key components:
+
+- [The Hook](#the-hook)
+- [The Service Manager](#the-service-manager)
+- [The Views](#the-views)
+- [The Tasks](#the-tasks)
+- [The Models](#the-models)
+
+The architecture looks something like this:
+
+          urls -------▶ Views
+           ▲              |
+           |              |
+           |              ▼
+      ServiceHook ----▶ Tasks ----▶ Manager
+           ▲
+           |
+           |
+      AllianceAuth
+      
+      
+      Where:
+         Module --▶ Dependency/Import
+
+While this is the typical structure of the existing services modules, there is no enforcement of this structure and you are, effectively, free to create whatever architecture may be necessary. A service module need not even communicate with an external service, for example, if similar triggers such as validate_user, delete_user are required for a module it may be convenient to masquerade as a service. Ideally though, using the common structure improves the maintainability for other developers.
+
+### The Hook
+
+In order to integrate with Alliance Auth service modules must provide a `services_hook`. This hook will be a function that returns an instance of the `services.hooks.ServiceHook` class and decorated with the `@hooks.registerhook` decorator. For example:
+
+    @hooks.register('services_hook')
+    def register_service():
+        return ExampleService()
+
+This would register the ExampleService class which would need to be a subclass of `services.hooks.ServiceHook`.
+
+        
+```eval_rst
+.. important::
+    The hook **MUST** be registered in `yourservice.auth_hooks` along with any other hooks you are registering for Alliance Auth.
+```
+
+
+A subclassed `ServiceHook` might look like this:
+
+    class ExampleService(ServicesHook):
+    def __init__(self):
+        ServicesHook.__init__(self)
+        self.urlpatterns = urlpatterns
+        self.service_url = 'http://exampleservice.example.com'
+
+    """
+    Overload base methods here to implement functionality
+    """
+
+
+### The ServiceHook class
+
+The base `ServiceHook` class defines function signatures that Alliance Auth will call under certain conditions in order to trigger some action in the service.
+
+You will need to subclass `services.hooks.ServiceHook` in order to provide implementation of the functions so that Alliance Auth can interact with the service correctly. All of the functions are optional, so its up to you to define what you need.
+
+Instance Variables:
+- [self.name](#self-name)
+- [self.urlpatterns](#self-url-patterns)
+- [self.service_ctrl_template](#self-service-ctrl-template)
+
+Properties:
+- [title](#title)
+
+Functions:
+- [delete_user](#delete-user)
+- [validate_user](#validate-user)
+- [sync_nickname](#sync-nickname)
+- [update_groups](#update-groups)
+- [update_all_groups](#update-all-groups)
+- [service_enabled_members](#service-enabled-members)
+- [service_enabled_blues](#service-enabled-blues)
+- [service_active_for_user](#service-active-for-user)
+- [show_service_ctrl](#show-service-ctrl)
+- [render_service_ctrl](#render-service-ctrl)
+
+
+#### self.name
+Internal name of the module, should be unique amongst modules.
+
+#### self.urlpatterns
+You should define all of your service urls internally, usually in `urls.py`. Then you can import them and set `self.urlpatterns` to your defined urlpatterns. 
+
+    from . import urls
+    ...
+    class MyService(ServiceHook):
+        def __init__(self):
+            ...
+            self.urlpatterns = urls.urlpatterns
+            
+All of your apps defined urlpatterns will then be included in the `URLconf` when the core application starts.
+
+#### self.service_ctrl_template
+This is provided as a courtesy and defines the default template to be used with [render_service_ctrl](#render-service-ctrl). You are free to redefine or not use this variable at all.
+
+#### title
+This is a property which provides a user friendly display of your service's name. It will usually do a reasonably good job unless your service name has punctuation or odd capitalisation. If this is the case you should override this method and return a string.
+
+#### delete_user
+`def delete_user(self, user, notify_user=False):`
+
+Delete the users service account, optionally notify them that the service has been disabled. The `user` parameter should be a Django User object. If notify_user is set to `True` a message should be set to the user via the `notifications` module to alert them that their service account has been disabled.
+
+The function should return a boolean, `True` if successfully disabled, `False` otherwise.
+
+#### validate_user
+`def validate_user(self, user):`
+
+Validate the users service account, deleting it if they should no longer have access. The `user` parameter should be a Django User object.
+
+An implementation will probably look like the following:
+
+        def validate_user(self, user):
+        logger.debug('Validating user %s %s account' % (user, self.name))
+        if ExampleTasks.has_account(user) and not self.service_active_for_user(user):
+            self.delete_user(user, notify_user=True)
+
+No return value is expected.
+
+This function will be called periodically on all users to validate that the given user should have their current service accounts.
+
+#### sync_nickname
+`def sync_nickname(self, user):`
+
+Very optional. As of writing only one service defines this. The `user` parameter should be a Django User object. When called, the given users nickname for the service should be updated and synchronised with the service.
+
+If this function is defined, an admin action will be registered on the Django Users view, allowing admins to manually trigger this action for one or many users. The hook will trigger this action user by user, so you won't have to manage a list of users.
+
+#### update_groups
+`def update_groups(self, user):`
+
+Update the users group membership. The `user` parameter should be a Django User object. 
+When this is called the service should determine the groups the user is a member of and synchronise the group membership with the external service. If you service does not support groups then you are not required to define this.
+
+If this function is defined, an admin action will be registered on the Django Users view, allowing admins to manually trigger this action for one or many users. The hook will trigger this action user by user, so you won't have to manage a list of users.
+
+This action is usually called via a signal when a users group membership changes (joins or leaves a group).
+
+#### update_all_groups
+`def update_all_groups(self):`
+
+The service should iterate through all of its recorded users and update their groups.
+
+I'm really not sure when this is called, it may have been a hold over from before signals started to be used. Regardless, it can be useful to server admins who may call this from a Django shell to force a synchronisation of all user groups for a specific service.
+
+#### service_enabled_members
+`def service_enabled_members(self):`
+
+Is this service enabled for users with the `Member` state? It should return `True` if the service is enabled for Members, and `False` otherwise. The default is `False`.
+
+An implementation will usually look like:
+
+    def service_enabled_members(self):
+        return settings.ENABLE_AUTH_EXAMPLE or False
+        
+        
+```eval_rst
+.. note::
+    There has been discussion about moving services to permissions based access. You should review `Issue #663 <https://github.com/allianceauth/allianceauth/issues/663/>`_.
+```
+
+#### service_enabled_blues
+`def service_enabled_blues(self):`
+
+Is this service enabled for users with the `Blue` state? It should return `True` if the service is enabled for Blues, and `False` otherwise. The default is `False`.
+
+An implementation will usually look like:
+
+    def service_enabled_blues(self):
+        return settings.ENABLE_BLUE_EXAMPLE or False
+        
+        
+```eval_rst
+.. note::
+    There has been discussion about moving services to permissions based access. You should review `Issue #663 <https://github.com/allianceauth/allianceauth/issues/663/>`_.
+```
+
+#### service_active_for_user
+`def service_active_for_user(self, user):`
+
+Is this service active for the given user? The `user` parameter should be a Django User object.
+
+Usually you wont need to override this as it calls `service_enabled_members` or `service_enabled_blues` depending on the users state.
+
+```eval_rst
+.. note::
+    There has been discussion about moving services to permissions based access. You should review `Issue #663 <https://github.com/allianceauth/allianceauth/issues/663/>`_ as this function will likely need to be defined by each service to check its permission.
+```
+
+#### show_service_ctrl
+`def show_service_ctrl(self, user, state):`
+
+Should the service be shown for the given `user` with the given `state`? The `user` parameter should be a Django User object, and the `state` parameter should be a valid state from `authentication.states`.
+
+Usually you wont need to override this function.
+
+For more information see the [render_service_ctrl](#render-service-ctrl) section.
+ 
+#### render_service_ctrl
+`def render_services_ctrl(self, request):`
+
+Render the services control row. This will be called for all active services when a user visits the `/services/` page and [show_service_ctrl](#show-service-ctrl) returns `True` for the given user.
+
+It should return a string (usually from `render_to_string`) of a table row (`<tr>`) with 4 columns (`<td>`). Column #1 is the service name, column #2 is the users username for this service, column #3 is the services URL, and column #4 is the action buttons.
+
+You may either define your own service template or use the default one provided. The default can be used like this example:
+
+    def render_services_ctrl(self, request):
+        """
+        Example for rendering the service control panel row
+        You can override the default template and create a
+        custom one if you wish.
+        :param request:
+        :return:
+        """
+        urls = self.Urls()
+        urls.auth_activate = 'auth_example_activate'
+        urls.auth_deactivate = 'auth_example_deactivate'
+        urls.auth_reset_password = 'auth_example_reset_password'
+        urls.auth_set_password = 'auth_example_set_password'
+        return render_to_string(self.service_ctrl_template, {
+            'service_name': self.title,
+            'urls': urls,
+            'service_url': self.service_url,
+            'username': 'example username'
+        }, request=request)
+
+the `Urls` class defines the available URL names for the 4 actions available in the default template:
+
+- Activate (create service account)
+- Deactivate (delete service account)
+- Reset Password (random password)
+- Set Password (custom password)
+
+If you don't define one or all of these variable the button for the undefined URLs will not be displayed.
+
+Most services will survive with the default template. If, however, you require extra buttons for whatever reason, you are free to provide your own template as long as you stick within the 4 columns. Multiple rows should be OK, though may be confusing to users.
+
+### Menu Item Hook
+
+If you services needs cannot be satisfied by the Service Control row, you are free to specify extra hooks by subclassing or instantiating the `services.hooks.MenuItemHook` class.
+
+For more information see the [Menu Hooks](menu-hooks.md) page. 
+
+### The Service Manager
+
+The service manager is what interacts with the external service. Ideally it should be completely agnostic about its environment, meaning that it should avoid calls to Alliance Auth and Django in general (except in special circumstances where the service is managed locally, e.g. Mumble). Data should come in already arranged by the Tasks and data passed back for the tasks to manage or distribute.
+
+The reason for maintaining this separation is that managers may be reused from other sources and there may not even be a need to write a custom manager. Likewise, by maintaining this neutral environment others may reuse the managers that we write. It can also significantly ease the unit testing of services.
+
+### The Views
+
+As mentioned at the start of this page, service modules are fully fledged Django apps. This means you're free to do whatever you wish with your views.
+
+Typically most traditional username/password services define four views.
+
+- Create Account
+- Delete Account
+- Reset Password
+- Set Password
+
+These views should interact with the service via the Tasks, though in some instances may bypass the Tasks and access the manager directly where necessary, for example OAuth functionality.
+
+
+### The Tasks
+
+The tasks component is the glue that holds all of the other components of the service module together. It provides the function implementation to handle things like adding and deleting users, updating groups, validating the existence of a users account. Whatever tasks `auth_hooks` and `views` have with interacting with the service will probably live here.
+
+### The Models
+
+Its very likely that you'll need to store data about a users remote service account locally. As service modules are fully fledged Django apps you are free to create as many models as necessary for persistent storage. You can create foreign keys to other models in Alliance Auth if necessary, though I _strongly_ recommend you limit this to the User and Groups models from `django.contrib.auth.models` and query any other data manually.
+
+If you create models you should create the migrations that go along with these inside of your module/app.
+
+
+## Examples
+
+There is a bare bones example service included in `services.modules.example`, you may like to use this as the base for your new service.
+
+You should have a look through some of the other service modules before you get started to get an idea of the general structure of one. A lot of them aren't perfect so don't feel like you have to rigidly follow the structure of the existing services if you think its sub-optimal or doesn't suit the external service you're integrating.
+
+
+## Testing
+You will need to add unit tests for all aspects of your service module before it is accepted. Be mindful that you don't actually want to make external calls to the service so you should mock the appropriate components to prevent this behaviour.
--- a/docs/development/menu-hooks.md
+++ b/docs/development/menu-hooks.md
@@ -0,0 +1,38 @@
+# Menu Hooks
+
+```eval_rst
+.. note::
+    Currently most menu items are statically defined in the `base.html` template. Ideally this behaviour will change over time with each module of Alliance Auth providing all of its menu items via the hook. New modules should aim to use the hook over statically adding menu items to the base template.
+```
+
+The menu hooks allow you to dynamically specify menu items from your plugin app or service. To achieve this you should subclass or instantiate the `services.hooks.MenuItemHook` class and then register the menu item with one of the hooks.
+
+There are three levels of Menu Item Hooks
+
+- `menu_main_hook`
+- `menu_aux_hook`
+- `menu_util_hook`
+
+These represent the 3 levels of menu displayed on the site.
+
+To register a MenuItemHook class you would do the following:
+
+    @hooks.register('menu_util_hook')
+    def register_menu():
+        return MenuItemHook('Example Item', 'glyphicon glyphicon-heart', 'example_url_name', 150)
+        
+        
+The `MenuItemHook` class specifies some parameters/instance variables required for menu item display.
+
+`MenuItemHook(text, classes, url_name, order=None)`
+
+#### text
+The text value of the link
+#### classes
+The classes that should be applied to the bootstrap menu item icon
+#### url_name
+The name of the Django URL to use
+#### order
+An integer which specifies the order of the menu item, lowest to highest
+
+If you cannot get the menu item to look the way you wish, you are free to subclass and override the default render function and the template used.
--- a/docs/features/corpstats.md
+++ b/docs/features/corpstats.md
@@ -0,0 +1,133 @@
+# Corp Stats
+
+This module is used to check the registration status of corp members and to determine character relationships, being mains or alts.
+
+## Creating a Corp Stats
+
+Upon initial install, nothing will be visible. For every corp, a model will have to be created before data can be viewed.
+
+![nothing is visible](http://i.imgur.com/va3DyT6.png)
+
+If you are a superuser, the add button will be immediate visible to you. If not, your user account requires the `add_corpstats` permission.
+
+Corp Stats requires an EVE SSO token to access data from the EVE Swagger Interface. Upon pressing the Add button, you will be prompted to authenticated. Please select the character who is in the corp you want data for.
+
+![authorize from the EVE site](http://i.imgur.com/OnyoOAZ.png)
+
+You will return to auth where you are asked to select a token with the green arrow button. If you want to use a different character, press the `LOG IN with EVE Online` button.
+
+![select an SSO token to create with](http://i.imgur.com/KdA0XH0.png)
+
+If this works (and you have permission to view the Corp Stats you just created) you'll be returned to a view of the Corp Stats.
+If it fails an error message will be displayed.
+
+## Corp Stats View
+
+### Navigation Bar
+
+![navigation bar](http://i.imgur.com/2l9gbml.png)
+
+This bar contains a dropdown menu of all available corps. If the user has the `add_corpstats` permission, a button to add a Corp Stats will be shown.
+
+On the right of this bar is a search field. Press enter to search. It checks all characters in all Corp Stats you have view permission to and returns search results. Generic searches (such as 'a') will be slow.
+
+### API Index
+
+![API Index](http://i.imgur.com/P1U2WJ2.png)
+
+This is a visual indication of the number of registered characters.
+
+### Last Update
+
+![last update and update button](http://i.imgur.com/yHbueGK.png)
+
+Corp Stats do not automatically update. They update once upon creation for initial data, and whenever someone presses the update button.
+
+Only superusers and the creator of the Corp Stat can update it.
+
+### Member List
+
+![member list](http://i.imgur.com/udEVoSh.png)
+
+The list contains all characters in the corp. Red backgrounds means they are not registered in auth. If registered, and the user has the required permission to view APIs, a link to JackKnife will be present.
+A link to zKillboard is present for all characters.
+If registered, the character will also have a main character, main corporation, and main alliance field.
+
+This view is paginated: use the navigation arrows to view more pages (sorted alphabetically by character name), or search for a specific character.
+
+![pagination buttons](http://i.imgur.com/otcPGsU.png)
+
+## Search View
+
+![search results](http://i.imgur.com/7wf0Q2C.png)
+
+This view is essentially the same as the Corp Stats page, but not specific to a single corp.
+The search query is visible in the search box.
+Characters from all Corp Stats to which the user has view access will be displayed. APIs respect permissions.
+
+This view is paginated: use the navigation arrows to view more pages (sorted alphabetically by character name).
+
+## Permissions
+
+To use this feature, users will require some of the following:
+
+```eval_rst
+---------------------------------------+------------------+----------------------------------------------------+
+| Permission                            | Admin Site       | Auth Site                                          |
+=======================================+==================+====================================================+
+| corpstats.corp_apis                   | None             | Can view API keys of members of their corporation. |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.alliance_apis               | None             | Can view API keys of members of their alliance.    |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.blue_apis                   | None             | Can view API keys of members of blue corporations. |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.view_corp_corpstats         | None             | Can view corp stats of their corporation.          |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.view_alliance_corpstats     | None             | Can view corp stats of members of their alliance.  |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.view_blue_corpstats         | None             | Can view corp stats of blue corporations.          |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.add_corpstats               | Can create model | Can add new corpstats using an SSO token.          |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.change_corpstats            | Can edit model   | None.                                              |
+---------------------------------------+------------------+----------------------------------------------------+
+| corpstats.remove_corpstats            | Can delete model | None.                                              |
+---------------------------------------+------------------+----------------------------------------------------+
+
+```
+
+Typical use-cases would see the bundling of `corp_apis` and `view_corp_corpstats`, same for alliances and blues.
+Alliance permissions supersede corp permissions. Note that these evaluate against the user's main character.
+
+## Troubleshooting
+
+### Failure to create Corp Stats
+
+>Unrecognized corporation. Please ensure it is a member of the alliance or a blue.
+
+Corp Stats can only be created for corporations who have a model in the database. These only exist for tenant corps,
+corps of tenant alliances, blue corps, and members of blue alliances.
+
+>Selected corp already has a statistics module.
+
+Only one Corp Stats may exist at a time for a given corporation.
+
+>Failed to gather corporation statistics with selected token.
+
+During initial population, the EVE Swagger Interface did not return any member data. This aborts the creation process. Please wait for the API to start working before attempting to create again.
+
+### Failure to update Corp Stats
+
+Any of the following errors will result in a notification to the owning user, and deletion of the Corp Stats model.
+
+>Your token has expired or is no longer valid. Please add a new one to create a new CorpStats.
+
+This occurs when the SSO token is invalid, which can occur when deleted by the user, the character is transferred between accounts, or the API is having a bad day.
+
+>CorpStats for corp_name cannot update with your ESI token as you have left corp.
+
+The SSO token's character is no longer in the corp which the Corp Stats is for, and therefore membership data cannot be retrieved.
+
+>HTTPForbidden
+
+The SSO token lacks the required scopes to update membership data.
--- a/docs/features/groups.md
+++ b/docs/features/groups.md
@@ -0,0 +1,101 @@
+# Groups
+Group Management is one of the core tasks of Alliance Auth. Many of Alliance Auth's services allow for synchronising of group membership, allowing you to grant permissions or roles in services to access certain aspects of them.
+
+## Automatic Groups
+When a member registers in Alliance Auth and selects a main character, Auth will assign them some groups automatically based on some factors.
+
+```eval_rst
+.. important::
+    The ``Corp_`` and ``Alliance_`` group name prefixes are reserved for Alliance Auth internal group management. If you prefix a group with these you will find Alliance Auth automatically removes users from the group.
+```
+
+```eval_rst
+------------------------------+-----------------------------------------------------------------------------------+
+| Group                        | Condition                                                                         |
+------------------------------+-----------------------------------------------------------------------------------+
+| ``Corp_<corp_name>``         | Users Main Character belongs to the Corporation                                   |
+------------------------------+-----------------------------------------------------------------------------------+
+| ``Alliance_<alliance_name>`` | Users Main Character belongs to the Alliance                                      |
+------------------------------+-----------------------------------------------------------------------------------+
+| ``Member``                   | User is a member of one of the tenant Corps or Alliances                          |
+------------------------------+-----------------------------------------------------------------------------------+
+| ``Blue``                     | User is a member of a blue Corp or Alliance, be it via standings or static config |
+------------------------------+-----------------------------------------------------------------------------------+
+```
+
+When the user no longer has the condition required to be a member of that group they are automatically removed by Auth.
+
+## User Organised Groups
+
+Along with the automated groups, administrators can create custom groups for users to join. Examples might be groups like `Leadership`, `CEO` or `Scouts`.
+
+When you create a Django `Group`, Auth automatically creates a corresponding `AuthGroup` model. The admin page looks like this:
+
+![AuthGroup Admin page](/_static/images/features/group-admin.png)
+
+Here you have several options:
+
+#### Internal
+Users cannot see, join or request to join this group. This is primarily used for Auth's internally managed groups, though can be useful if you want to prevent users from managing their membership of this group themselves. This option will override the Hidden, Open and Public options when enabled.
+
+By default, every new group created will be an internal group.
+
+#### Hidden
+Group is hidden from the user interface, but users can still join if you give them the appropriate join link. The URL will be along the lines of `https://example.com/en/group/request_add/{group_id}`. You can get the Group ID from the admin page URL.
+
+This option still respects the Open option.
+
+
+### Open
+When a group is toggled open, users who request to join the group will be immediately added to the group. 
+
+If the group is not open, their request will have to be approved manually by someone with the group management role, or a group leader of that group.
+
+
+### Public
+Group is accessible to any registered user, even when they do not have permission to join regular groups.
+
+The key difference is that the group is completely unmanaged by Auth. **Once a member joins they will not be removed unless they leave manually, you remove them manually, or their account is deliberately set inactive or deleted.**
+
+Most people won't have a use for public groups, though it can be useful if you wish to allow public access to some services. You can grant service permissions on a public group to allow this behaviour.
+
+
+## Permission
+In order to join a group other than a public group, the permission `groupmanagement.request_groups` (`Can request non-public groups` in the admin panel) must be active on their account, either via a group or directly applied to their User account.
+
+When a user loses this permission, they will be removed from all groups _except_ Public groups.
+
+```eval_rst
+.. note::
+    By default, the ``groupmanagement.request_groups`` permission is applied to the ``Member`` group. In most instances this, and perhaps adding it to the ``Blue`` group, should be all that is ever needed. It is unsupported and NOT advisable to apply this permission to a public group. See #697 for more information.
+```
+
+# Group Management
+
+In order to access group management, users need to be either a superuser, granted the `auth | user | group_management ( Access to add members to groups within the alliance )` permission or a group leader (discussed later).
+
+## Group Requests
+
+When a user joins or leaves a group which is not marked as "Open", their group request will have to be approved manually by a user with the `group_management` permission or by a group leader of the group they are requesting.
+
+## Group Membership
+
+The group membership tab gives an overview of all of the non-internal groups.
+
+![Group overview](/_static/images/features/group-membership.png)
+
+### Group Member Management
+
+Clicking on the blue eye will take you to the group member management screen. Here you can see a list of people who are in the group, and remove members where necessary.
+
+![Group overview](/_static/images/features/group-member-management.png)
+
+
+## Group Leaders
+
+Group leaders have the same abilities as users with the `group_management` permission, _however_, they will only be able to:
+
+- Approve requests for groups they are a leader of.
+- View the Group Membership and Group Members of groups they are leaders of.
+
+This allows you to more finely control who has access to manage which groups. Currently it is not possible to add a Group as group leaders.
--- a/docs/features/hrapplications.md
+++ b/docs/features/hrapplications.md
@@ -0,0 +1,84 @@
+# HR Applications
+
+## Management
+
+### Creating Forms
+
+The most common task is creating ApplicationForm models for corps. Only when such models exist will a corp be listed as a choice for applicants. This occurs in the django admin site, so only staff have access.
+
+The first step is to create questions. This is achieved by creating ApplicationQuestion models, one for each question. Titles are not unique.
+
+Next step is to create the actual ApplicationForm model. It requires an existing EveCorporationInfo model to which it will belong. It also requires the selection of questions. ApplicationForm models are unique per corp: only one may exist for any given corp concurrently.
+
+You can adjust these questions at any time. This is the preferred method of modifying the form: deleting and recreating will cascade the deletion to all received applications from this form which is usually not intended.
+
+Once completed the corp will be available to receive applications.
+
+### Reviewing Applications
+
+Superusers can see all applications, while normal members with the required permission can view only those to their corp.
+
+Selecting an application from the management screen will provide all the answers to the questions in the form at the time the user applied.
+
+When a reviewer assigns themselves an application, they mark it as in progress. This notifies the applicant and permanently attached the reviewer to the application.
+
+Only the assigned reviewer can approve/reject/delete the application if they possess the appropriate permission.
+
+Any reviewer who can see the application can view the applicant's APIs if they possess the appropriate permission.
+
+## Permissions
+
+The following permissions have an effect on the website above and beyond their usual admin site functions.
+
+```eval_rst
+---------------------------------------+------------------+----------------------------------------------------+
+| Permission                            | Admin Site       | Auth Site                                          |
+=======================================+==================+====================================================+
+| auth.human_resources                  | None             | Can view applications and mark in progress         |
+---------------------------------------+------------------+----------------------------------------------------+
+| hrapplications.approve_application    | None             | Can approve applications                           |
+---------------------------------------+------------------+----------------------------------------------------+
+| hrapplications.delete_application     | Can delete model | Can delete applications                            |
+---------------------------------------+------------------+----------------------------------------------------+
+| hrapplications.reject_applications    | None             | Can reject applications                            |
+---------------------------------------+------------------+----------------------------------------------------+
+| hrapplications.view_apis              | None             | Can view applicant API keys, and audit in Jacknife |
+---------------------------------------+------------------+----------------------------------------------------+
+| hrapplications.add_applicationcomment | Can create model | Can comment on applications                        |
+---------------------------------------+------------------+----------------------------------------------------+
+
+```
+
+Best practice is to bundle the `auth.human_resources` permission alongside the `hrapplications.approve_application` and `hrapplications.reject_application` permissions, as in isolation these don't make much sense.
+
+## Models
+
+### ApplicationQuestion
+
+This is the model representation of a question. It contains a title, and a field for optional "helper" text. It is referenced by ApplicationForm models but acts independently. Modifying the question after it has been created will not void responses, so it's not advisable to edit the title or the answers may not make sense to reviewers.
+
+### ApplicationForm
+
+This is the template for an application. It points at a corp, with only one form allowed per corp. It also points at ApplicationQuestion models. When a user creates an application, they will be prompted with each question the form includes at the given time. Modifying questions in a form after it has been created will not be reflected in existing applications, so it's perfectly fine to adjust them as you see fit. Changing corps however is not advisable, as existing applications will point at the wrong corp after they've been submitted, confusing reviewers.
+
+### Application
+
+This is the model representation of a completed application. It references an ApplicationForm from which it was spawned which is where the corp specificity comes from. It points at a user, contains info regarding its reviewer, and has a status. Shortcut properties also provide the applicant's main character, the applicant's APIs, and a string representation of the reviewer (for cases when the reviewer doesn't have a main character or the model gets deleted).
+
+### ApplicationResponse
+
+This is an answer to a question. It points at the Application to which it belongs, to the ApplicationQuestion which it is answering, and contains the answer text. Modifying any of these fields in dangerous.
+
+### ApplicationComment
+
+This is a reviewer's comment on an application. Points at the application, points to the user, and contains the comment text. Modifying any of these fields is dangerous.
+
+## Troubleshooting
+
+### No corps accepting applications
+
+Ensure there are ApplicationForm models in the admin site. Ensure the user does not already have an application to these corps. If the users wishes to re-apply they must first delete their completed application
+
+### Reviewer unable to complete application
+
+Reviewers require a permission for each of the three possible outcomes of an application, Approve Reject or Delete. Any user with the human resources permission can mark an application as in-progress, but if they lack these permissions then the application will get stuck. Either grant the user the required permissions or change the assigned reviewer in the admin site. Best practice is to bundle the `auth.human_resources` permission alongside the `hrapplications.approve_application` and `hrapplications.reject_application` permissions, as in isolation these don't serve much purpose.
--- a/docs/features/index.md
+++ b/docs/features/index.md
@@ -0,0 +1,12 @@
+# Features
+
+```eval_rst
+.. toctree::
+    :maxdepth: 1
+    :caption: Features Contents
+
+    hrapplications
+    corpstats
+    groups
+    permissions_tool
+```
--- a/docs/features/permissions_tool.md
+++ b/docs/features/permissions_tool.md
@@ -0,0 +1,39 @@
+# Permissions Auditing
+
+```eval_rst
+.. note::
+    New in 1.15
+```
+
+Access to most of Alliance Auth's features are controlled by Django's permissions system. In order to help you secure your services, Alliance Auth provides a permissions auditing tool.
+
+### Access
+
+In order to grant users access to the permissions auditing tool they will need to be granted the `permissions_tool.audit_permissions` permission or be a superuser.
+
+When a user has access to the tool they will see the "Permissions Audit" menu item under the "Util" sub menu.
+
+
+### Permissions Overview
+
+The first page gives you a general overview of permissions and how many users have access to each permission.
+
+![permissions overview](https://i.imgur.com/XALVFtc.png)
+
+**App**, **Model** and **Code Name** contain the internal details of the permission while **Name** contains the name/description you'll see in the admin panel.
+
+**Users** is the number of users explicitly granted this permission on their account.
+
+**Groups** is the number of groups with this permission assigned.
+
+**Groups Users** is the total number of users in all of the groups with this permission assigned.
+
+Clicking on the **Code Name** link will take you to the [Permissions Audit Page](#permissions-audit-page)
+
+### Permissions Audit Page
+
+The permissions audit page will give you an overview of all the users who have access to this permission either directly or granted via group membership.
+
+![permissions audit](https://i.imgur.com/XjnfC9Z.png)
+
+Please note that users may appear multiple times if this permission is granted via multiple sources.
--- a/docs/index.md
+++ b/docs/index.md
@@ -0,0 +1,30 @@
+
+# Alliance Auth
+
+Alliance service auth to help large scale alliances manage services. Built for "The 99 Percent" open for anyone to use
+
+# Installing
+
+[Ubuntu Setup Guide](installation/auth/ubuntu.md)
+
+For other distros, adapt the procedure and find distro-specific alternatives for the [dependencies](installation/auth/dependencies.md)
+
+# Using
+
+See the [Quick Start Guide](installation/auth/quickstart.md) and learn about individual [features.](features/index.md)
+
+# Troubleshooting
+
+Read the [list of common problems.](maintenance/troubleshooting.md)
+
+
+```eval_rst
+.. toctree::
+    :maxdepth: 3
+    :caption: Contents
+
+    features/index
+    installation/index
+    maintenance/index
+    development/index
+```
--- a/docs/installation/auth/apache.md
+++ b/docs/installation/auth/apache.md
@@ -0,0 +1,81 @@
+# Apache Setup
+### Overview
+
+AllianceAuth gets served using a Web Server Gateway Interface (WSGI) script. This script passes web requests to AllianceAuth which generates the content to be displayed and returns it. This means very little has to be configured in Apache to host AllianceAuth.
+
+In the interest of ~~laziness~~ time-efficiency, scroll down for example configs. Use these, changing the ServerName to your domain name.
+
+### Required Parameters for AllianceAuth Core
+
+The AllianceAuth core requires the following parameters to be set:
+
+    WSGIDaemonProcess
+    WSGIProcessGroup
+    WSGIScriptAlias
+
+The following aliases are required:
+
+    Alias /static/ to point at the static folder
+    Alias /templates/ to point at the templates folder
+
+## Description of Parameters
+
+ - `WSGIDaemonProcess` is the name of the process/application. It also needs to be passed the python-path parameter directing python to search the AllianceAuth directory for modules to load.
+ - `WSGIProcessGroup` is the group to run the process under. Typically the same as the name of the process/application.
+ - `WSGIScriptAlias` points to the WSGI script.
+
+## Additional Parameters for Full Setup
+
+To pass additional services the following aliases and directories are required:
+
+ - `Alias /forums` to point at the forums folder
+ - `Alias /killboard` to point at the killboard
+
+Each of these require directory permissions allowing all connections.
+
+For Apache 2.4 or greater:
+
+    <Directory "/path/to/alias/folder">
+        Require all granted
+    </Directory>
+
+For Apache 2.3 or older:
+
+    <Directory "/path/to/alias/folder">
+        Order Deny,Allow
+        Allow from all
+    </Directory>
+
+## SSL
+
+You can supply your own SSL certificates if you so desire. The alternative is running behind cloudflare for free SSL.
+
+## Sample Config Files
+
+### Own SSL Cert
+ - Apache 2.4 or newer:
+   - [000-default.conf](http://pastebin.com/3LLzyNmV)
+   - [default-ssl.conf](http://pastebin.com/HUPPEp0R)
+ - Apache 2.3 or older:
+   - [000-default](http://pastebin.com/HfyKpQNu)
+   - [default-ssl](http://pastebin.com/2WCS5jnb)
+
+### No SSL Cloudflare, or LetsEncrypt
+ - Apache 2.4 or newer:
+   - [000-default.conf](http://pastebin.com/j1Ps3ZK6)
+ - Apache 2.3 or older:
+   - [000-default](http://pastebin.com/BHQzf2pj)
+
+To have LetsEncrypt automatically install SSL certs, comment out the three lines starting with `WSGI`, install certificates, then uncomment them in `000-default-ls-ssl.conf`
+
+## Enabling and Disabling Sites
+
+To instruct apache to serve traffic from a virtual host, enable it:
+
+    sudo a2ensite NAME
+where NAME is the name of the configuration file (eg 000-default.conf)
+
+To disable traffic from a site, disable the virtual host:
+
+    sudo a2dissite NAME
+where NAME is the name of the configuration file (eg 000-default.conf)
--- a/docs/installation/auth/centos.md
+++ b/docs/installation/auth/centos.md
@@ -0,0 +1,84 @@
+# CentOS Installation
+
+It's recommended to update all packages before proceeding.
+    `sudo yum update`
+    `sudo yum upgrade`
+    `sudo reboot`
+
+Now install all [dependencies](dependencies.md).
+
+    sudo yum install xxxxxxx
+
+replacing the x's with the list of packages.
+
+Make sure redis is running before continuing:
+
+    systemctl enable redis.service
+    systemctl start redis.service
+
+For security and permissions, it's highly recommended you create a user to install under who is not the root account.
+
+    sudo adduser allianceserver
+    sudo passwd allianceserver
+
+This user needs sudo powers. Add them by editing the sudoers file:
+
+    sudo nano /etc/sudoers
+
+Find the line which says `root    ALL=(ALL)       ALL` - beneath it add another line `allianceserver ALL=(ALL)       ALL` - now reboot.
+
+**From this point on you need to be logged in as the allianceserver user**
+
+Start your mariadb server `sudo systemctl start mariadb`
+
+Secure your MYSQL / Maria-db server by typing `mysql_secure_installation `
+
+AllianceAuth needs a MySQL user account. Create one as follows, replacing `PASSWORD` with an actual secure password:
+
+    mysql -u root -p
+    CREATE USER 'allianceserver'@'localhost' IDENTIFIED BY 'PASSWORD';
+    GRANT ALL PRIVILEGES ON * . * TO 'allianceserver'@'localhost';
+
+Now we need to make the requisite databases.
+
+    create database alliance_auth;
+    create database alliance_forum;
+    create database alliance_jabber;
+    create database alliance_mumble;
+    create database alliance_killboard;
+
+Ensure you are in the allianceserver home directory by issuing `cd`
+
+Now we clone the source code:
+
+    git clone https://github.com/allianceauth/allianceauth.git
+
+Enter the folder by issuing `cd allianceauth`
+
+Ensure you're on the latest version with the following:
+
+    git tag | sort -n | tail -1 | xargs git checkout
+
+Python package dependencies can be installed from the requirements file:
+
+    sudo pip install -r requirements.txt
+
+The settings file needs configuring. See this lengthy guide for specifics.
+
+Django needs to install models to the database before it can start.
+
+    python manage.py migrate
+
+AllianceAuth needs to generate corp and alliance models before it can assign users to them.
+
+    python manage.py shell < run_alliance_corp_update.py
+
+Now we need to round up all the static files required to render templates. Answer ‘yes’ when prompted.
+
+    python manage.py collectstatic
+
+Test the server by starting it manually.
+
+    python manage.py runserver 0.0.0.0:8000
+
+If you see an error, stop, read it, and resolve it. If the server comes up and you can access it at `yourip:8000`, you're golden. It's ok to stop the server if you're going to be installing apache.
--- a/docs/installation/auth/cloudflare.md
+++ b/docs/installation/auth/cloudflare.md
@@ -0,0 +1,35 @@
+# Cloudflare
+
+CloudFlare offers free SSL and DDOS mitigation services. Why not take advantage of it?
+
+## Setup
+
+You’ll need to register an account on [CloudFlare’s site.](https://www.cloudflare.com/)
+
+Along the top bar, select `Add Site`
+
+Enter your domain name. It will scan records and let you know you can add the site. Continue setup.
+
+On the next page you should see an A record for example.com pointing at your server IP. If not, manually add one:
+
+    A    example.com     my.server.ip.address     Automatic TTL
+
+Add the record and ensure the cloud under Status is orange. If not, click it. This ensures traffic gets screened by CloudFlare.
+
+If you want forums or kb on a subdomain, and want these to be protected by CloudFlare, add an additional record for for each subdomain in the following format, ensuring the cloud is orange:
+
+    CNAME     subdomain         example.com       Automatic TTL
+
+CloudFlare blocks ports outside 80 and 443 on hosts it protects. This means, if the cloud is orange, only web traffic will get through. We need to reconfigure AllianceAuth to provide services under a subdomain. Configure these subdomains as above, but ensure the cloud is not orange (arrow should go around a grey cloud).
+
+## Redirect to HTTPS
+
+Now we need to configure the https redirect to force all traffic to https. Along the top bar of CloudFlare, select `Page Rules`. Add a new rule, Pattern is example.com, toggle the `Always use https` to ON, and save. It’ll take a few minutes to propagate. 
+
+![infographic](http://i.stack.imgur.com/VUBvo.jpg)
+
+## Update Auth URLs
+
+Edit settings.py and replace everything that has a HTTP with HTTPS (except anything with a port on the end, like `OPENFIRE_ADDRESS`)
+
+And there we have it. You’re DDOS-protected with free SSL.
--- a/docs/installation/auth/dependencies.md
+++ b/docs/installation/auth/dependencies.md
@@ -0,0 +1,72 @@
+# Dependencies
+
+## Ubuntu
+
+Tested on Ubuntu 12, 14, 15, and 16. Package names and repositories may vary.
+
+### Core
+Required for base auth site
+
+#### Python
+
+    python python-dev python-mysqldb python-setuptools python-mysql.connector python-pip
+
+#### MySQL
+
+    mysql-server mysql-client libmysqlclient-dev
+
+#### Utilities
+
+    screen unzip git redis-server curl libssl-dev libbz2-dev libffi-dev
+
+### Apache
+Required for displaying web content
+
+    apache2 libapache2-mod-php5 libapache2-mod-wsgi
+
+### PHP
+Required for phpBB, smf, evernus alliance market, etc
+
+    php5 php5-gd php5-mysqlnd php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-ming php5-ps php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl
+
+### Java
+Required for hosting jabber server
+
+    oracle-java8-installer
+
+## CentOS 7
+
+### Add The EPEL Repository
+
+    yum --enablerepo=extras install epel-release
+    yum update
+
+### Core
+Required for base auth site
+
+#### Python
+
+    python python-devel MySQL-python python-setuptools  mysql-connector-python python-pip bzip2-devel
+
+#### MySQL
+
+    mariadb-server mariadb-devel mariadb
+
+#### Utilities
+
+    screen gcc gcc-c++ unzip git redis curl nano
+
+### Apache
+Required for displaying web content
+
+    httpd mod_wsgi
+
+### PHP
+Required for phpBB, smf, evernus alliance market, etc
+
+    php php-gd php-mysqlnd php-intl php-pear ImageMagick php-imap php-mcrypt php-memcache php-pspell php-recode php-snmp php-pdo php-tidy php-xmlrpc
+
+### Java
+Required for hosting jabber server
+
+    java libstdc++.i686
--- a/docs/installation/auth/index.md
+++ b/docs/installation/auth/index.md
@@ -0,0 +1,14 @@
+# Auth
+
+```eval_rst
+.. toctree::
+
+    dependencies
+    ubuntu
+    centos
+    settings
+    apache
+    cloudflare
+    supervisor
+    quickstart
+```
--- a/docs/installation/auth/quickstart.md
+++ b/docs/installation/auth/quickstart.md
@@ -0,0 +1,14 @@
+# Quick Start
+
+Once you’ve installed AllianceAuth, perform these steps to get yourself up and running.
+
+First you need a superuser account. You can use this as a personal account. From the command line, `python manage.py createsuperuser` and follow the prompts.
+
+The big goal of AllianceAuth is the automation of group membership, so we’ll need some groups. In the admin interface, select `Groups`, then at the top-right select `Add Group`. Give it a name and select permissions. Special characters (including spaces) are removing before syncing to services, so try not to have group names which will be the same upon cleaning. A description of permissions can be found in the [readme file](https://github.com/allianceauth/allianceauth/blob/master/README.md). Repeat for all the groups you see fit, whenever you need a new one.
+
+### Background Processes
+
+To start the background processes to sync groups and check api keys, issue these commands:
+
+    screen -dm bash -c 'python manage.py celeryd'
+    screen -dm bash -c 'python manage.py celerybeat'
--- a/docs/installation/auth/settings.md
+++ b/docs/installation/auth/settings.md
@@ -0,0 +1,406 @@
+# Settings Overview
+
+The `alliance_auth/settings.py` file is used to pass settings to the django app needed to run.
+
+### Words of Warning
+
+Certain fields are quite sensitive to leading `http://` and trailing `/` - if you see these present in the default text, be sure to include them in your values.
+
+Every variable value is opened and closed with a single apostrophe `'` - please do not include these in your values or it will break things. If you absolutely must, replace them at the opening and closing of the value with double quotes `"`.
+
+Certain variables are booleans, and come in a form that looks like this:
+
+    MEMBER_CORP_GROUPS = 'True' == os.environ.get('AA_MEMBER_CORP_GROUPS', 'True')
+
+They're handled as strings because when settings are exported from shell commands (eg `export AA_MEMBER_CORP_GROUPS False`) they're interpreted as strings, so a string comparison is done.
+
+When changing these booleans, edit the setting within the brackets (eg `('AA_MEMBER_CORP_GROUPS', 'True')` vs `('AA_MEMBER_CORP_GROUPS', 'False')`) and not the `True` earlier in the statement. Otherwise these will have unexpected behaviours.
+
+# Fields to Modify
+
+## Required
+ - [SECRET_KEY](#secret-key)
+   - Use [this tool](http://www.miniwebtool.com/django-secret-key-generator/) to generate a key on initial install
+ - [DEBUG](#debug)
+   - If issues are encountered, set this to `True` to view a more detailed error report, otherwise set `False`
+ - [ALLOWED_HOSTS](#allowed-hosts)
+   - This restricts web addresses auth will answer to. Separate with commas. 
+   - Should include localhost `127.0.0.1` and `example.com`
+   - To allow from all, include `'*'`
+ - [DATABASES](#databases)
+   - Fill out the database name and user credentials to manage the auth database.
+ - [DOMAIN](#domain)
+   - Set to the domain name AllianceAuth will be accessible under
+ - [EMAIL_HOST_USER](#email-host-user)
+   - Username to send emails from. If gmail account, the full gmail address.
+ - [EMAIL_HOST_PASSWORD](#email-host-password)
+   - Password for the email user.
+ - [CORP_IDS](#corp-ids)
+   - List of corp IDs who are members. Exclude if their alliance is in `ALLIANCE_IDS`
+ - [ALLIANCE_IDS](#alliance-ids)
+   - List of alliance IDs who are members.
+ - [ESI_SSO_CLIENT_ID](#esi-sso-client_id)
+   - EVE application ID from the developers site. See the [SSO Configuration Instruction](#sso-settings)
+ - [ESI_SSO_CLIENT_SECRET](#esi-sso-client-secret)
+   - EVE application secret from the developers site.
+ - [ESI_SSO_CALLBACK_URL](#esi-sso-callback-url)
+   - OAuth callback URL. Should be `https://mydomain.com/sso/callback`
+
+## Services
+### IPBoard
+If using IPBoard, the following need to be set in accordance with the [install instructions](../services/ipboard3.md)
+ - [IPBOARD_ENDPOINT](#ipboard-endpoint)
+ - [IPBOARD_APIKEY](#ipboard-apikey)
+ - [IPBOARD_APIMODULE](#ipboard-apimodule)
+
+### XenForo
+If using XenForo, the following need to be set in accordance with the [install instructions](../services/xenforo.md)
+ - [XENFORO_ENDPOINT](#xenforo-endpoint)
+ - [XENFORO_APIKEY](#xenforo-apikey)
+
+### Openfire
+If using Openfire, the following need to be set in accordance with the [install instructions](../services/openfire.md)
+ - [JABBER_URL](#jabber-url)
+ - [JABBER_PORT](#jabber-port)
+ - [JABBER_SERVER](#jabber-server)
+ - [OPENFIRE_ADDRESS](#openfire-address)
+ - [OPENFIRE_SECRET_KEY](#openfire-secret-key)
+ - [BROADCAST_USER](#broadcast-user)
+ - [BROADCAST_USER_PASSWORD](#broadcast-user-password)
+ - [BROADCAST_SERVICE_NAME](#broadcast-service-name)
+
+### Mumble
+If using Mumble, the following needs to be set to the address of the mumble server:
+ - [MUMBLE_URL](#mumble-url)
+
+### PHPBB3
+If using phpBB3, the database needs to be defined.
+
+### Teamspeak3
+If using Teamspeak3, the following need to be set in accordance with the [install instrictions](../services/teamspeak3.md)
+ - [TEAMSPEAK3_SERVER_IP](#teamspeak3-server-ip)
+ - [TEAMSPEAK3_SERVER_PORT](#teamspeak3-server-port)
+ - [TEAMSPEAK3_SERVERQUERY_USER](#teamspeak3-serverquery-user)
+ - [TEAMSPEAK3_SERVERQUERY_PASSWORD](#teamspeak3-serverquery-password)
+ - [TEAMSPEAK3_VIRTUAL_SERVER](#teamspeak3-virtual-server)
+ - [TEAMSPEAK3_PUBLIC_URL](#teamspeak3-public-url)
+
+### Discord
+If connecting to a Discord server, set the following in accordance with the [install instructions](../services/discord.md)
+ - [DISCORD_GUILD_ID](#discord-guild-id)
+ - [DISCORD_BOT_TOKEN](#discord-bot-token)
+ - [DISCORD_INVITE_CODE](#discord-invite-code)
+ - [DISCORD_APP_ID](#discord-app-id)
+ - [DISCORD_APP_SECRET](#discord-app-secret)
+ - [DISCORD_CALLBACK_URL](#discord-callback-url)
+ - [DISCORD_SYNC_NAMES](#discord-sync-names)
+
+### Discourse
+If connecting to Discourse, set the following in accordance with the [install instructions](../services/discourse.md)
+ - [DISCOURSE_URL](#discourse-url)
+ - [DISCOURSE_API_USERNAME](#discourse-api-username)
+ - [DISCOURSE_API_KEY](#discourse-api-key)
+ - [DISCOURSE_SSO_SECRET](#discourse-sso-secret)
+
+### IPSuite4
+If using IPSuite4 (aka IPBoard4) the following are required:
+ - [IPS4_URL](#ips4-url)
+ - the database needs to be defined
+
+### SMF
+If using SMF the following are required:
+ - [SMF_URL](#smf-url)
+ - the database needs to be defined
+
+## Optional
+### Standings
+To allow access to blues, a corp API key is required to pull standings from. Corp does not need to be owning corp or in owning alliance. Required mask is 16 (Communications/ContactList)
+ - [CORP_API_ID](#corp-api-id)
+ - [CORP_API_VCODE](#corp-api-vcode)
+
+### API Key Audit URL
+To define what happens when an API is clicked, set according to [these instructions](#hr-configuration)
+ - [API_KEY_AUDIT_URL](#api-key-audit-url)
+
+### Auto Groups
+Groups can be automatically assigned based on a user's corp or alliance. Set the following to `True` to enable this feature.
+ - [MEMBER_CORP_GROUPS](#member-corp-groups)
+ - [MEMBER_ALLIANCE_GROUPS](#member-alliance-groups)
+ - [BLUE_CORP_GROUPS](#blue-corp-groups)
+ - [BLUE_ALLIANCE_GROUPS](#blue-alliance-groups)
+
+### Fleet-Up
+Fittings and operations can be imported from Fleet-Up. Define the following to do so.
+ - [FLEETUP_APP_KEY](#fleetup-app-key)
+ - [FLEETUP_USER_ID](#fleetup-user-id)
+ - [FLEETUP_API_ID](#fleetup-api-id)
+ - [FLEETUP_GROUP_ID](#fleetup-group-id)
+
+# Description of Settings
+## Django
+### SECRET_KEY
+A random string used in cryptographic functions, such as password hashing. Changing after installation will render all sessions and password reset tokens invalid.
+### DEBUG
+Replaces the generic `SERVER ERROR (500)` page when an error is encountered with a page containing a traceback and variables. May expose sensitive information so not recommended for production.
+### ALLOWED_HOSTS
+A list of addresses used to validate headers: AllianceAuth will block connection coming from any other address. This should be a list of URLs and IPs to allow. In most cases, just adding `'example.com'` is sufficient. This also accepts the `'*'` wildcard for testing purposes.
+### DATABASES
+List of databases available. Contains the Django database, and may include service ones if enabled. Service databases are defined in their individual sections and appended as needed automatically.
+### LANGUAGE_CODE
+Friendly name of the local language.
+### TIME_ZONE
+Friendly name of the local timezone.
+### STATIC_URL
+Absolute URL to serve static files from.
+### STATIC_ROOT
+Root folder to store static files in.
+### SUPERUSER_STATE_BYPASS
+Overrides superuser account states to always return True on membership tests. If issues are encountered, or you want to test access to certain portions of the site, set to False to respect true states of superusers.
+## EMAIL SETTINGS
+### DOMAIN
+The URL to which emails will link.
+### EMAIL_HOST
+The host address of the email server.
+### EMAIL_PORT
+The host port of the email server.
+### EMAIL_HOST_USER
+The username to authenticate as on the email server. For GMail, this is the full address.
+### EMAIL_HOST_PASSWORD
+The password of the user used to authenticate on the email server.
+### EMAIL_USE_TLS
+Enable TLS connections to the email server. Default is True.
+## Front Page Links
+### KILLBOARD_URL
+Link to a killboard.
+### EXTERNAL_MEDIA_URL
+Link to another media site, eg YouTube channel.
+### FORUM_URL
+Link to forums. Also used as the phpbb3 URL if enabled.
+### SITE_NAME
+Name to show in the top-left corner of auth.
+## SSO Settings
+An application will need to be created on the developers site. Please select `Authenticated API Access`, and choose all scopes starting with `esi`.
+### ESI_SSO_CLIENT_ID
+The application cliend ID generated from the [developers site.](https://developers.eveonline.com)
+### ESI_SSO_CLIENT_SECRET
+The application secret key generated from the [developers site.](https://developers.eveonline.com)
+### ESI_SSO_CALLBACK_URL
+The callback URL for authentication handshake. Should be `https://example.com/sso/callback`.
+## Default Group Settings
+### DEFAULT_AUTH_GROUP
+Name of the group members of the owning corp or alliance are put in.
+### DEFAULT_BLUE_GROUP
+Name of the group blues of the owning corp or alliance are put in.
+### MEMBER_CORP_GROUPS
+If `True`, add members to groups with their corp name, prefixed with `Corp_`
+### MEMBER_ALLIANCE_GROUPS
+If `True`, add members to groups with their alliance name, prefixed with `Alliance_`
+### BLUE_CORP_GROUPS
+If `True`, add blues to groups with their corp name, prefixed with `Corp_`
+### BLUE_ALLIANCE_GROUPS
+If `True`, add blues to groups with their alliance name, prefixed with `Alliance_`
+## Alliance Service Setup
+### ENABLE_AUTH_FORUM
+Allow members of the owning corp or alliance to generate accounts on a Phpbb3 install.
+### ENABLE_AUTH_JABBER
+Allow members of the owning corp or alliance to generate accounts on an Openfire install.
+### ENABLE_AUTH_MUMBLE
+Allow members of the owning corp or alliance to generate accounts on a Mumble install.
+### ENABLE_AUTH_IPBOARD
+Allow members of the owning corp or alliance to generate accounts on an IPBoard install.
+### ENABLE_AUTH_TEAMSPEAK3
+Allow members of the owning corp or alliance to generate accounts on a Teamspeak3 install.
+### ENABLE_AUTH_DISCORD
+Allow members of the owning corp or alliance to link accounts to a Discord server.
+### ENABLE_AUTH_DISCOURSE
+Allow members of the owning corp or alliance to generate accounts on a Discourse install
+### ENABLE_AUTH_IPS4
+Allow members of the owning corp or alliance to generate accounts on a IPSuite4 install.
+### ENABLE_AUTH_SMF
+Allow members of the owning corp or alliance to generate accounts on a SMF install.
+### ENABLE_AUTH_MARKET
+Allow members of the owning corp or alliance to generate accounts on an alliance market install.
+### ENABLE_AUTH_XENFORO
+Allow members of the owning corp or alliance to generate accounts on a XenForo install.
+## Blue Service Setup
+### ENABLE_BLUE_FORUM
+Allow blues of the owning corp or alliance to generate accounts on a Phpbb3 install.
+### ENABLE_BLUE_JABBER
+Allow blues of the owning corp or alliance to generate accounts on an Openfire install.
+### ENABLE_BLUE_MUMBLE
+Allow blues of the owning corp or alliance to generate accounts on a Mumble install.
+### ENABLE_BLUE_IPBOARD
+Allow blues of the owning corp or alliance to generate accounts on an IPBoard install.
+### ENABLE_BLUE_TEAMSPEAK3
+Allow blues of the owning corp or alliance to generate accounts on a Teamspeak3 install.
+### ENABLE_BLUE_DISCORD
+Allow blues of the owning corp or alliance to link accounts to a Discord server.
+### ENABLE_BLUE_DISCOURSE
+Allow blues of the owning corp or alliance to generate accounts on a Discourse install.
+### ENABLE_BLUE_IPS4
+Allow blues of the owning corp or alliance to generate accounts on an IPSuite4 install.
+### ENABLE_BLUE_SMF
+Allow blues of the owning corp or alliance to generate accounts on a SMF install.
+### ENABLE_BLUE_MARKET
+Allow blues of the owning corp or alliance to generate accounts on an alliance market install.
+### ENABLE_BLUE_XENFORO
+Allow blues of the owning corp or alliance to generate accounts on a XenForo install.
+## Tenant Configuration
+Characters of any corp or alliance with their ID here will be treated as a member.
+### CORP_IDS
+EVE corp IDs of member corps. Separate with a comma.
+### ALLIANCE_IDS
+EVE alliance IDs of member alliances. Separate with a comma.
+## Standings Configuration
+To allow blues to access auth, standings must be pulled from a corp-level API. This API needs access mask 16 (ContactList).
+### CORP_API_ID
+The ID of an API key for a corp from which to pull standings, if desired. Needed for blues to gain access.
+### CORP_API_VCODE
+The verification code of an API key for a corp from which to pull standings, if desired. Needed for blues to gain access.
+### BLUE_STANDING
+The minimum standing value to consider blue. Default is 5.0
+### STANDING_LEVEL
+Standings from the API come at two levels: `corp` and `alliance`. Select which level to consider here.
+## API Configuration
+### MEMBER_API_MASK
+Required access mask for members' API keys to be considered valid.
+### MEMBER_API_ACCOUNT
+If `True`, require API keys from members to be account-wide, not character-restricted.
+### BLUE_API_MASK
+Required access mask for blues' API keys to be considered valid.
+### BLUE_API_ACCOUNT
+If `True`, require API keys from blues to be account-wide, not character-restricted.
+### REJECT_OLD_APIS
+Require each submitted API be newer than the latest submitted API. Protects against recycled or stolen API keys.
+### REJECT_OLD_APIS_MARGIN
+Allows newly submitted APIs to have their ID this value lower than the highest API ID on record and still be accepted. Default is 50, 0 is safest.
+## EVE Provider Settings
+Data about EVE objects (characters, corps, alliances) can come from two sources: the XML API or the EVE Swagger Interface.
+These settings define the default source.
+
+For most situations, the EVE Swagger Interface is best. But if it goes down or experiences issues, these can be reverted to the XML API.
+
+Accepted values are `esi` and `xml`.
+### EVEONLINE_CHARACTER_PROVIDER
+The default data source to get character information. Default is `esi`
+### EVEONLINE_CORP_PROVIDER
+The default data source to get corporation information. Default is `esi`
+### EVEONLINE_ALLIANCE_PROVIDER
+The default data source to get alliance information. Default is `esi`
+### EVEONLINE_ITEMTYPE_PROVIDER
+The default data source to get item type information. Default is `esi`
+## Alliance Market
+### MARKET_URL
+The web address to access the Evernus Alliance Market application.
+### MARKET_DB
+The Evernus Alliance Market database connection information.
+## HR Configuration
+### API_KEY_AUDIT_URL
+This setting defines what happens when someone clicks on an API key (such as in corpstats or an application).
+
+Default behaviour is to show the verification code in a popup, but this can be set to link out to a website.
+
+The URL set here uses python string formatting notation. Variable names are enclosed in `{}` brackets. Three variable names are available: `api_id`, `vcode`, and `pk` (which is the primary key of the API in the database - only useful on the admin site).
+
+Example URL structures are provided. Jacknife can be installed on your server following [its setup guide.](../services/jacknife.md)
+## IPBoard3 Configuration
+### IPBOARD_ENDPOINT
+URL to the `index.php` file of a IPBoard install's API server.
+### IPBOARD_APIKEY
+API key for accessing an IPBoard install's API
+### IPBOARD_APIMODULE
+Module to access while using the API
+## XenForo Configuration
+### XENFORO_ENDPOINT
+The address of the XenForo API. Should look like `https://example.com/forum/api.php`
+### XENFORO_DEFAULT_GROUP
+The group ID of the group to assign to member. Default is 0.
+### XENFORO_APIKEY
+The API key generated from XenForo to allow API access.
+## Jabber Configuration
+### JABBER_URL
+Address to instruct members to connect their jabber clients to, in order to reach an Openfire install. Usually just `example.com`
+### JABBER_PORT
+Port to instruct members to connect their jabber clients to, in order to reach an Openfire install. Usually 5223.
+### JABBER_SERVER
+Server name of an Openfire install. Usually `example.com`
+### OPENFIRE_ADDRESS
+URL of the admin web interface for an Openfire install. Usually `http://example.com:9090`. If HTTPS is desired, change port to 9091: `https://example.com:9091`
+### OPENFIRE_SECRET_KEY
+Secret key used to authenticate with an Openfire admin interface.
+### BROADCAST_USER
+Openfire user account used to send broadcasts from. Default is `Broadcast`.
+### BROADCAST_USER_PASSWORD
+Password to use when authenticating as the `BROADCAST_USER`
+### BROADCAST_SERVICE_NAME
+Name of the broadcast service running on an Openfire install. Usually `broadcast`
+## Mumble Configuration
+### MUMBLE_URL
+Address to instruct members to connect their Mumble clients to.
+### MUMBLE_SERVER_ID
+Depreciated. We're too scared to delete it.
+## Teamspeak3 Configuration
+### TEAMSPEAK3_SERVER_IP
+IP of a Teamspeak3 server on which to manage users. Usually `127.0.0.1`
+### TEAMSPEAK3_SERVER_PORT
+Port on which to connect to a Teamspeak3 server at the `TEAMSPEAK3_SERVER_IP`. Usually `10011`
+### TEAMSPEAK3_SERVERQUERY_USER
+User account with which to authenticate on a Teamspeak3 server. Usually `serveradmin`.
+### TEAMSPEAK3_SERVERQUERY_PASSWORD
+Password to use when authenticating as the `TEAMSPEAK3_SERVERQUERY_USER`. Provided during first startup or when you define a custom serverquery user.
+### TEAMSPEAK3_VIRTUAL_SERVER
+ID of the server on which to manage users. Usually `1`.
+### TEAMSPEAK3_PUBLIC_URL
+Address to instruct members to connect their Teamspeak3 clients to. Usually `example.com`
+## Discord Configuration
+### DISCORD_GUILD_ID
+The ID of a Discord server on which to manage users.
+### DISCORD_BOT_TOKEN
+The bot token obtained from defining a bot on the [Discord developers site.](https://discordapp.com/developers/applications/me)
+### DISCORD_INVITE_CODE
+A no-limit invite code required to add users to the server. Must be generated from the Discord server itself (instant invite).
+### DISCORD_APP_ID
+The application ID obtained from defining an application on the [Discord developers site.](https://discordapp.com/developers/applications/me)
+### DISCORD_APP_SECRET
+The application secret key obtained from defining an application on the [Discord developers site.](https://discordapp.com/developers/applications/me)
+### DISCORD_CALLBACK_URL
+The callback URL used for authenticaiton flow. Should be `https://example.com/discord_callback`. Must match exactly the one used when defining the application.
+### DISCORD_SYNC_NAMES
+Override usernames on the server to match the user's main character.
+## Discourse Configuration
+### DISCOURSE_URL
+The web address of the Discourse server to direct users to.
+### DISCOURSE_API_USERNAME
+Username of the account which generated the API key on Discourse.
+### DISCOURSE_API_KEY
+API key defined on Discourse.
+### DISCOURSE_SSO_SECRET
+The SSO secret key defined on Discourse.
+## IPS4 Configuration
+### IPS4_URL
+URL of the IPSuite4 install to direct users to.
+### IPS4_API_KEY
+Depreciated. We're too scared to delete it.
+### IPS4_DB
+The database connection to manage users on.
+## SMF Configuration
+### SMF_URL
+URL of the SMF install to direct users to.
+### SMF_DB
+The database connection to manage users on.
+## Fleet-Up Configuration
+### FLEETUP_APP_KEY
+Application key as [defined on Fleet-Up.](http://fleet-up.com/Api/MyApps)
+### FLEETUP_USER_ID
+API user ID as [defined on Fleet-Up.](http://fleet-up.com/Api/MyKeys)
+### FLEETUP_API_ID
+API ID as [defined on Fleet-Up.](http://fleet-up.com/Api/MyKeys)
+### FLEETUP_GROUP_ID
+The group ID from which to pull data. Can be [retrieved from Fleet-Up](http://fleet-up.com/Api/Endpoints#groups_mygroupmemberships)
+## Logging Configuration
+This section is used to manage how logging messages are processed.
+
+To turn off logging notifications, change the `handlers` `notifications` `class` to `logging.NullHandler`
+
+## Danger Zone
+Everything below logging is magic. **Do not touch.**
--- a/docs/installation/auth/supervisor.md
+++ b/docs/installation/auth/supervisor.md
@@ -0,0 +1,63 @@
+# Supervisor
+
+>Supervisor is a client/server system that allows its users to control a number of processes on UNIX-like operating systems.
+
+What that means is supervisor will take care of ensuring the celery workers are running (and mumble authenticator) and start the automatically on reboot. Handy, eh?
+
+## Installation
+
+Most OSes have a supervisor package available in their distribution.
+
+Ubuntu:
+
+    sudo apt-get install supervisor
+
+CentOS:
+
+    sudo yum install supervisor
+    sudo systemctl enable supervisor.service
+    sudo systemctl start supervisor.service
+
+## Configuration
+
+Auth provides example config files for the celery workers (celeryd), the periodic task scheduler (celerybeat), and the mumble authenticator. All of these are available in `thirdparty/Supervisor`.
+
+For most users, all you have to do is copy the config files to `/etc/supervisor/conf.d` then restart the service. Copy `auth-celerybeat.conf` and `auth-celeryd.conf` for the celery workers, and `auth-mumble.conf` for the mumble authenticator. For all three just use a wildcard:
+
+    sudo cp thirdparty/Supervisor/* /etc/supervisor/conf.d
+
+Ubuntu:
+
+    sudo service supervisor restart
+
+CentOS:
+
+    sudo systemctl restart supervisor.service
+
+## Checking Status
+
+To ensure the processes are working, check their status:
+
+    sudo supervisorctl status
+
+Processes will be `STARTING`, `RUNNING`, or `ERROR`. If an error has occurred, check their log files:
+ - celeryd: `log/worker.log`
+ - celerybeat: `log/beat.log`
+ - authenticator: `log/authenticator.log`
+
+## Customizing Config Files
+
+The only real customization needed is if running in a virtual environment. The python path will have to be changed in order to start in the venv.
+
+Edit the config files and find the line saying `command`. Replace `python` with `/path/to/venv/python`. This can be relative to the `directory` specified in the config file.
+
+Note that for config changes to be loaded, the supervisor service must be restarted.
+
+## Troubleshooting
+
+### auth-celerybeat fails to start
+Most often this is caused by a permissions issue on the allianceauth directory (the error will talk about `celerybeat.pid`). The easiest fix is to edit its config file and change the `user` from `allianceserver` to `root`.
+
+### Workers are using old settings
+
+Every time the codebase is updated or settings file changed, workers will have to be restarted. Easiest way is to restart the supervisor service (see configuration above for commands)
--- a/docs/installation/auth/ubuntu.md
+++ b/docs/installation/auth/ubuntu.md
@@ -0,0 +1,75 @@
+# Ubuntu Installation
+
+It’s recommended to update all packages before proceeding.
+
+    sudo apt-get update
+    sudo apt-get upgrade
+    sudo reboot
+
+Now install all [dependencies](dependencies.md). For this guide you'll need the optional [Apache section](dependencies.md) as well.
+
+    sudo apt-get install xxxxxxx
+replacing the xs with the list of packages.
+
+For security and permissions, it’s highly recommended you create a user to install under who is not the root account.
+
+    sudo adduser allianceserver
+
+This user needs sudo powers. Add them by editing the sudoers file:
+
+    sudo nano /etc/sudoers
+
+Find the line which says `root ALL=(ALL:ALL) ALL` - beneath it add another line `allianceserver ALL=(ALL:ALL) ALL` - now reboot.
+
+**From this point on you need to be logged in as the allianceserver user**
+
+AllianceAuth needs a MySQL user account. Create one as follows, replacing `PASSWORD` with an actual secure password:
+
+    mysql -u root -p
+    CREATE USER 'allianceserver'@'localhost' IDENTIFIED BY 'PASSWORD';
+    GRANT ALL PRIVILEGES ON * . * TO 'allianceserver'@'localhost';
+
+Now we need to make the requisite databases.
+
+    create database alliance_auth;
+    create database alliance_forum;
+    create database alliance_jabber;
+    create database alliance_mumble;
+
+Ensure you are in the allianceserver home directory by issuing `cd`
+
+Now we clone the source code:
+
+    git clone https://github.com/allianceauth/allianceauth.git
+
+Enter the folder by issuing `cd allianceauth`
+
+Ensure you're on the latest version with the following:
+
+    git tag | sort -n | tail -1 | xargs git checkout
+
+Python package dependencies can be installed from the requirements file:
+
+    sudo pip install -r requirements.txt
+
+The settings file needs configuring. See [this lengthy guide](settings.md) for specifics.
+
+Django needs to install models to the database before it can start.
+
+    python manage.py migrate
+
+AllianceAuth needs to generate corp and alliance models before it can assign users to them.
+
+    python manage.py shell < run_alliance_corp_update.py
+
+Now we need to round up all the static files required to render templates. Answer ‘yes’ when prompted.
+
+    python manage.py collectstatic
+
+Test the server by starting it manually.
+
+    python manage.py runserver 0.0.0.0:8000
+
+If you see an error, stop, read it, and resolve it. If the server comes up and you can access it at `yourip:8000`, you're golden. It's ok to stop the server if you're going to be installing apache.
+
+Once installed, follow the [Quick Start Guide](quickstart.md)
--- a/docs/installation/index.md
+++ b/docs/installation/index.md
@@ -0,0 +1,10 @@
+# Installation
+
+```eval_rst
+.. toctree::
+    :maxdepth: 2
+
+    auth/index
+    services/index
+
+```
--- a/docs/installation/services/discord.md
+++ b/docs/installation/services/discord.md
@@ -0,0 +1,57 @@
+# Discord
+## Overview
+Discord is a web-based instant messaging client with voice. Kind of like teamspeak meets slack meets skype. It also has a standalone app for phones and desktop.
+
+## Setup
+
+Add `services.modules.discord` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+### Creating a Server
+*If you already have a Discord server, skip the creation step, but be sure to retrieve the server ID and enter it in settings.py*
+
+Navigate to the [Discord site](https://discordapp.com/) and register an account, or log in if you have one already.
+
+On the left side of the screen you’ll see a circle with a plus sign. This is the button to create a new server. Go ahead and do that, naming it something obvious.
+
+Now retrieve the server ID from the URL of the page you’re on. The ID is the first of the very long numbers. For instance my testing server’s url look like:
+
+    https://discordapp.com/channels/120631096835571712/120631096835571712
+
+with a server ID of `120631096835571712`
+
+Update settings.py, inputting the server ID as `DISCORD_GUILD_ID`
+
+### Generating an Invite
+Still on the Discord site, in your new server, an invite needs to be generated for users to join. If you with for users to  initially join a different channel than `#general`, create it and follow the steps below, substituting this channel for `#general`.
+
+On the left bar under the Text Channels heading, hover over `#general` on the right site. There are two icons, a box with an arrow and a gear. Press the box, then on the bottom left select Advanced Settings. Set the expiration to never, and no limit on uses. Press generate.
+
+This returns a code that looks like `https://discord.gg/0fmA8MyXV6qt7XAZ`. The part after the last slash, `0fmA8MyXV6qt7XAZ`, is the invite code. Update settings.py, inputting this invite code as `DISCORD_INVITE_CODE`
+
+### Registering an Application
+
+Navigate to the [Discord Developers site.](https://discordapp.com/developers/applications/me) Press the plus sign to create a new application.
+
+Give it a name and description relating to your auth site. Add a redirect to `https://example.com/discord/callback/`, substituting your domain. Press Create Application.
+
+Update settings.py, inputting this redirect address as `DISCORD_CALLBACK_URL`
+
+On the application summary page, press Create a Bot User.
+
+Update settings.py with these pieces of information from the summary page:
+ - From the App Details panel, `DISCORD_APP_ID` is the Client/Application ID
+ - From the App Details panel, `DISCORD_APP_SECRET` is the Secret
+ - From the App Bot Users panel, `DISCORD_BOT_TOKEN` is the Token
+
+### Adding a Bot to the Server
+Once created, navigate to the services page of your AllianceAuth install as the superuser account. At the top there is a big green button labelled Link Discord Server. Click it, then from the drop down select the server you created, and then Authorize.
+
+This adds a new user to your Discord server with a `BOT` tag, and a new role with the same name as your Discord application. Don't touch either of these. If for some reason the bot loses permissions or is removed from the server, click this button again.
+
+To manage roles, this bot role must be at the top of the hierarchy. Edit your Discord server, roles, and click and drag the role with the same name as your application to the top of the list. This role must stay at the top of the list for the bot to work.  Finally, the owner of the bot account must enable 2 Factor Authentication (this is required from discord for kicking and modifying member roles).  If you are unsure what 2FA is or how to set it up, refer to [this support page](https://support.discordapp.com/hc/en-us/articles/219576828).  It is also recommended to force 2fa on your server (this forces any admins or moderators to have 2fa enabled to perform similar functions on discord).
+
+### Linking Accounts
+Instead of the usual account creation procedure, for Discord to work we need to link accounts to AllianceAuth. When attempting to enable the Discord service, users are redirected to the official Discord site to authenticate. They will need to create an account if they don't have one prior to continuing. Upon authorization, users are redirected back to AllianceAuth with an OAuth code which is used to join the Discord server.
+
+## Managing Roles
+Once users link their accounts you’ll notice Roles get populated on Discord. These are the equivalent to Groups on every other service. The default permissions should be enough for members to chat and use comms. Add more permissions to the roles as desired through the server management window.
--- a/docs/installation/services/discourse.md
+++ b/docs/installation/services/discourse.md
@@ -0,0 +1,125 @@
+# Discourse
+
+Add `services.modules.discourse` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+## Install Docker
+
+    wget -qO- https://get.docker.io/ | sh
+
+### Get docker permissions
+
+    sudo usermod -aG docker allianceserver
+
+Logout, then back in for changes to take effect.
+
+## Install Discourse
+
+### Download Discourse
+
+    sudo mkdir /var/discourse
+    sudo git clone https://github.com/discourse/discourse_docker.git /var/discourse
+
+### Configure
+
+    cd /var/discourse
+    sudo cp samples/standalone.yml containers/app.yml
+    sudo nano containers/app.yml
+
+Change the following:
+ - `DISCOURSE_DEVELOPER_EMAILS` should be a list of admin account email addresses separated by commas
+ - `DISCOUSE_HOSTNAME` should be 127.0.0.1
+ - Everything with `SMTP` depends on your mail settings. Account created through auth do not require email validation, so to ignore everything email (NOT RECOMMENDED), just change the SMTP address to something random so it'll install. Note that not setting up email means any password resets emails won't be sent, and auth cannot reset these. [There are plenty of free email services online recommended by Discourse.](https://github.com/discourse/discourse/blob/master/docs/INSTALL-email.md#recommended-email-providers-for-discourse)
+
+To install behind apache, look for this secion:
+
+    ...
+    ## which TCP/IP ports should this container expose?
+    expose:
+      - "80:80"   # fwd host port 80   to container port 80 (http)
+    ...
+
+Change it to this:
+
+    ...
+    ## which TCP/IP ports should this container expose?
+    expose:
+      - "7890:80"   # fwd host port 7890   to container port 80 (http)
+    ...
+
+Or any other port will do, if taken. Remember this number.
+
+### Build and launch
+
+    sudo nano /etc/default/docker
+
+Uncomment this line:
+
+    DOCKER_OPTS="--dns 8.8.8.8 --dns 8.8.4.4"
+
+Restart docker:
+
+    sudo service docker restart
+
+Now build:
+
+    sudo ./launcher bootstrap app
+    sudo ./launcher start app
+
+## Apache config
+
+Discourse must run on its own subdomain - it can't handle routing behind an alias like '/forums'. To do so, make a new apache config:
+
+    sudo nano /etc/apache2/sites-available/discourse.conf
+
+And enter the following, changing the port if you used a different number:
+
+    <VirtualHost *:80>
+        ServerName discourse.example.com
+        ProxyPass / http://0.0.0.0:7890/
+        ProxyPassReverse / http://0.0.0.0:7890/
+    </VirtualHost>
+
+Now enable proxies and restart apache:
+
+    sudo a2enmod proxy_http
+    sudo service apache2 reload
+
+## Configure API
+
+### Generate admin account
+
+From the /var/discourse folder,
+
+    ./launcher enter app
+    rake admin:create
+
+Follow prompts, being sure to answer `y` when asked to allow admin privileges.
+
+### Create API key
+
+Navigate to `discourse.example.com` and log on. Top right press the 3 lines and select `Admin`. Go to API tab and press `Generate Master API Key`.
+
+Now go to the allianceauth folder and edit settings:
+
+    nano /home/allianceserver/allianceauth/alliance_auth/settings.py
+
+Scroll down to the Discourse section and set the following:
+ - `DISCOURSE_URL`: `discourse.example.com`
+ - `DISCOURSE_API_USERNAME`: the username of the admin account you generated the API key with
+ - `DISCOURSE_API_KEY`: the key you just generated
+
+### Configure SSO
+
+Navigate to `discourse.example.com` and log in. Back to the admin site, scroll down to find SSO settings and set the following:
+ - `enable_sso`: True
+ - `sso_url`: `http://example.com/discourse/sso`
+ - `sso_secret`: some secure key
+
+Save, now change settings.py and add the following:
+ - `DISCOURSE_SSO_SECRET`: the secure key you just set
+
+### Enable for your members
+
+Set either or both of `ENABLE_AUTH_DISCOURSE` and `ENABLE_BLUE_DISCOURSE` in settings.py for your members to gain access. Save and exit with control+o, enter, control+x.
+
+## Done
--- a/docs/installation/services/index.md
+++ b/docs/installation/services/index.md
@@ -0,0 +1,20 @@
+# Services
+
+```eval_rst
+.. toctree::
+
+    permissions
+    market
+    discord
+    discourse
+    ipboard3
+    mumble
+    openfire
+    phpbb3
+    smf
+    teamspeak3
+    xenforo
+    jacknife
+    pathfinder
+
+```
--- a/docs/installation/services/ipboard3.md
+++ b/docs/installation/services/ipboard3.md
@@ -0,0 +1,42 @@
+# IPBoard3
+
+Add `services.modules.ipboard` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+You’re on your own for the initial install of IPBoard. It’s pretty much just download, unzip, and move to `/var/www/ipboard/`. Make sure to
+
+    sudo chown -R www-data:www-data /var/www/ipboard
+
+a few times because it’s pretty finicky.
+
+You’ll need to add another alias in your apache config, this one for `/ipboard` pointing to `/var/www/ipboard` and add another `<directory>` block for `/var/www/ipboard` with `Require all granted` or `Allow from all` depending on your apache version.
+
+IPBoard needs a database table. Log in to mysql and run:
+
+    create database alliance_ipboard;
+
+That’s all for SQL work. Control+D to close.
+
+Navigate to http://example.com/ipboard and proceed with the install. If it whines about permissions make sure to `chown` again. Point it at that database we just made, using the `allianceserver` MySQL user account from the full install.
+
+Once you get everything installed we need to copy the api module folder
+
+    sudo cp -a /home/allianceserver/allianceauth/thirdparty/IPBoard3/aa /var/www/ipboard/interface/board/modules/aa
+
+and again run that `chown` command.
+
+Log into the AdminCP for IPBoard and find your way to the `System` tab. On the left navigation bar, under `Tools and Settings`, select `API Users`.
+
+Enable the API by toggling the `XML-RPC Status` from `disabled` to `enabled` (red box, top right of the page) and save. Now create a new api user. Put something descriptive for title such as ‘AllianceAuth’, then on the bottom panel click the `AllianceAuth` tab and tick all the boxes. Press `Create New API User` to save it.
+
+Copy the API key. Now edit your settings.py as follows:
+
+ - IPBOARD_APIKEY is the key you just copied
+ - IPBOARD_ENDPOINT is `http://example.com/ipboard/interface/board/index.php`
+
+Now enable IPBoard for Auth and/or Blue by editing the auth settings.
+
+Save and exit. Restart apache or gunicorn.
+
+Test it by creating a user through Alliance Auth. Just note right now there’s no real error handling, so if account creation fails it’ll still return a username/password combo.
+
+Good luck!
--- a/docs/installation/services/jacknife.md
+++ b/docs/installation/services/jacknife.md
@@ -0,0 +1,71 @@
+# Eve Jacknife
+
+## Overview
+Eve Jacknife is used to audit an api so that you might see character skills and what ships they can fly, mails, contracts,assets, and any other given access from a specific api key.
+
+## Dependencies
+All php and mysql dependencies should have been taken care of during setup.
+
+## Installation
+### Get Code
+Navigate to your server's web directory: `cd /var/www`
+
+Download the code: `sudo git clone https://github.com/whinis/eve-jacknife`
+
+### Create Database
+
+    mysql -u root -p -e "create database jackknife; grant all privileges on jackknife.* to 'allianceserver'@'localhost';"
+
+### Configure Settings
+
+Change directory to jacknife: `cd eve-jacknife`
+
+Now copy the template: `sudo cp base.config.php eve.config.php`
+
+And now edit: `sudo nano eve.config.php`
+
+Add the database user information:
+ - `$sql_u = "allianceserver"`
+ - `$sql_p = "MY_SQL_PASSWORD_HERE"`
+
+## Apache Configuration
+
+Change ownership of the directory: `sudo chown -R www-data:www-data ../eve-jacknife`
+
+Eve Jacknife can be served two ways: on its own subdomain (`jacknife.example.com`) or as an alias (`example.com/jacknife`)
+
+### Subdomain
+As its own subdomain, create a new apache config: `sudo nano /etc/apache2/sites-available/jacknife.conf` and enter the following:
+
+    <VirtualHost *:80>
+            DocumentRoot "/var/www/eve-jacknife"
+            ServerName jacknife.example.com
+            <Directory "/var/www/eve-jacknife">
+                    Require all granted
+                    AllowOverride all
+                    DirectoryIndex index.php
+            </Directory>
+    </VirtualHost>
+
+Enable the new site with `sudo a2ensite jacknife.conf` and then reload apache with `sudo service apache2 reload`
+
+### Alias
+As an alias, edit your site config (usually 000-default): `sudo nano etc/apache2/sites-available/000-default.conf` and add the following inside the `VirtualHost` block:
+
+    Alias /jacknife "/var/www/eve-jacknife/"
+    <Directory "/var/www/eve-jacknife">
+            Require all granted
+            DirectoryIndex index.php
+    </Directory>
+
+Reload apache to take effect: `sudo service apache2 reload`
+
+## Install SQL
+
+Once apache is configured, Eve Jacknife needs to install some data. Navigate to it in your browser and append `/Installer.php` to the URL.
+
+Enter your database password and press Check. If all the boxes come back green press Save. On the next screen press Install and wait for it to finish.
+
+## Update Auth Settings
+
+Edit your aut settings file (`nano ~/allianceauth/alliance_auth/settings.py`) and replace `API_KEY_AUDIT_URL` with either `jacknife.example.com/?usid={api_id}&apik={vcode}` or `example.com/jacknife/?usid={api_id}&apik={vcode}` depending on your apache choice.
--- a/docs/installation/services/market.md
+++ b/docs/installation/services/market.md
@@ -0,0 +1,106 @@
+# Alliance Market
+
+Add `services.modules.market` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+Alliance Market needs a database. Create one in mysql. Default name is `alliance_market`:
+
+    mysql -u root -p
+    create database alliance_market;
+    exit;
+
+To clone the repo, install packages:
+
+    sudo apt-get install mercurial meld
+
+Change to the web folder:
+
+    cd /var/www
+
+Now clone the repo
+
+    sudo hg clone https://bitbucket.org/krojew/evernus-alliance-market
+
+Make cache and log directories
+
+    sudo mkdir evernus-alliance-market/app/cache
+    sudo mkdir evernus-alliance-market/app/logs
+    sudo chmod -R 777 evernus-alliance-market/app/cache
+    sudo chmod -R 777 evernus-alliance-market/app/logs
+
+Change ownership to apache
+
+    sudo chown -R www-data:www-data evernus-alliance-market
+
+Enter
+
+    cd evernus-alliance-market
+
+Set environment variable
+
+    export SYMFONY_ENV=prod
+
+Copy configuration
+
+    sudo cp app/config/parameters.yml.dist  app/config/parameters.yml
+
+Edit, changing the following:
+ - `database_name` to `alliance_market`
+ - `database_user` to your MySQL user (usually `allianceserver`)
+ - `database_password` to your MySQL user password
+ - email settings, eg gmail
+
+Edit `app/config/config.yml` and add the following:
+
+    services:
+        fos_user.doctrine_registry:
+            alias: doctrine
+
+Install composer [as per these instructions.](https://getcomposer.org/download/)
+
+Update dependencies.
+
+    sudo php composer.phar update --optimize-autoloader
+
+Prepare the cache:
+
+    sudo php app/console cache:clear --env=prod --no-debug
+
+
+Dump assets:
+
+    sudo php app/console assetic:dump --env=prod --no-debug
+
+
+Create DB entries
+
+    sudo php app/console doctrine:schema:update --force
+
+Install SDE:
+
+    sudo php app/console evernus:update:sde
+
+Edit your apache config. Add the following:
+
+    Alias /market /var/www/evernus-alliance-market/web/
+
+    <Directory "/var/www/evernus-alliance-market/web/">
+        DirectoryIndex app.php
+        Require all granted
+        AllowOverride all
+    </Directory>
+
+Enable rewriting
+
+    sudo a2enmod rewrite
+
+Restart apache
+
+    sudo service apache2 reload
+
+Once again, set cache permissions:
+
+    sudo chown -R www-data:www-data app/
+
+Add a user account through auth, then make it a superuser:
+
+    sudo php app/console fos:user:promote your_username --super
--- a/docs/installation/services/mumble.md
+++ b/docs/installation/services/mumble.md
@@ -0,0 +1,88 @@
+# Mumble
+
+Add `services.modules.mumble` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+## Overview
+Mumble is a free voice chat server. While not as flashy as teamspeak, it has all the functionality and is easier to customize. And is better. I may be slightly biased.
+
+## Dependencies
+The mumble server package can be retrieved from a repository we need to add, mumble/release.
+
+    sudo apt-add-repository ppa:mumble/release
+    sudo apt-get update
+
+Now two packages need to be installed:
+
+    sudo apt-get install python-software-properties mumble-server
+    
+You will also need to install the python dependencies for the authenticator script:
+    
+    pip install -r thirdparty/Mumble/requirements.txt
+
+## Configuring Mumble
+Mumble ships with a configuration file that needs customization. By default it’s located at /etc/mumble-server.ini. Open it with your favourite text editor:
+
+    sudo nano /etc/mumble-server.ini
+
+REQUIRED: To enable the ICE authenticator, edit the following:
+
+ - `icesecretwrite=MY_CLEVER_PASSWORD`, obviously choosing a secure password
+
+By default mumble operates on sqlite which is fine, but slower than a dedicated MySQL server. To customize the database, edit the following:
+
+ - uncomment the database line, and change it to `database=alliance_mumble`
+ - `dbDriver=QMYSQL`
+ - `dbUsername=allianceserver` or whatever you called the AllianceAuth MySQL user
+ - `dbPassword=` that user’s password
+ - `dbPort=3306`
+ - `dbPrefix=murmur_`
+
+To name your root channel, uncomment and set `registerName=` to whatever cool name you want
+
+Save and close the file (control + O, control + X).
+
+To get mumble superuser account credentials, run the following:
+
+    sudo dpkg-reconfigure mumble-server
+
+Set the password to something you’ll remember and write it down. This is needed to manage ACLs.
+
+Now restart the server to see the changes reflected.
+
+    sudo service mumble-server restart
+
+That’s it! Your server is ready to be connected to at example.com:64738
+
+## Configuring the Authenticator
+
+The ICE authenticator lives in `allianceauth/thirdparty/Mumble/`, cd to this directory.
+
+Make a copy of the default config:
+
+    cp authenticator.ini.example authenticator.ini
+
+Edit `authenticator.ini` and change these values:
+
+ - `[database]`
+   - `user = ` your allianceserver MySQL user
+   - `password = ` your allianceserver MySQL user's password
+ - `[ice]`
+   - `secret = ` the `icewritesecret` password set earlier
+
+Test your configuration by starting it: `python authenticator.py`
+
+## Running the Authenticator
+
+The authenticator needs to be running 24/7 to validate users on Mumble. The best way is to run it in a screen much like celery:
+
+    screen -dm bash -c 'python authenticator.py'
+
+Much like celery tasks, this process needs to be started every time the server reboots. It needs to be launched from this directory, so cd to this folder to launch.
+
+Note that groups will only be created on Mumble automatically when a user joins who is in the group.
+
+## Making and Managing Channels
+ACL is really above the scope of this guide. Once AllianceAuth creates your groups, go ahead and follow one of the wonderful web guides available on how to set up channel ACL properly.
+
+## Setup Complete
+You’ve finished the steps required to make AllianceAuth work with Mumble. Play around with it and make it your own.
--- a/docs/installation/services/openfire.md
+++ b/docs/installation/services/openfire.md
@@ -0,0 +1,101 @@
+# Openfire
+
+Add `services.modules.openfire` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+## Overview
+Openfire is a java-based xmpp server (jabber).
+
+## Dependencies
+One additional package is required - [openjdk8](http://askubuntu.com/questions/464755/how-to-install-openjdk-8-on-14-04-lts)
+
+    sudo add-apt-repository ppa:webupd8team/java -y
+    sudo apt-get update
+    sudo apt-get install oracle-java8-installer
+
+## Setup
+### Download Installer
+Openfire is not available through repositories so we need to get a debian from the developer.
+
+On your PC, naviage to the [Ignite Realtime downloads section](https://www.igniterealtime.org/downloads/index.jsp), and under Openfire select Linux, click on the debian file (2nd from bottom of list, ends with .deb).
+
+Retrieve the file location by copying the url from the “click here” link.
+
+In the console, ensure you’re in your user’s home directory: `cd ~`
+
+Now download the package. Replace the link below with the link you got earlier.
+
+    wget https://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.1.1_all.deb
+
+Now install from the debian. Replace the filename with your file name (the last part of the download url is the file name)
+
+    sudo dpkg -i openfire_4.1.1_all.deb
+
+### Web Configuration
+The remainder of the setup occurs through Openfire’s web interface. Navigate to http://example.com:9090, or if you’re behind CloudFlare, go straight to your server’s IP:9090.
+
+Select your language. I sure hope it’s english if you’re reading this guide.
+
+Under Server Settings, set the Domain to `example.com` replacing it with your actual domain. Don’t touch the rest.
+
+Under Database Settings, select `Standard Database Connection`
+
+On the next page, select `MySQL` from the dropdown list and change the following:
+ - `[server]` is replaced by `127.0.0.1`
+ - `[database]` is replaced by the name of the database to be used by Openfire
+ - enter the MySQL username you created for AllianceAuth, usually `allianceserver`
+ - enter the MySQL password for this user
+
+If Openfire returns with a failed to connect error, re-check these settings. Note the lack of square brackets.
+
+Under Profile Settings, leave `Default` selected.
+
+Create an administrator account. The actual name is irrelevant, just don’t lost this login information.
+
+Finally, log in to the console with your admin account.
+
+### REST API Setup
+Navigate to the `plugins` tab, and then `Available Plugins` on the left navigation bar. You’ll need to fetch the list of available plugins by clicking the link.
+
+Once loaded, press the green plus on the right for `REST API`.
+
+Navigate the `Server` tab, `Sever Settings` subtab. At the bottom of the left navigation bar select `REST API`.
+
+Select `Enabled`, and `Secret Key Auth`. Update Alliance Auth settings with this secret key as `OPENFIRE_SECRET_KEY`.
+
+### Broadcast Plugin Setup
+
+Navigate to the `Users/Groups` tab and select `Create New User` from the left navigation bar.
+
+Username is what you set in `BROADCAST_USER` without the @ sign, usually `broadcast`.
+
+Password is what you set in `BROADCAST_USER_PASSWORD`
+
+Press `Create User` to save this user.
+
+Broadcasting requires a plugin. Navigate to the `plugins` tab, press the green plus for the `Broadcast` plugin.
+
+Navigate to the `Server` tab, `Server Manager` subtab, and select `System Properties`. Enter the following:
+
+ - Name: `plugin.broadcast.disableGroupPermissions`
+   - Value: `True`
+   - Do not encrypt this property value
+ - Name: `plugin.broadcast.allowedUsers`
+   - Value: `broadcast@example.com`, replacing the domain name with yours
+   - Do not encrypt this property value
+
+### Group Chat
+Channels are available which function like a chat room. Access can be controlled either by password or ACL (not unlike mumble).
+
+Navigate to the `Group Chat` tab and select `Create New Room` from the left navigation bar.
+ - Room ID is a short, easy-to-type version of the room’s name users will connect to
+ - Room Name is the full name for the room
+ - Description is short text describing the room’s purpose
+ - Set a password if you want password authentication
+ - Every other setting is optional. Save changes.
+
+Now select your new room. On the left navigation bar, select `Permissions`.
+
+ACL is achieved by assigning groups to each of the three tiers: `Owners`, `Admins` and `Members`. `Outcast` is the blacklist. You’ll usually only be assigning groups to the `Member` category.
+
+## Setup Complete
+You’ve finished the steps required to make AllianceAuth work with Openfire. Play around with it and make it your own.
--- a/docs/installation/services/pathfinder.md
+++ b/docs/installation/services/pathfinder.md
@@ -0,0 +1,77 @@
+# Pathfinder
+Pathfinder is a wormhole mapping tool.
+
+While auth doesn't integrate with pathfinder anymore, from personal experience I've found it much easier to use the following install process than to try and follow the pathfinder-supplied docs.
+
+
+## Installation
+### Get the code
+
+Navigate to the install location: `cd /var/www/` and git clone the repo: 
+
+    sudo git clone https://github.com/exodus4d/pathfinder.git
+
+### Create logs and caches
+
+Change directory to pathfinder: `cd pathfinder`
+
+The logging and caching folders need to be created and have permission set. If upon installation you get Server Error 500, try resetting these permissions.
+
+    sudo mkdir logs
+    sudo mkdir tmp/cache
+    sudo chmod -R 766 logs
+    sudo chmod -R 766 tmp/cache
+
+## .htaccess Configuration
+
+In your `pathfinder` directory there are two `.htaccess` files. The default installation instructions want you to choose one for rewriting purposes, and these force you to www.pathfinder.example.com. Personally I don't like that.
+
+So we'll frankenstein our own. We'll use the HTTP one as a base: 
+
+    sudo mv .htaccess .htaccess_HTTPS
+    sudo mv .htaccess_HTTPS .htaccess
+    sudo nano .htaccess
+
+Find the www rewriting section (labelled `Rewrite NONE www. to force www.`). Change it so that all lines start with a `#`:
+
+    #RewriteCond %{HTTP_HOST} !^www\.
+    # skip "localhost" (dev environment)...
+    #RewriteCond %{HTTP_HOST} !=localhost
+    # skip IP calls (dev environment) e.g. 127.0.0.1
+    #RewriteCond %{HTTP_HOST} !^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$
+    # rewrite everything else to "http://" and "www."
+    #RewriteRule .* http://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+
+This allows us to choose SSL and www forwarding with our apache conf instead of this htaccess file.
+
+## Apache Configuration
+The best way to have this is to setup a subdomain on your server.
+
+Create a config file `sudo nano /etc/apache2/sites-available/pathfinder.conf` and enter [this configuration](http://pastebin.com/wmXyf6pN), being sure to edit the `ServerName`
+
+Enable it with:
+
+    sudo a2ensite pathfinder.conf
+    sudo service apache2 reload
+
+## Configuration Files 
+
+The default configuration should be fine in most cases. Edit all values with caution!
+
+environment.ini
+ - `SERVER` Should be changed to `PRODUCTION`
+ - `BASE`  is the full filesystem path to the application root on your server. In our case, `/var/www/pathfinder/`
+ - `URL`  Is the URL to your app (without a trailing slash). In our case, `http://pathfinder.example.com`
+ - `DEBUG` sets the level of debugging (1,2 or 3) (check  /logs  for a more detail backtrace information) 
+ - `DB_*` sets your DB connection information 
+ - `SMTP_*`  are used to send out emails, you will need an SMTP server login to make this work. (not required)
+ - `SSO_CCP_*` follow the [official docs](https://github.com/exodus4d/pathfinder/wiki/CREST)
+
+## Database Setup
+This is done through the browser. Go to `pathfinder.example.com/setup` and see the [official docs](https://github.com/exodus4d/pathfinder/wiki/Database) for instructions.
+
+## Cron Jobs 
+Again the [official docs](https://github.com/exodus4d/pathfinder/wiki/Cronjob) do a good job here.
+
+## Finish Setup
+Once you've compelted the above steps, we need to disable the setup page. Edit the routes with `nano app/routes.ini` and put a `;` in front of the line starting with `GET @setup`
--- a/docs/installation/services/permissions.md
+++ b/docs/installation/services/permissions.md
@@ -0,0 +1,37 @@
+# Service Permissions
+```eval_rst
+.. note::
+    New in 1.15
+```
+
+In the past, access to services was dictated by a list of settings in `settings.py`, granting access to each particular service for Members and/or Blues. This meant that granting access to a service was very broad and rigidly structured around these two states.
+
+## Permissions based access
+
+Instead of granting access to services by the previous rigid structure, access to services is now granted by the built in Django permissions system. This means that service access can be more granular, allowing only certain groups, for instance Corp CEOs, or even individual user access to each enabled service.
+
+```eval_rst
+.. important::
+    If you grant access to an individual user, they will have access to that service regardless of whether or not they are a member.
+```
+
+Each service has an access permission defined, named like `Can access the <service name> service`.
+
+To mimick the old behaviour of enabling services for all members, you would select the `Member` group from the admin panel, add the required service permission to the group and save. Likewise for Blues, select the `Blue` group and add the required permission.
+
+A user can be granted the same permission from multiple sources. e.g. they may have it granted by several groups and directly granted on their account as well. Auth will not remove their account until all instances of the permission for that service have been revoked.
+
+## Removing access
+
+```eval_rst
+.. danger::
+    Access removal is processed immediately after removing a permission from a user or group. If you remove access from a large group, such as Member, it will immediately remove all users from that service.
+```
+
+When you remove a service permission from a user, a signal is triggered which will activate an immediate permission check. For users this will trigger an access check for all services. For groups, due to the potential extra load,  only the services whose permissions have changed will be verified, and only the users in that group.
+
+If a user no longer has permission to access the service when this permissions check is triggered, that service will be immediately disabled for them.
+
+### Disabling user accounts
+
+When you unset a user as active in the admin panel, all of that users service accounts will be immediately disabled or removed. This is due to the built in behaviour of Djangos permissions system, which will return False for all permissions if a users account is disabled, regardless of their actual permissions state.
--- a/docs/installation/services/phpbb3.md
+++ b/docs/installation/services/phpbb3.md
@@ -0,0 +1,71 @@
+# phpBB3
+
+Add `services.modules.phpbb3` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+## Overview
+phpBB is a free php-based forum. It’s the default forum for AllianceAuth.
+
+## Dependencies
+All dependencies should have been taken care of during setup.
+
+## Setup
+### Download Phpbb3
+phpBB is available as a zip from their website. Navigate to the website’s [downloads section](https://www.phpbb.com/downloads/) using your PC browser and copy the URL for the latest version zip.
+
+In the console, navigate to your user’s home directory: `cd ~`
+
+Now download using wget, replacing the url with the url for the package you just retrieved
+
+    wget https://www.phpbb.com/files/release/phpBB-3.2.0.zip
+
+This needs to be unpackaged. Unzip it, replacing the file name with that of the file you just downloaded
+
+    unzip phpBB-3.2.0.zip
+
+Now we need to move this to our web directory. Usually `/var/www/forums`.
+
+    sudo mv phpBB3 /var/www/forums
+
+The web server needs read/write permission to this folder
+
+    sudo chown -R www-data:www-data /var/www/forums
+
+### Web Install
+Navigate to http://example.com/forums where you will be presented with an installer.
+
+Click on the `Install` tab.
+
+All the requirements should be met. Press `Start Install`.
+
+Under Database Settings, set the following:
+ - Database Type is `MySQL`
+ - Database Server Hostname is `127.0.0.1`
+ - Database Server Port is left blank
+ - Database Name is `alliance_forum`
+ - Database Username is your MySQL user for AllianceAuth, usually `allianceserver`
+ - Database Password is this user’s password
+
+You should see `Succesful Connection` and proceed.
+
+Enter administrator credentials on the next page.
+
+Everything from here should be intuitive.
+
+phpBB will then write its own config file.
+
+### Open the Forums
+Before users can see the forums, we need to remove the install directory
+
+    sudo rm -rf /var/www/forums/install
+
+### Enabling Avatars
+AllianceAuth sets user avatars to their character portrait when the account is created or password reset. We need to allow external URLs for avatars for them to behave properly. Navigate to the admin control panel for phpbb3, and under the `General` tab, along the left navigation bar beneath `Board Configuration`, select `Avatar Settings`. Set `Enable Remote Avatars` to `Yes` and then `Submit`.
+
+![location of the remote avatar setting](http://i.imgur.com/eWrotRX.png)
+
+You can allow members to overwrite the portrait with a custom image if desired. Navigate to `Users and Groups`, `Group Permissions`, select the appropriate group (usually `Member` if you want everyone to have this ability), expand `Advanced Permissions`, under the `Profile` tab, set `Can Change Avatars` to `Yes`, and press `Apply Permissions`.
+
+![location of change avatar setting](http://i.imgur.com/Nc6Rzo9.png)
+
+## Setup Complete
+You’ve finished the steps required to make AllianceAuth work with phpBB. Play around with it and make it your own.
--- a/docs/installation/services/smf.md
+++ b/docs/installation/services/smf.md
@@ -0,0 +1,52 @@
+# SMF
+
+Add `services.modules.smf` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+## Overview
+SMF is a free php-based forum. It’s the one of the forums for AllianceAuth.
+
+## Dependencies
+All dependencies should have been taken care of during setup.
+
+## Setup
+### Download SMF
+Using your browser, you can download the latest version of SMF to your desktop computer. All SMF downloads can be found at SMF Downloads. The latest recommended version will always be available at http://www.simplemachines.org/download/index.php/latest/install/.
+
+In the console, navigate to your user’s home directory: `cd ~`
+
+Now download using wget, replacing the url with the url for the package you just retrieved
+
+    wget http://download.simplemachines.org/index.php?thanks;filename=smf_2-0-13_install.zip
+
+This needs to be unpackaged. Unzip it, replacing the file name with that of the file you just downloaded
+
+    unzip smf_2-0-13_install.zip
+
+Now we need to move this to our web directory. Usually `/var/www/forums`.
+
+    sudo mv smf /var/www/forums
+
+The web server needs read/write permission to this folder
+
+    sudo chown -R www-data:www-data /var/www/forums
+
+### Web Install
+Navigate to http://example.com/forums where you will be presented with an installer.
+
+Click on the `Install` tab.
+
+All the requirements should be met. Press `Start Install`.
+
+Under Database Settings, set the following:
+ - Database Type is `MySQL`
+ - Database Server Hostname is `127.0.0.1`
+ - Database Server Port is left blank
+ - Database Name is `alliance_smf`
+ - Database Username is your MySQL user for AllianceAuth, usually `allianceserver`
+ - Database Password is this user’s password
+
+Follow the Directions in the installer.
+
+
+## Setup Complete
+You’ve finished the steps required to make AllianceAuth work with SMF. Play around with it and make it your own.
--- a/docs/installation/services/teamspeak3.md
+++ b/docs/installation/services/teamspeak3.md
@@ -0,0 +1,117 @@
+# Teamspeak 3
+
+Add `services.modules.teamspeak3` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+## Overview
+Teamspeak3 is the most popular VOIP program for gamers.
+
+But have you considered using Mumble? Not only is it free, but it has features and performance far superior to Teamspeak3.
+
+## Dependencies
+All dependencies should have been taken care of during the AllianceAuth install.
+
+## Setup
+Sticking with it? Alright, I tried.
+
+### Download Installer
+To install we need a copy of the server. You can find the latest version from [this dl server](http://dl.4players.de/ts/releases/) (I’d recommed getting the latest stable version – find this version number from the [TeamSpeak site](https://www.teamspeak.com/downloads#)). Be sure to get a link to the linux version.
+
+From the console, ensure you’re in the user’s home directory: `cd ~`
+
+And now download the server, replacing the link with the link you got earlier.
+
+    http://dl.4players.de/ts/releases/3.0.13.6/teamspeak3-server_linux_amd64-3.0.13.6.tar.bz2
+
+Now we need to extract the file.
+
+    tar -xf teamspeak3-server_linux_amd64-3.0.13.6.tar.bz2
+
+### Create User
+Teamspeak needs its own user.
+
+    sudo adduser --disabled-login teamspeak
+
+### Install Binary
+Now we move the server binary somewhere more accessible and change its ownership to the new user.
+
+    sudo mv teamspeak3-server_linux_amd64 /usr/local/teamspeak
+    sudo chown -R teamspeak:teamspeak /usr/local/teamspeak
+
+### Startup
+Now we generate a startup script so teamspeak comes up with the server.
+
+    sudo ln -s /usr/local/teamspeak/ts3server_startscript.sh /etc/init.d/teamspeak
+    sudo update-rc.d teamspeak defaults
+
+Finally we start the server.
+
+    sudo service teamspeak start
+
+### Update Settings
+The console will spit out a block of text. **SAVE THIS**.
+
+Update the AllianceAuth settings file with the following from that block of text:
+ - `TEAMSPEAK3_SERVERQUERY_USER` is `loginname` (usually `serveradmin`)
+ - `TEAMSPEAK3_SERVERQUERY_PASSWORD` is `password`
+
+Save and reload apache. Restart celery workers as well.
+
+    sudo service apache2 reload
+
+If you plan on claiming the ServerAdmin token, do so with a different TeamSpeak client profile than the one used for your auth account, or you will lose your admin status.
+
+### Generate User Account
+And now we can generate ourselves a user account. Navigate to the services in AllianceAuth for your user account and press the checkmark for TeamSpeak 3.
+
+Click the URL provided to automatically connect to our server. It will prompt you to redeem the serveradmin token, enter the `token` from startup.
+
+### Groups
+
+Now we need to make groups. AllianceAuth handles groups in teamspeak differently: instead of creating groups it creates an association between groups in TeamSpeak and groups in AllianceAuth. Go ahead and make the groups you want to associate with auth groups, keeping in mind multiple TeamSpeak groups can be associated with a single auth group.
+
+Navigate back to the AllianceAuth admin interface (example.com/admin) and under `Services`, select `Auth / TS Groups`. In the top-right corner click `Add`.
+
+The dropdown box provides all auth groups. Select one and assign TeamSpeak groups from the panels below. If these panels are empty, wait a minute for the database update to run, or see the [troubleshooting section](#ts-group-models-not-populating-on-admin-site) below.
+
+## Troubleshooting
+
+### `Insufficient client permissions (failed on Invalid permission: 0x26)`
+
+Using the advanced permissions editor, ensure the `Guest` group has the permission `Use Privilege Keys to gain permissions` (under `Virtual Server` expand the `Administration` section)
+
+To enable advanced permissions, on your client go to the `Tools` menu, `Application`, and under the `Misc` section, tick `Advanced permission system`
+
+### TS group models not populating on admin site
+The method which populates these runs every 30 minutes. To populate manually, start a celery shell:
+
+    python manage.py celery shell
+
+And execute the update:
+
+    run_ts3_group_update()
+
+Ensure that command does not return an error.
+
+### `2564 access to default group is forbidden`
+
+This usually occurs because auth is trying to remove a user from the `Guest` group (group ID 8). The guest group is only assigned to a user when they have no other groups, unless you have changed the default teamspeak server config.
+
+Teamspeak servers v3.0.13 and up are especially susceptible to this. Ensure the Channel Admin Group is not set to `Guest (8)`. Check by right clicking on the server name, `Edit virtual server`, and in the middle of the panel select the `Misc` tab.
+
+### `TypeError: string indices must be integers, not str`
+
+This error generally means teamspeak returned an error message that went unhandled. The full traceback is required for proper debugging, which the logs do not record. Please check the superuser notifications for this record and get in touch with a developer.
+
+### `3331 flood ban`
+
+This most commonly happens when your teamspeak server is externally hosted. You need to add the auth server IP to the teamspeak serverquery whitelist. This varies by provider.
+
+If you have SSH access to the server hosting it, you need to locate the teamspeak server folder and add the auth server IP on a new line in  `server_query_whitelist.txt`
+
+### `520 invalid loginname or password`
+
+The serverquery account login specified in settings.py is incorrect. Please verify `TEAMSPEAK3_SERVERQUERY_USER` and `TEAMSPEAK3_SERVERQUERY_PASSWORD`. The [installation section](#update-settings) describes where to get them.
+
+### `2568 insufficient client permissions`
+
+This usually occurs if you've created a separate serverquery user to use with auth. It has not been assigned sufficient permissions to complete all the tasks required of it. The full list of required permissions is not known, so assign liberally.
--- a/docs/installation/services/xenforo.md
+++ b/docs/installation/services/xenforo.md
@@ -0,0 +1,33 @@
+# XenForo
+
+Add `services.modules.xenforo` to your `INSTALLED_APPS` list and run migrations before continuing with this guide to ensure the service is installed.
+
+In this chapter we will explore how to setup AllianceAuth to work with [XenForo](https://xenforo.com/). At this point we will assume that you already have XenForo installed with a valid license (please keep in mind that XenForo is not free nor open-source, therefore you need to purchase a license first). If you come across any problems related with the installation of XenForo please contact their support service.
+
+
+## XenAPI
+
+By default XenForo does not support any kind of API, however there is a third-party package called [XenAPI](https://github.com/Contex/XenAPI) which provides a simple REST interface by which we can access XenForo's functions in order to create and edit users.
+
+The installation of XenAPI is pretty straight forward. The only thing you need to do is to download the `api.php` from the official repository and upload it in the root folder of your XenForo installation. The final result should look like this:
+*forumswebsite.com/***api.php**
+
+Now that XenAPI is installed the only thing left to do is to provide a key.
+
+```php
+$restAPI = new RestAPI('REPLACE_THIS_WITH_AN_API_KEY');
+```
+
+## Configuration
+
+AllianceAuth only needs to know 3 things about XenForo.
+
+ The API Endpoint
+ The API Key
+ The default group
+
+The first two should be self explanatory. The default group is where AllianceAuth will add the user once his account is created. Unfortunately XenAPI **cannot create new groups**, therefore you have to create a group manually and then get its ID.
+
+When you have a forum section which should be accessible ONLY by the auth'd users the access settings must be set to the default group.
+
+In the future we will have different groups for blues and alliance/corp members.
--- a/docs/maintenance/changelog.md
+++ b/docs/maintenance/changelog.md
@@ -0,0 +1,297 @@
+# Changelog
+
+## From now on all changelogs will be included as release notes.
+https://github.com/allianceauth/allianceauth/releases
+
+### 547
+Oct 16
+
+Golly this is a big one. Upgrading takes a bit of work. [For full instructions click here.](https://github.com/allianceauth/allianceauth/pull/547#issue-183247630)
+
+ - Update django version to 1.10
+ - Remove member/blue permissions
+   - implement user states
+ - implement Django's messaging framework for site feedback
+ - remove pathfinder support
+ - remove fleet fits page
+ - remove wormhole tracker
+ - do not store service passwords
+ - supervisor configs for celery tasks and authenticator
+ - buttons on admin site to sync service groups
+ - show number of notifications
+ - fix all button css
+ - rewrite and centralize API checks
+ - bulk mark read / delete for notifications
+ - replace hard-coded urls with reverse by name
+ - python 3 compatibility
+ - correct navbar active link with translated urls
+
+### 468
+June 12
+ - XenForo integration added
+ - Discord integration updated to use OAuth and official API
+ - FleetUp fixes for empty responses
+
+### 441
+May 27
+ - Added option to require new API keys
+   - Reduces threat of stolen keys being used to create accounts
+   - Requires two new settings:
+     - `REJECT_OLD_APIS`, default `False`
+     - `REJECT_OLD_APIS_MARGIN`, default 50
+
+### 423
+May 9
+ - Added statistics to fleet activity tracking
+ - Capture teamspeak error codes in logs from failed account creation
+
+### 401
+Apr 29
+ - Added FleetUp integration
+ - Added Fleet Activity Tracking links
+   - settings.py has new entries and will have to be updated
+
+### 394
+Apr 17
+ - Added Discourse integration
+ - Added Pathfinder integration
+   - settings.py has new entries and will have to be updated
+
+### 386
+Apr 15 2016
+ - Corrected Teamspeak group sync triggers
+ - Modified username sanitization to reduce username collisions
+
+### 369
+Apr 7 2016
+ - Added Evernus Alliance Market Integration
+   - Requires libffi-devel (centos) or libffi-dev (ubuntu) and pip install bcrypt
+
+### 365
+Apr 6 2016
+ - Added SMF2 Forums integration
+   - Requires a settings.py file update for existing installs
+
+### 360
+Apr 4 2016
+ - Added a countdown / local time to the fleet operations timers
+ - Fixed the corporation structure timers so the countdown shows up correctly
+
+### 340
+Mar 31 2016
+ - Added Support for IP Board 4 / IP Suite 4
+   - You must update settings.py accordingly if updating form a previous version.
+   - only allows for the member group to sync. Additional groups must be manually added
+ - Fixed a bug with corporation stats not showing correct users and numbers
+
+### 328
+Mar 24 2016
+ - Added Enhancements to the SRP Management
+   - Users can now enable and disable srp links.
+   - The Approve and Reject buttons will show up depending on the srp status.
+   - Fixed an issue where SRP Requests were not getting the proper status assigned.
+
+### 321
+Mar 23 2016
+ - Added Ship types and kill board data to the SRP management.
+   - These are automatically pulled from zKillboard.
+   - zKillboard is the only killboard links that the SRP Manager Accepts Now.
+
+### 314
+Mar 22 2016
+ - Revamp of the Human Resources Application and Management System
+   - see the [docs](../features/hrapplications.md) for how to use the new system
+   - a completely untested conversion script exists. If you want to view your old models, contact Adarnof to try it out
+ - Moved Error Handling for the API Keys to the API Calls to better handle API server outages
+ - Removed the infamous database update task
+   - implemented a receiver to update service groups as they change
+
+To remove the database update task from the scheduler, navigate to your django admin site, and delete the run_databaseUpdate model from the periodic tasks. Restart celery.
+
+Mumble now uses an ICE authenticator. This requires an additional dependency. Please install `libbz2-dev` and `libssl-dev` prior to running the update script:
+
+    sudo apt-get install libbz2-dev libssl-dev
+
+Now run the update script.
+
+Old Mumble accounts are incompatible. Users will need to recreate them (sorry). To clear the old ones out:
+
+    python manage.py shell
+    from services.tasks import disable_mumble
+    disable_mumble()
+
+To set up the authenticator, follow the [Mumble setup guide.](../installation/services/mumble.md)
+
+Optional: you can delete the entire mumble database block in settings.py
+
+### 304
+Mar 8 2016
+ - Repurposed Signature Tracker for Wormhole Use. Combat sites are a ever changing thing therefore removed.
+ - Increased run_databaseUpdate time to 10 minutes to address stability problems for larger alliances.
+
+### 296
+Feb 27 2016
+ - corrected an issue with populating corp stats for characters with missing api keys
+ - moved log files to dedicated folder to allow apache access so it can rotate them
+ - merged Corp Stats and Member Tracking apps
+   - `corp_stats` and `corputils` permissions have been depreciated
+   - assign either of `corp_apis` or `alliance_apis` to get access to Corp Stats app
+     - `corp_apis` populates APIs of user's main corp
+     - `alliance_apis` populates APIs of user's main alliance
+
+### 289
+Feb 25 2016
+ - Changed the start time format on the fleet operations board to use the 24 hour format
+   - Fixed an issue when updating the fleet operations timers the date time picker would not work.
+
+### 286
+Feb 23 2016
+- Added ability to remove notifications
+
+### 278
+Feb 18 2016
+ - notifications for events:
+   - api failed validation during refresh
+   - group request accepted/rejected
+   - corp application accepted/rejected
+   - services disabled
+ - logging notifications include traceback
+ - automatically assign alliance groups of the form "Alliance_NAME"
+ - parallel corp model updates via celery broker for performance improvements
+ - new functions to clear service info for decommissioning a service
+
+settings.py will need to be updated to include the new settings.
+
+### 265
+Feb 13 2016
+ - prototype notification system
+ - logging errors as notifications based on new permission `logging_notifications`
+
+The logging configuration in settings.py has changed. Please update.
+
+### 263
+Feb 12 2016
+ - revamped `run_corp_update` function which actually works
+ - fixed group syncing in discord and openfire
+
+### 259
+Feb 11 2016
+  - Added ability to edit structure timers
+  - Added ability to edit fleet operations timers
+  - Added ability to edit Signatures
+
+
+### 245
+Feb 7 2016
+
+ - ability to toggle assigning corp groups
+ - users able to manually trigger api refresh
+
+Two new settings in [settings.py](../installation/auth/settings.md) - `MEMBER_CORP_GROUPS` and `BLUE_CORP_GROUPS` - be sure to add them.
+
+### 226
+Jan 31 2016
+
+Been a while since one of these was written so a big list.
+
+ - corrected user permission caching for Phpbb3
+ - open groups which don't require application approval
+ - additional weblink data for TS3 to encourage proper usernames
+ - corp-restricted timers
+ - signature tracker
+ - tolerate random 221 errors from EVE api servers till CCP FoxFour gets it sorted
+ - new corp member auditing app
+ - fleet operation timers
+ - revamped member status checking and assignment
+
+Loads of new permissions. See the readme for descriptions.
+
+Need to install new requirements - `sudo pip install -r requirements.txt`
+
+Incompatible with Python2.6 or older. Please update. Please. It's 2016 people.
+
+Settings.py got nuked. Backup your current settings.py, copy the example, and repopulate.
+
+New caching directory for requests - if you're using apache to serve the site, `cache/` needs to be writable by the webserver. Easiest way is to `chown -R www-data:www-data cache` from within the allianceauth install dir.
+
+### 145
+Jan 6 2016
+
+ - complete logging system for all apps
+ - custom service passwords
+ - Discord token caching to prevent locking out users
+ - Jabber broadcast group restrictions
+ - Password reset email contains domain
+ - Index page only renders forums/killboard/media if url specified
+ - timestamps on hrapplication comments
+ - corrected corp/alliance model creation logic
+ - corrected typecasting of access masks during api checks
+ - prevent TS3 from attempting to sync groups if not installed
+
+New permissions - see readme.
+
+Need to install new requirements.
+
+Settings.py has changed. Make a new one from the example.
+
+### 118
+Dec 2 2015
+
+ - add timers by time remaining
+ - Discord support
+ - corrected celerytask logic
+ - handle many 500s thrown in views
+
+New settings.py again. Need to reinstall requirements.
+
+### 107
+Nov 28 2015
+
+ - added broadcast plugin support for openfire
+ - timer addition by remaining time, not fixed date
+ - corrected alliance model deletion logic
+ - corrected name rendering on templates
+
+Openfire setup guide has been updated for the new plugin.
+
+### 102
+Nov 25 2015
+
+ - variable API requirements
+ - api access mask validation during refresh
+ - support for customization of templates
+ - celery task resource reduction
+ - vagrant support
+
+All templates and staticfiles have been moved. If you've customized any of these, make a backup before pulling changes.
+
+New command `python manage.py collectstatic` added to install guide. Should be run after every update.
+
+New settings.py template. Make a backup of the old one, copy the example, and populate.
+
+### 87
+Nov 15 2015
+
+A couple quality-of-life improvements.
+
+ - corrected an error in the Teamspeak3 Manager improperly parsing responses
+ - added the ability to hide groups from the web interface
+ - added a feature for phpbb avatars to be set to the character portrait
+
+New permissions for the `HiddenGroup` model only affect the admin site (default model permissions)
+
+The Phpbb3 setup guide has been updated to reflect avatars.
+
+### 72
+Nov 5th 2015
+
+On November 5th we performed two major pulls from Adarnof’s and Kaezon’s forks.
+
+Improvements include:
+
+ - ability to deploy for either corp or alliance
+ - improved logic for member status transitions
+ - group syncing to TS3
+ - template corrections
+
+Migration to the new version is a bit trickier because of changes to settings.py - it's easiest to archive the old one, make a copy of the new template, and repopulate it.
--- a/docs/maintenance/index.md
+++ b/docs/maintenance/index.md
@@ -0,0 +1,10 @@
+# Maintenance
+
+```eval_rst
+.. toctree::
+    :maxdepth: 1
+
+    changelog
+    troubleshooting
+
+```
--- a/docs/maintenance/troubleshooting.md
+++ b/docs/maintenance/troubleshooting.md
@@ -0,0 +1,49 @@
+# Troubleshooting
+
+## Something broken? Stuck on an issue? Can't get it set up?
+
+Start here:
+ - check the [issues](https://github.com/allianceauth/allianceauth/issues?utf8=%E2%9C%93&q=is%3Aissue) - especially closed ones
+ - check the [forums](https://forums.eveonline.com/default.aspx?g=posts&t=383030)
+
+No answer?
+ - open an [issue](https://github.com/allianceauth/allianceauth/issues)
+ - harass us on [gitter](https://gitter.im/R4stl1n/allianceauth)
+ - post to the [forums](https://forums.eveonline.com/default.aspx?g=posts&t=383030)
+
+## Common Problems
+
+### `pip install -r requirements.txt` is failing
+
+Either you need to `sudo` that command, or it's a missing dependency. Check [the list](../installation/auth/dependencies.md), reinstall, and try again.
+
+### I'm getting an error 500 trying to connect to the website on a new install
+
+Read the apache error log: `sudo nano /var/log/apache2/error.log`
+
+If it talks about failing to import something, google its name and install it.
+
+If it whines about being unable to configure logger, see below. 
+
+### Failed to configure log handler
+
+Make sure the log directory is write-able: `chmod -R 777 /home/allianceserver/allianceauth/log`, then reload apache/celery/supervisor/etc.
+
+### Groups aren't syncing to services
+
+Make sure the background processes are running: `ps aux | grep celery` should return more than 1 line. More lines if you have more cores on your server's processor. If there are more than two lines starting with `SCREEN`, kill all of them with `kill #` where `#` is the process ID (second column), then restart with [these background process commands](../installation/auth/quickstart.md) from the allianceauth directory. You can't start these commands as root.
+
+If that doesn't do it, try clearing the worker queue. First kill all celery processes as described above, then do the following:
+
+    redis-cli FLUSHALL
+    python manage.py celeryd --purge
+
+Press control+C once.
+
+    python manage.py celeryd --discard
+
+Press control+C once.
+
+Now start celery again with [these background process commands.](../installation/auth/quickstart.md)
+
+While debugging, it is useful to see if tasks are being executed. The easiest tool is [flower](http://flower.readthedocs.io/). Install it with this: `sudo pip install flower`, then start it with this: `celery flower --broker=amqp://guest:guest@localhost:5672//`. To view the status, navigate to your server IP, port 5555.
--- a/docs/make.bat
+++ b/docs/make.bat
@@ -0,0 +1,36 @@
+@ECHO OFF
+
+pushd %~dp0
+
+REM Command file for Sphinx documentation
+
+if "%SPHINXBUILD%" == "" (
+	set SPHINXBUILD=sphinx-build
+)
+set SOURCEDIR=.
+set BUILDDIR=_build
+set SPHINXPROJ=AllianceAuth
+
+if "%1" == "" goto help
+
+%SPHINXBUILD% >NUL 2>NUL
+if errorlevel 9009 (
+	echo.
+	echo.The 'sphinx-build' command was not found. Make sure you have Sphinx
+	echo.installed, then set the SPHINXBUILD environment variable to point
+	echo.to the full path of the 'sphinx-build' executable. Alternatively you
+	echo.may add the Sphinx directory to PATH.
+	echo.
+	echo.If you don't have Sphinx installed, grab it from
+	echo.http://sphinx-doc.org/
+	exit /b 1
+)
+
+%SPHINXBUILD% -M %1 %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
+goto end
+
+:help
+%SPHINXBUILD% -M help %SOURCEDIR% %BUILDDIR% %SPHINXOPTS%
+
+:end
+popd
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -0,0 +1,3 @@
+sphinx>=1.4.0,<1.5.0
+sphinx_rtd_theme>=0.1.9
+recommonmark==0.4.0
--- a/eveonline/admin.py
+++ b/eveonline/admin.py
@@ -13,7 +13,17 @@ admin.site.register(EveCorporationInfo)

 class EveApiKeyPairAdmin(admin.ModelAdmin):
    search_fields = ['api_id', 'user__username']
-    list_display = ['api_id', 'user']
+    list_display = ['api_id', 'user', 'characters']
+
+    @staticmethod
+    def characters(obj):
+        return ', '.join(sorted([c.character_name for c in EveCharacter.objects.filter(api_id=obj.api_id)]))
+
+    def get_search_results(self, request, queryset, search_term):
+        queryset, use_distinct = super(EveApiKeyPairAdmin, self).get_search_results(request, queryset, search_term)
+        chars = EveCharacter.objects.filter(character_name__icontains=search_term)
+        queryset |= EveApiKeyPair.objects.filter(api_id__in=[char.api_id for char in chars if bool(char.api_id)])
+        return queryset, use_distinct


 class EveCharacterAdmin(admin.ModelAdmin):
@@ -23,7 +33,7 @@ class EveCharacterAdmin(admin.ModelAdmin):
    @staticmethod
    def main_character(obj):
        if obj.user:
-            auth = AuthServicesInfo.objects.get_or_create(user=obj.user)[0]
+            auth = AuthServicesInfo.objects.get(user=obj.user)
            if auth and auth.main_char_id:
                try:
                    return EveCharacter.objects.get(character_id=auth.main_char_id)
--- a/eveonline/forms.py
+++ b/eveonline/forms.py
@@ -28,7 +28,10 @@ class UpdateKeyForm(forms.Form):
            raise forms.ValidationError("API ID must be a number")

    def clean(self):
-        super(UpdateKeyForm, self).clean()
+        if 'api_id' not in self.cleaned_data or 'api_key' not in self.cleaned_data:
+            # need to check if api_id and vcode in cleaned_data because
+            # if they fail, they get removed from the dict but this method still happens
+            return self.cleaned_data

        if EveManager.check_if_api_key_pair_exist(self.cleaned_data['api_id']):
            logger.debug("UpdateKeyForm failed cleaning as API id %s already exists." % self.cleaned_data['api_id'])
--- a/eveonline/managers.py
+++ b/eveonline/managers.py
@@ -3,71 +3,60 @@ from eveonline.models import EveCharacter
 from eveonline.models import EveApiKeyPair
 from eveonline.models import EveAllianceInfo
 from eveonline.models import EveCorporationInfo
-
+from authentication.models import AuthServicesInfo
+from eveonline.providers import eve_adapter_factory, EveXmlProvider
 from services.managers.eve_api_manager import EveApiManager
 import logging

 logger = logging.getLogger(__name__)


-class EveManager:
-    def __init__(self):
-        pass
+class EveManager(object):
+    adapter = None
+
+    @classmethod
+    def get_adapter(cls):
+        if not cls.adapter:
+            cls.adapter = eve_adapter_factory()
+        return cls.adapter
+
+    @classmethod
+    def get_character(cls, character_id):
+        return cls.get_adapter().get_character(character_id)

    @staticmethod
-    def create_character(character_id, character_name, corporation_id,
-                         corporation_name, corporation_ticker, alliance_id,
-                         alliance_name, user, api_id):
-        logger.debug("Creating model for character %s id %s" % (character_name, character_id))
-        if not EveCharacter.objects.filter(character_id=character_id).exists():
-            eve_char = EveCharacter()
-            eve_char.character_id = character_id
-            eve_char.character_name = character_name
-            eve_char.corporation_id = corporation_id
-            eve_char.corporation_name = corporation_name
-            eve_char.corporation_ticker = corporation_ticker
-            eve_char.alliance_id = alliance_id
-            eve_char.alliance_name = alliance_name
-            eve_char.user = user
-            eve_char.api_id = api_id
-            eve_char.save()
-            logger.info("Created new character model %s for user %s" % (eve_char, user))
-        else:
-            logger.warn("Attempting to create existing character model with id %s" % character_id)
+    def create_character(id, user, api_id):
+        return EveManager.create_character_obj(EveManager.get_character(id), user, api_id)

    @staticmethod
-    def create_characters_from_list(chars, user, api_id):
-        logger.debug("Creating characters from batch: %s" % chars.result)
-        for char in chars.result:
-            if not EveManager.check_if_character_exist(chars.result[char]['name']):
-                EveManager.create_character(chars.result[char]['id'],
-                                            chars.result[char]['name'],
-                                            chars.result[char]['corp']['id'],
-                                            chars.result[char]['corp']['name'],
-                                            EveApiManager.get_corporation_ticker_from_id(
-                                                chars.result[char]['corp']['id']),
-                                            chars.result[char]['alliance']['id'],
-                                            chars.result[char]['alliance']['name'],
-                                            user, api_id)
+    def create_character_obj(character, user, api_id):
+        return EveCharacter.objects.create(
+            character_id=character.id,
+            character_name=character.name,
+            corporation_id=character.corp.id,
+            corporation_name=character.corp.name,
+            corporation_ticker=character.corp.ticker,
+            alliance_id=character.alliance.id,
+            alliance_name=character.alliance.name,
+            user=user,
+            api_id=api_id,
+        )

    @staticmethod
-    def update_characters_from_list(chars):
-        logger.debug("Updating characters from list: %s" % chars.result)
-        for char in chars.result:
-            if EveManager.check_if_character_exist(chars.result[char]['name']):
-                eve_char = EveManager.get_character_by_character_name(chars.result[char]['name'])
-                logger.debug("Got existing character model %s" % eve_char)
-                eve_char.corporation_id = chars.result[char]['corp']['id']
-                eve_char.corporation_name = chars.result[char]['corp']['name']
-                eve_char.corporation_ticker = EveApiManager.get_corporation_ticker_from_id(
-                    chars.result[char]['corp']['id'])
-                eve_char.alliance_id = chars.result[char]['alliance']['id']
-                eve_char.alliance_name = chars.result[char]['alliance']['name']
-                eve_char.save()
-                logger.info("Updated character model %s" % eve_char)
-            else:
-                logger.warn(
-                    "Attempting to update non-existing character model with name %s" % chars.result[char]['name'])
+    def update_character(id):
+        return EveManager.update_character_obj(EveManager.get_character(id))
+
+    @staticmethod
+    def update_character_obj(char):
+        model = EveCharacter.objects.get(character_id=char.id)
+        model.character_name = char.name
+        model.corporation_id = char.corp.id
+        model.corporation_name = char.corp.name
+        model.corporation_ticker = char.corp.ticker
+        model.alliance_id = char.alliance.id
+        model.alliance_name = char.alliance.name
+        model.save()
+        return model

    @staticmethod
    def create_api_keypair(api_id, api_key, user_id):
@@ -82,65 +71,97 @@ class EveManager:
        else:
            logger.warn("Attempting to create existing api keypair with id %s" % api_id)

-    @staticmethod
-    def create_alliance_info(alliance_id, alliance_name, alliance_ticker, alliance_executor_corp_id,
-                             alliance_member_count, is_blue):
-        logger.debug("Creating alliance info for alliance %s id %s" % (alliance_name, alliance_id))
-        if not EveManager.check_if_alliance_exists_by_id(alliance_id):
-            alliance_info = EveAllianceInfo()
-            alliance_info.alliance_id = alliance_id
-            alliance_info.alliance_name = alliance_name
-            alliance_info.alliance_ticker = alliance_ticker
-            alliance_info.executor_corp_id = alliance_executor_corp_id
-            alliance_info.member_count = alliance_member_count
-            alliance_info.is_blue = is_blue
-            alliance_info.save()
-            logger.info("Created alliance model for %s" % alliance_info)
-        else:
-            logger.warn("Attempting to create existing alliance model with id %s" % alliance_id)
+    @classmethod
+    def get_alliance(cls, alliance_id):
+        return cls.get_adapter().get_alliance(alliance_id)

    @staticmethod
-    def update_alliance_info(alliance_id, alliance_executor_corp_id, alliance_member_count, is_blue):
-        logger.debug("Updating alliance model with id %s" % alliance_id)
-        if EveManager.check_if_alliance_exists_by_id(alliance_id):
-            alliance_info = EveAllianceInfo.objects.get(alliance_id=alliance_id)
-            alliance_info.executor_corp_id = alliance_executor_corp_id
-            alliance_info.member_count = alliance_member_count
-            alliance_info.is_blue = is_blue
-            alliance_info.save()
-            logger.debug("Updated alliance model %s" % alliance_info)
-        else:
-            logger.warn("Attempting to update non-existing alliance model with id %s" % alliance_id)
+    def create_alliance(id, is_blue=False):
+        return EveManager.create_alliance_obj(EveManager.get_alliance(id), is_blue=is_blue)

    @staticmethod
-    def create_corporation_info(corp_id, corp_name, corp_ticker, corp_member_count, is_blue, alliance):
-        logger.debug("Creating corp info for corp %s id %s" % (corp_name, corp_id))
-        if not EveManager.check_if_corporation_exists_by_id(corp_id):
-            corp_info = EveCorporationInfo()
-            corp_info.corporation_id = corp_id
-            corp_info.corporation_name = corp_name
-            corp_info.corporation_ticker = corp_ticker
-            corp_info.member_count = corp_member_count
-            corp_info.is_blue = is_blue
-            if alliance:
-                corp_info.alliance = alliance
-            corp_info.save()
-            logger.info("Created corp model for %s" % corp_info)
-        else:
-            logger.warn("Attempting to create existing corp model with id %s" % corp_id)
+    def create_alliance_obj(alliance, is_blue=False):
+        return EveAllianceInfo.objects.create(
+            alliance_id=alliance.id,
+            alliance_name=alliance.name,
+            alliance_ticker=alliance.ticker,
+            executor_corp_id=alliance.executor_corp_id,
+            is_blue=is_blue,
+        )

    @staticmethod
-    def update_corporation_info(corp_id, corp_member_count, alliance, is_blue):
-        logger.debug("Updating corp model with id %s" % corp_id)
-        if EveManager.check_if_corporation_exists_by_id(corp_id):
-            corp_info = EveCorporationInfo.objects.get(corporation_id=corp_id)
-            corp_info.member_count = corp_member_count
-            corp_info.alliance = alliance
-            corp_info.is_blue = is_blue
-            corp_info.save()
-            logger.debug("Updated corp model %s" % corp_info)
-        else:
-            logger.warn("Attempting to update non-existant corp model with id %s" % corp_id)
+    def update_alliance(id, is_blue=None):
+        return EveManager.update_alliance_obj(EveManager.get_alliance(id), is_blue=is_blue)
+
+    @staticmethod
+    def update_alliance_obj(alliance, is_blue=None):
+        model = EveAllianceInfo.objects.get(alliance_id=alliance.id)
+        model.executor_corp_id = alliance.executor_corp_id
+        model.is_blue = model.is_blue if is_blue is None else is_blue
+        model.save()
+        return model
+
+    @staticmethod
+    def populate_alliance(id):
+        alliance_model = EveAllianceInfo.objects.get(alliance_id=id)
+        alliance = EveManager.get_alliance(id)
+        for corp_id in alliance.corp_ids:
+            if not EveCorporationInfo.objects.filter(corporation_id=corp_id).exists():
+                EveManager.create_corporation(corp_id, is_blue=alliance_model.is_blue)
+        EveCorporationInfo.objects.filter(corporation_id__in=alliance.corp_ids).update(alliance=alliance_model)
+        EveCorporationInfo.objects.filter(alliance=alliance_model).exclude(corporation_id__in=alliance.corp_ids).update(
+            alliance=None)
+        if alliance_model.is_blue:
+            EveCorporationInfo.objects.filter(alliance=alliance_model).update(is_blue=True)
+
+    @classmethod
+    def get_corporation(cls, corp_id):
+        return cls.get_adapter().get_corp(corp_id)
+
+    @staticmethod
+    def create_corporation(id, is_blue=False):
+        return EveManager.create_corporation_obj(EveManager.get_corporation(id), is_blue=is_blue)
+
+    @staticmethod
+    def create_corporation_obj(corp, is_blue=False):
+        try:
+            alliance = EveAllianceInfo.objects.get(alliance_id=corp.alliance_id)
+        except EveAllianceInfo.DoesNotExist:
+            alliance = None
+        return EveCorporationInfo.objects.create(
+            corporation_id=corp.id,
+            corporation_name=corp.name,
+            corporation_ticker=corp.ticker,
+            member_count=corp.members,
+            alliance=alliance,
+            is_blue=is_blue,
+        )
+
+    @staticmethod
+    def update_corporation(id, is_blue=None):
+        return EveManager.update_corporation_obj(EveManager.get_corporation(id), is_blue=is_blue)
+
+    @staticmethod
+    def update_corporation_obj(corp, is_blue=None):
+        model = EveCorporationInfo.objects.get(corporation_id=corp.id)
+        model.member_count = corp.members
+        try:
+            model.alliance = EveAllianceInfo.objects.get(alliance_id=corp.alliance_id)
+        except EveAllianceInfo.DoesNotExist:
+            model.alliance = None
+        model.is_blue = model.is_blue if is_blue is None else is_blue
+        model.save()
+        return model
+
+    @classmethod
+    def get_itemtype(cls, type_id):
+        return cls.get_adapter().get_itemtype(type_id)
+
+    @staticmethod
+    def get_characters_from_api(api):
+        char_result = EveApiManager.get_characters_from_api(api.api_id, api.api_key).result
+        provider = EveXmlProvider(adapter=EveManager.get_adapter())
+        return [provider._build_character(result) for id, result in char_result.items()]

    @staticmethod
    def get_api_key_pairs(user):
@@ -150,6 +171,14 @@ class EveManager:
        else:
            logger.debug("No api keypairs found for user %s" % user)

+    @staticmethod
+    def get_all_api_key_pairs():
+        if EveApiKeyPair.objects.exists():
+            logger.debug("Returning all api keypairs.")
+            return EveApiKeyPair.objects.all()
+        else:
+            logger.debug("No api keypairs found.")
+
    @staticmethod
    def check_if_api_key_pair_exist(api_id):
        if EveApiKeyPair.objects.filter(api_id=api_id).exists():
@@ -227,6 +256,20 @@ class EveManager:

        return None

+    @staticmethod
+    def get_main_character(user):
+        """
+        Get a characters main
+        :param user: django.contrib.auth.models.User
+        :return: EveCharacter
+        """
+        authserviceinfo = AuthServicesInfo.objects.get(user=user)
+        return EveManager.get_character_by_id(authserviceinfo.main_char_id)
+
+    @staticmethod
+    def get_characters_by_api_id(api_id):
+        return EveCharacter.objects.filter(api_id=api_id)
+
    @staticmethod
    def get_charater_alliance_id_by_id(char_id):
        if EveCharacter.objects.filter(character_id=char_id).exists():
--- a/eveonline/migrations/0005_remove_eveallianceinfo_member_count.py
+++ b/eveonline/migrations/0005_remove_eveallianceinfo_member_count.py
@@ -0,0 +1,19 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.1 on 2016-12-16 23:22
+from __future__ import unicode_literals
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('eveonline', '0004_eveapikeypair_sso_verified'),
+    ]
+
+    operations = [
+        migrations.RemoveField(
+            model_name='eveallianceinfo',
+            name='member_count',
+        ),
+    ]
--- a/eveonline/migrations/0006_allow_null_evecharacter_alliance.py
+++ b/eveonline/migrations/0006_allow_null_evecharacter_alliance.py
@@ -0,0 +1,25 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.1 on 2017-01-02 19:23
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('eveonline', '0005_remove_eveallianceinfo_member_count'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='evecharacter',
+            name='alliance_id',
+            field=models.CharField(blank=True, default='', max_length=254, null=True),
+        ),
+        migrations.AlterField(
+            model_name='evecharacter',
+            name='alliance_name',
+            field=models.CharField(blank=True, default='', max_length=254, null=True),
+        ),
+    ]
--- a/eveonline/migrations/0007_unique_id_name.py
+++ b/eveonline/migrations/0007_unique_id_name.py
@@ -0,0 +1,122 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.10.5 on 2017-01-18 13:20
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+def get_duplicates(items):
+    return set([item for item in items if items.count(item) > 1])
+
+
+def enforce_unique_characters(apps, schema_editor):
+    EveCharacter = apps.get_model('eveonline', 'EveCharacter')
+
+    ids = [c.character_id for c in EveCharacter.objects.all()]
+    duplicates = get_duplicates(ids)
+    for c_id in duplicates:
+        dupes = EveCharacter.objects.filter(character_id=c_id)
+        dupes.exclude(pk=dupes[0].pk).delete()
+
+    names = [c.character_name for c in EveCharacter.objects.all()]
+    duplicates = get_duplicates(names)
+    for name in duplicates:
+        dupes = EveCharacter.objects.filter(character_name=name)
+        dupes.exclude(pk=dupes[0].pk).delete()
+
+
+def enforce_unique_corporations(apps, schema_editor):
+    EveCorporationInfo = apps.get_model('eveonline', 'EveCorporationInfo')
+
+    ids = [c.corporation_id for c in EveCorporationInfo.objects.all()]
+    duplicates = get_duplicates(ids)
+    for c_id in duplicates:
+        dupes = EveCorporationInfo.objects.filter(corporation_id=c_id)
+        dupes.exclude(pk=dupes[0].pk).delete()
+
+    names = [c.corporation_name for c in EveCorporationInfo.objects.all()]
+    duplicates = get_duplicates(names)
+    for name in duplicates:
+        dupes = EveCorporationInfo.objects.filter(character_name=name)
+        dupes.exclude(pk=dupes[0].pk).delete()
+
+
+def enforce_unique_alliances(apps, schema_editor):
+    EveAllianceInfo = apps.get_model('eveonline', 'EveAllianceInfo')
+    EveCorporationInfo = apps.get_model('eveonline', 'EveCorporationInfo')
+
+    ids = [a.alliance_id for a in EveAllianceInfo.objects.all()]
+    duplicates = get_duplicates(ids)
+    for a_id in duplicates:
+        dupes = EveAllianceInfo.objects.filter(alliance_id=a_id)
+        to_be_kept = dupes[0]
+        EveCorporationInfo.objects.filter(alliance__pk__in=[a.pk for a in dupes.exclude(pk=to_be_kept.pk)]).update(
+            alliance=to_be_kept.pk)
+        dupes.exclude(pk=to_be_kept.pk).delete()
+
+    names = [a.alliance_name for a in EveAllianceInfo.objects.all()]
+    duplicates = get_duplicates(names)
+    for name in duplicates:
+        dupes = EveAllianceInfo.objects.filter(alliance_name=name)
+        to_be_kept = dupes[0]
+        EveCorporationInfo.objects.filter(alliance__in=[a.pk for a in dupes.exclude(pk=to_be_kept.pk)]).update(
+            alliance=to_be_kept.pk)
+        dupes.exclude(pk=to_be_kept.pk).delete()
+
+
+def enforce_unique_apis(apps, schema_editor):
+    EveApiKeyPair = apps.get_model('eveonline', 'EveApiKeyPair')
+
+    ids = [api.api_id for api in EveApiKeyPair.objects.all()]
+    duplicates = get_duplicates(ids)
+    for api_id in duplicates:
+        dupes = EveApiKeyPair.objects.filter(api_id=api_id)
+        dupes.exclude(pk=dupes[0].pk).delete()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('eveonline', '0006_allow_null_evecharacter_alliance'),
+    ]
+
+    operations = [
+        migrations.RunPython(enforce_unique_characters, migrations.RunPython.noop),
+        migrations.RunPython(enforce_unique_corporations, migrations.RunPython.noop),
+        migrations.RunPython(enforce_unique_alliances, migrations.RunPython.noop),
+        migrations.RunPython(enforce_unique_apis, migrations.RunPython.noop),
+        migrations.AlterField(
+            model_name='evecharacter',
+            name='character_id',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='evecharacter',
+            name='character_name',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='evecorporationinfo',
+            name='corporation_id',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='evecorporationinfo',
+            name='corporation_name',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='eveallianceinfo',
+            name='alliance_id',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='eveallianceinfo',
+            name='alliance_name',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+        migrations.AlterField(
+            model_name='eveapikeypair',
+            name='api_id',
+            field=models.CharField(max_length=254, unique=True),
+        ),
+    ]
--- a/eveonline/models.py
+++ b/eveonline/models.py
@@ -6,13 +6,13 @@ from django.contrib.auth.models import User

@python_2_unicode_compatible
 class EveCharacter(models.Model):
-    character_id = models.CharField(max_length=254)
-    character_name = models.CharField(max_length=254)
+    character_id = models.CharField(max_length=254, unique=True)
+    character_name = models.CharField(max_length=254, unique=True)
    corporation_id = models.CharField(max_length=254)
    corporation_name = models.CharField(max_length=254)
    corporation_ticker = models.CharField(max_length=254)
-    alliance_id = models.CharField(max_length=254)
-    alliance_name = models.CharField(max_length=254)
+    alliance_id = models.CharField(max_length=254, blank=True, null=True, default='')
+    alliance_name = models.CharField(max_length=254, blank=True, null=True, default='')
    api_id = models.CharField(max_length=254)
    user = models.ForeignKey(User, blank=True, null=True)

@@ -22,7 +22,7 @@ class EveCharacter(models.Model):

@python_2_unicode_compatible
 class EveApiKeyPair(models.Model):
-    api_id = models.CharField(max_length=254)
+    api_id = models.CharField(max_length=254, unique=True)
    api_key = models.CharField(max_length=254)
    user = models.ForeignKey(User, blank=True, null=True)
    sso_verified = models.BooleanField(default=False)
@@ -33,12 +33,11 @@ class EveApiKeyPair(models.Model):

@python_2_unicode_compatible
 class EveAllianceInfo(models.Model):
-    alliance_id = models.CharField(max_length=254)
-    alliance_name = models.CharField(max_length=254)
+    alliance_id = models.CharField(max_length=254, unique=True)
+    alliance_name = models.CharField(max_length=254, unique=True)
    alliance_ticker = models.CharField(max_length=254)
    executor_corp_id = models.CharField(max_length=254)
    is_blue = models.BooleanField(default=False)
-    member_count = models.IntegerField()

    def __str__(self):
        return self.alliance_name
@@ -46,8 +45,8 @@ class EveAllianceInfo(models.Model):

@python_2_unicode_compatible
 class EveCorporationInfo(models.Model):
-    corporation_id = models.CharField(max_length=254)
-    corporation_name = models.CharField(max_length=254)
+    corporation_id = models.CharField(max_length=254, unique=True)
+    corporation_name = models.CharField(max_length=254, unique=True)
    corporation_ticker = models.CharField(max_length=254)
    member_count = models.IntegerField()
    is_blue = models.BooleanField(default=False)
--- a/eveonline/providers.py
+++ b/eveonline/providers.py
@@ -0,0 +1,479 @@
+from django.utils.encoding import python_2_unicode_compatible
+from esi.clients import esi_client_factory
+from django.conf import settings
+from django.core.cache import cache
+import json
+from bravado.exception import HTTPNotFound, HTTPUnprocessableEntity
+import evelink
+import logging
+
+logger = logging.getLogger(__name__)
+
+# optional setting to control cached object lifespan
+OBJ_CACHE_DURATION = int(getattr(settings, 'EVEONLINE_OBJ_CACHE_DURATION', 300))
+
+
+@python_2_unicode_compatible
+class ObjectNotFound(Exception):
+    def __init__(self, obj_id, type_name):
+        self.id = obj_id
+        self.type = type_name
+
+    def __str__(self):
+        return '%s with ID %s not found.' % (self.type, self.id)
+
+
+@python_2_unicode_compatible
+class Entity(object):
+    def __init__(self, id, name):
+        self.id = id
+        self.name = name
+
+    def __str__(self):
+        return self.name
+
+    def __repr__(self):
+        return "<{} ({}): {}>".format(self.__class__.__name__, self.id, self.name)
+
+    def __bool__(self):
+        return bool(self.id)
+
+    def __eq__(self, other):
+        return self.id == other.id
+
+    def serialize(self):
+        return {
+            'id': self.id,
+            'name': self.name,
+        }
+
+    @classmethod
+    def from_dict(cls, data_dict):
+        return cls(data_dict['id'], data_dict['name'])
+
+
+class Corporation(Entity):
+    def __init__(self, provider, id, name, ticker, ceo_id, members, alliance_id):
+        super(Corporation, self).__init__(id, name)
+        self.provider = provider
+        self.ticker = ticker
+        self.ceo_id = ceo_id
+        self.members = members
+        self.alliance_id = alliance_id
+        self._alliance = None
+        self._ceo = None
+
+    @property
+    def alliance(self):
+        if self.alliance_id:
+            if not self._alliance:
+                self._alliance = self.provider.get_alliance(self.alliance_id)
+            return self._alliance
+        return Entity(None, None)
+
+    @property
+    def ceo(self):
+        if not self._ceo:
+            self._ceo = self.provider.get_character(self.ceo_id)
+        return self._ceo
+
+    def serialize(self):
+        return {
+            'id': self.id,
+            'name': self.name,
+            'ticker': self.ticker,
+            'ceo_id': self.ceo_id,
+            'members': self.members,
+            'alliance_id': self.alliance_id
+        }
+
+    @classmethod
+    def from_dict(cls, dict):
+        return cls(
+            None,
+            dict['id'],
+            dict['name'],
+            dict['ticker'],
+            dict['ceo_id'],
+            dict['members'],
+            dict['alliance_id'],
+        )
+
+
+class Alliance(Entity):
+    def __init__(self, provider, id, name, ticker, corp_ids, executor_corp_id):
+        super(Alliance, self).__init__(id, name)
+        self.provider = provider
+        self.ticker = ticker
+        self.corp_ids = corp_ids
+        self.executor_corp_id = executor_corp_id
+        self._corps = {}
+
+    def corp(self, id):
+        assert id in self.corp_ids
+        if id not in self._corps:
+            self._corps[id] = self.provider.get_corp(id)
+            self._corps[id]._alliance = self
+        return self._corps[id]
+
+    @property
+    def corps(self):
+        return sorted([self.corp(id) for id in self.corp_ids], key=lambda x: x.name)
+
+    @property
+    def executor_corp(self):
+        return self.corp(self.executor_corp_id)
+
+    def serialize(self):
+        return {
+            'id': self.id,
+            'name': self.name,
+            'ticker': self.ticker,
+            'corp_ids': self.corp_ids,
+            'executor_corp_id': self.executor_corp_id,
+        }
+
+    @classmethod
+    def from_dict(cls, dict):
+        return cls(
+            None,
+            dict['id'],
+            dict['name'],
+            dict['ticker'],
+            dict['corp_ids'],
+            dict['executor_corp_id'],
+        )
+
+
+class Character(Entity):
+    def __init__(self, provider, id, name, corp_id, alliance_id):
+        super(Character, self).__init__(id, name)
+        self.provider = provider
+        self.corp_id = corp_id
+        self.alliance_id = alliance_id
+        self._corp = None
+        self._alliance = None
+
+    @property
+    def corp(self):
+        if not self._corp:
+            self._corp = self.provider.get_corp(self.corp_id)
+        return self._corp
+
+    @property
+    def alliance(self):
+        if self.alliance_id:
+            return self.corp.alliance
+        return Entity(None, None)
+
+    def serialize(self):
+        return {
+            'id': self.id,
+            'name': self.name,
+            'corp_id': self.corp_id,
+            'alliance_id': self.alliance_id,
+        }
+
+    @classmethod
+    def from_dict(cls, dict):
+        return cls(
+            None,
+            dict['id'],
+            dict['name'],
+            dict['corp_id'],
+            dict['alliance_id'],
+        )
+
+
+class ItemType(Entity):
+    def __init__(self, provider, type_id, name):
+        super(ItemType, self).__init__(type_id, name)
+        self.provider = provider
+
+    @classmethod
+    def from_dict(cls, data_dict):
+        return cls(
+            None,
+            data_dict['id'],
+            data_dict['name'],
+        )
+
+
+class EveProvider(object):
+    def get_alliance(self, alliance_id):
+        """
+        :return: an Alliance object for the given ID
+        """
+        raise NotImplementedError()
+
+    def get_corp(self, corp_id):
+        """
+        :return: a Corporation object for the given ID
+        """
+        raise NotImplementedError()
+
+    def get_character(self, character_id):
+        """
+        :return: a Character object for the given ID
+        """
+        raise NotImplementedError()
+
+    def get_itemtype(self, type_id):
+        """
+        :return: an ItemType object for the given ID
+        """
+        raise NotImplemented()
+
+
+@python_2_unicode_compatible
+class EveSwaggerProvider(EveProvider):
+    def __init__(self, token=None, adapter=None):
+        self.client = esi_client_factory(token=token, Alliance='v1', Character='v4', Corporation='v2', Universe='v2')
+        self.adapter = adapter or self
+
+    def __str__(self):
+        return 'esi'
+
+    def get_alliance(self, alliance_id):
+        try:
+            data = self.client.Alliance.get_alliances_alliance_id(alliance_id=alliance_id).result()
+            corps = self.client.Alliance.get_alliances_alliance_id_corporations(alliance_id=alliance_id).result()
+            model = Alliance(
+                self.adapter,
+                alliance_id,
+                data['alliance_name'],
+                data['ticker'],
+                corps,
+                data['executor_corporation_id'],
+            )
+            return model
+        except HTTPNotFound:
+            raise ObjectNotFound(alliance_id, 'alliance')
+
+    def get_corp(self, corp_id):
+        try:
+            data = self.client.Corporation.get_corporations_corporation_id(corporation_id=corp_id).result()
+            model = Corporation(
+                self.adapter,
+                corp_id,
+                data['corporation_name'],
+                data['ticker'],
+                data['ceo_id'],
+                data['member_count'],
+                data['alliance_id'] if 'alliance_id' in data else None,
+            )
+            return model
+        except HTTPNotFound:
+            raise ObjectNotFound(id, 'corporation')
+
+    def get_character(self, character_id):
+        try:
+            data = self.client.Character.get_characters_character_id(character_id=character_id).result()
+            alliance_id = self.adapter.get_corp(data['corporation_id']).alliance_id
+            model = Character(
+                self.adapter,
+                character_id,
+                data['name'],
+                data['corporation_id'],
+                alliance_id,
+            )
+            return model
+        except (HTTPNotFound, HTTPUnprocessableEntity):
+            raise ObjectNotFound(character_id, 'character')
+
+    def get_itemtype(self, type_id):
+        try:
+            data = self.client.Universe.get_universe_types_type_id(type_id=type_id).result()
+            return ItemType(self.adapter, type_id, data['name'])
+        except (HTTPNotFound, HTTPUnprocessableEntity):
+            raise ObjectNotFound(type_id, 'type')
+
+
+@python_2_unicode_compatible
+class EveXmlProvider(EveProvider):
+    def __init__(self, api_key=None, adapter=None):
+        """
+        :param api_key: eveonline.EveApiKeyPair
+        """
+        self.api = evelink.api.API(api_key=(api_key.api_id, api_key.api_key)) if api_key else evelink.api.API()
+        self.adapter = adapter or self
+
+    def __str__(self):
+        return 'xml'
+
+    def get_alliance(self, id):
+        api = evelink.eve.EVE(api=self.api)
+        alliances = api.alliances().result
+        try:
+            results = alliances[int(id)]
+        except KeyError:
+            raise ObjectNotFound(id, 'alliance')
+        model = Alliance(
+            self.adapter,
+            id,
+            results['name'],
+            results['ticker'],
+            results['member_corps'],
+            results['executor_id'],
+        )
+        return model
+
+    def get_corp(self, id):
+        api = evelink.corp.Corp(api=self.api)
+        try:
+            corpinfo = api.corporation_sheet(corp_id=int(id)).result
+        except evelink.api.APIError as e:
+            if int(e.code) == 523:
+                raise ObjectNotFound(id, 'corporation')
+            raise e
+        model = Corporation(
+            self.adapter,
+            id,
+            corpinfo['name'],
+            corpinfo['ceo']['id'],
+            corpinfo['members']['current'],
+            corpinfo['ticker'],
+            corpinfo['alliance']['id'] if corpinfo['alliance'] else None,
+        )
+        return model
+
+    def _build_character(self, result):
+        return Character(
+            self.adapter,
+            result['id'],
+            result['name'],
+            result['corp']['id'],
+            result['alliance']['id'],
+        )
+
+    def get_character(self, id):
+        api = evelink.eve.EVE(api=self.api)
+        try:
+            charinfo = api.character_info_from_id(id).result
+        except evelink.api.APIError as e:
+            if int(e.code) == 105:
+                raise ObjectNotFound(id, 'character')
+            raise e
+        return self._build_character(charinfo)
+
+    def get_itemtype(self, type_id):
+        api = evelink.eve.EVE(api=self.api)
+        try:
+            type_name = api.type_name_from_id(type_id).result
+            assert type_name != 'Unknown Type'
+            return ItemType(self.adapter, type_id, type_name)
+        except AssertionError:
+            raise ObjectNotFound(type_id, 'itemtype')
+
+
+class EveAdapter(EveProvider):
+    """
+    Redirects queries to appropriate data source.
+    """
+
+    def __init__(self, char_provider, corp_provider, alliance_provider, itemtype_provider):
+        self.char_provider = char_provider
+        self.corp_provider = corp_provider
+        self.alliance_provider = alliance_provider
+        self.itemtype_provider = itemtype_provider
+        self.char_provider.adapter = self
+        self.corp_provider.adapter = self
+        self.alliance_provider.adapter = self
+        self.itemtype_provider.adapter = self
+
+    def __repr__(self):
+        return "<{} (character:{} corp:{} alliance:{} itemtype:{})>".format(self.__class__.__name__,
+                                                                            str(self.char_provider),
+                                                                            str(self.corp_provider),
+                                                                            str(self.alliance_provider),
+                                                                            str(self.itemtype_provider))
+
+    @staticmethod
+    def _get_from_cache(obj_class, id):
+        data = cache.get('%s__%s' % (obj_class.__name__.lower(), id))
+        if data:
+            obj = obj_class.from_dict(json.loads(data))
+            logger.debug('Got from cache: %s' % obj.__repr__())
+            return obj
+        else:
+            return None
+
+    @staticmethod
+    def _cache(obj):
+        logger.debug('Caching: %s ' % obj.__repr__())
+        cache.set('%s__%s' % (obj.__class__.__name__.lower(), obj.id), json.dumps(obj.serialize()),
+                  int(OBJ_CACHE_DURATION))
+
+    def get_character(self, id):
+        obj = self._get_from_cache(Character, id)
+        if obj:
+            obj.provider = self
+        else:
+            obj = self._get_character(id)
+            self._cache(obj)
+        return obj
+
+    def get_corp(self, id):
+        obj = self._get_from_cache(Corporation, id)
+        if obj:
+            obj.provider = self
+        else:
+            obj = self._get_corp(id)
+            self._cache(obj)
+        return obj
+
+    def get_alliance(self, id):
+        obj = self._get_from_cache(Alliance, id)
+        if obj:
+            obj.provider = self
+        else:
+            obj = self._get_alliance(id)
+            self._cache(obj)
+        return obj
+
+    def get_itemtype(self, type_id):
+        obj = self._get_from_cache(ItemType, type_id)
+        if obj:
+            obj.provider = self
+        else:
+            obj = self._get_itemtype(type_id)
+            self._cache(obj)
+        return obj
+
+    def _get_character(self, id):
+        return self.char_provider.get_character(id)
+
+    def _get_corp(self, id):
+        return self.corp_provider.get_corp(id)
+
+    def _get_alliance(self, id):
+        return self.alliance_provider.get_alliance(id)
+
+    def _get_itemtype(self, type_id):
+        return self.itemtype_provider.get_itemtype(type_id)
+
+
+CHARACTER_PROVIDER = getattr(settings, 'EVEONLINE_CHARACTER_PROVIDER', '') or 'esi'
+CORP_PROVIDER = getattr(settings, 'EVEONLINE_CORP_PROVIDER', '') or 'esi'
+ALLIANCE_PROVIDER = getattr(settings, 'EVEONLINE_ALLIANCE_PROVIDER', '') or 'esi'
+ITEMTYPE_PROVIDER = getattr(settings, 'EVEONLINE_ITEMTYPE_PROVIDER', '') or 'esi'
+
+
+def eve_adapter_factory(character_source=CHARACTER_PROVIDER, corp_source=CORP_PROVIDER,
+                        alliance_source=ALLIANCE_PROVIDER, itemtype_source=ITEMTYPE_PROVIDER, api_key=None, token=None):
+    sources = [character_source, corp_source, alliance_source, itemtype_source]
+    providers = []
+
+    if 'xml' in sources:
+        xml = EveXmlProvider(api_key=api_key)
+    if 'esi' in sources:
+        esi = EveSwaggerProvider(token=token)
+
+    for source in sources:
+        if source == 'xml':
+            providers.append(xml)
+        elif source == 'esi':
+            providers.append(esi)
+        else:
+            raise ValueError('Unrecognized data source "%s"' % source)
+    return EveAdapter(providers[0], providers[1], providers[2], providers[3])
--- a/eveonline/tasks.py
+++ b/eveonline/tasks.py
@@ -12,6 +12,7 @@ from services.managers.eve_api_manager import EveApiManager
 from eveonline.models import EveCharacter
 from eveonline.models import EveCorporationInfo
 from eveonline.models import EveAllianceInfo
+from eveonline.providers import eve_adapter_factory, ObjectNotFound
 from authentication.tasks import set_state
 import logging
 import evelink
@@ -26,21 +27,16 @@ def refresh_api(api):
    try:
        EveApiManager.validate_api(api.api_id, api.api_key, api.user)
        # Update characters
-        characters = EveApiManager.get_characters_from_api(api.api_id, api.api_key)
-        EveManager.update_characters_from_list(characters)
-        new_character = False
-        for char in characters.result:
-            # Ensure we have a model for all characters on key
-            if not EveManager.check_if_character_exist(characters.result[char]['name']):
-                logger.debug(
-                    "API key %s has a new character on the account: %s" % (api.api_id, characters.result[char]['name']))
-                new_character = True
-        if new_character:
-            logger.debug("Creating new character %s from api key %s" % (characters.result[char]['name'], api.api_id))
-            EveManager.create_characters_from_list(characters, api.user, api.api_id)
+        characters = EveManager.get_characters_from_api(api)
+        for c in characters:
+            try:
+                EveManager.update_character_obj(c)
+            except EveCharacter.DoesNotExist:
+                logger.debug("API key %s has a new character on the account: %s" % (api.api_id, c))
+                EveManager.create_character_obj(c, api.user, api.api_id)
        current_chars = EveCharacter.objects.filter(api_id=api.api_id)
        for c in current_chars:
-            if not int(c.character_id) in characters.result:
+            if not int(c.character_id) in [c.id for c in characters]:
                logger.info("Character %s no longer found on API ID %s" % (c, api.api_id))
                c.delete()
    except evelink.api.APIError as e:
@@ -81,7 +77,7 @@ def refresh_user_apis(user):
    for x in apis:
        refresh_api(x)
    # Check our main character
-    auth = AuthServicesInfo.objects.get_or_create(user=user)[0]
+    auth = AuthServicesInfo.objects.get(user=user)
    if auth.main_char_id:
        if EveCharacter.objects.filter(character_id=auth.main_char_id).exists() is False:
            logger.info(
@@ -105,153 +101,64 @@ def run_api_refresh():
        refresh_user_apis.delay(u)


-def populate_alliance(id, blue=False):
-    logger.debug("Populating alliance model with id %s blue %s" % (id, blue))
-    alliance_info = EveApiManager.get_alliance_information(id)
-
-    if not alliance_info:
-        raise ValueError("Supplied alliance id %s is invalid" % id)
-
-    if not EveAllianceInfo.objects.filter(alliance_id=id).exists():
-        EveManager.create_alliance_info(alliance_info['id'], alliance_info['name'], alliance_info['ticker'],
-                                        alliance_info['executor_id'], alliance_info['member_count'], blue)
-    alliance = EveAllianceInfo.objects.get(alliance_id=id)
-    for member_corp in alliance_info['member_corps']:
-        if EveCorporationInfo.objects.filter(corporation_id=member_corp).exists():
-            corp = EveCorporationInfo.objects.get(corporation_id=member_corp)
-            if corp.alliance != alliance:
-                corp.alliance = alliance
-                corp.save()
-        else:
-            logger.info("Creating new alliance member corp id %s" % member_corp)
-            corpinfo = EveApiManager.get_corporation_information(member_corp)
-            EveManager.create_corporation_info(corpinfo['id'], corpinfo['name'], corpinfo['ticker'],
-                                               corpinfo['members']['current'], blue, alliance)
+@task
+def update_corp(id, is_blue=None):
+    EveManager.update_corporation(id, is_blue=is_blue)


@task
-def update_alliance(id):
-    alliance = EveAllianceInfo.objects.get(alliance_id=id)
-    corps = EveCorporationInfo.objects.filter(alliance=alliance)
-    logger.debug("Updating alliance %s with %s member corps" % (alliance, len(corps)))
-    allianceinfo = EveApiManager.get_alliance_information(alliance.alliance_id)
-    if allianceinfo:
-        EveManager.update_alliance_info(allianceinfo['id'], allianceinfo['executor_id'],
-                                        allianceinfo['member_count'], alliance.is_blue)
-        for corp in corps:
-            if corp.corporation_id in allianceinfo['member_corps'] is False:
-                logger.info("Corp %s no longer in alliance %s" % (corp, alliance))
-                corp.alliance = None
-                corp.save()
-        populate_alliance(alliance.alliance_id, blue=alliance.is_blue)
-    elif EveApiManager.check_if_alliance_exists(alliance.alliance_id) is False:
-        logger.info("Alliance %s has closed. Deleting model" % alliance)
-        alliance.delete()
-
-
-@task
-def update_corp(id):
-    corp = EveCorporationInfo.objects.get(corporation_id=id)
-    logger.debug("Updating corp %s" % corp)
-    corpinfo = EveApiManager.get_corporation_information(corp.corporation_id)
-    if corpinfo:
-        alliance = None
-        if EveAllianceInfo.objects.filter(alliance_id=corpinfo['alliance']['id']).exists():
-            alliance = EveAllianceInfo.objects.get(alliance_id=corpinfo['alliance']['id'])
-        EveManager.update_corporation_info(corpinfo['id'], corpinfo['members']['current'], alliance, corp.is_blue)
-    elif EveApiManager.check_if_corp_exists(corp.corporation_id) is False:
-        logger.info("Corp %s has closed. Deleting model" % corp)
-        corp.delete()
-
-        # Run Every 2 hours
+def update_alliance(id, is_blue=None):
+    EveManager.update_alliance(id, is_blue=is_blue)
+    EveManager.populate_alliance(id)


@periodic_task(run_every=crontab(minute=0, hour="*/2"))
 def run_corp_update():
-    if EveApiManager.check_if_api_server_online() is False:
+    if not EveApiManager.check_if_api_server_online():
        logger.warn("Aborted updating corp and alliance models: API server unreachable")
        return
-    standing_level = 'alliance'
-    try:
-        # get corp info for owning corp if required
-        ownercorpinfo = {}
-        if settings.IS_CORP:
-            standing_level = 'corp'
-            logger.debug("Getting information for owning corp with id %s" % settings.CORP_ID)
-            ownercorpinfo = EveApiManager.get_corporation_information(settings.CORP_ID)
-            if not ownercorpinfo:
-                logger.error("Failed to retrieve corp info for owning corp id %s - bad corp id?" % settings.CORP_ID)
-                return

-        # check if we need to update an alliance model
-        alliance_id = ''
-        if ownercorpinfo and ownercorpinfo['alliance']['id']:
-            alliance_id = ownercorpinfo['alliance']['id']
-        elif settings.IS_CORP is False:
-            alliance_id = settings.ALLIANCE_ID
+    # generate member corps
+    for corp_id in settings.STR_CORP_IDS + settings.STR_BLUE_CORP_IDS:
+        is_blue = True if corp_id in settings.STR_BLUE_CORP_IDS else False
+        try:
+            if EveCorporationInfo.objects.filter(corporation_id=corp_id).exists():
+                update_corp(corp_id, is_blue=is_blue)
+            else:
+                EveManager.create_corporation(corp_id, is_blue=is_blue)
+        except ObjectNotFound:
+            logger.warn('Bad corp ID in settings: %s' % corp_id)

-        # get and create alliance info for owning alliance if required
-        alliance = None
-        if alliance_id:
-            logger.debug("Getting information for owning alliance with id %s" % alliance_id)
-            ownerallianceinfo = EveApiManager.get_alliance_information(alliance_id)
-            if not ownerallianceinfo:
-                logger.error("Failed to retrieve corp info for owning alliance id %s - bad alliance id?" % alliance_id)
-                return
-            if EveAllianceInfo.objects.filter(alliance_id=ownerallianceinfo['id']).exists():
+    # generate member alliances
+    for alliance_id in settings.STR_ALLIANCE_IDS + settings.STR_BLUE_ALLIANCE_IDS:
+        is_blue = True if alliance_id in settings.STR_BLUE_ALLIANCE_IDS else False
+        try:
+            if EveAllianceInfo.objects.filter(alliance_id=alliance_id).exists():
                logger.debug("Updating existing owner alliance model with id %s" % alliance_id)
-                EveManager.update_alliance_info(ownerallianceinfo['id'], ownerallianceinfo['executor_id'],
-                                                ownerallianceinfo['member_count'], False)
+                update_alliance(alliance_id, is_blue=is_blue)
            else:
-                populate_alliance(alliance_id)
-                alliance = EveAllianceInfo.objects.get(alliance_id=alliance_id)
+                EveManager.create_alliance(alliance_id, is_blue=is_blue)
+                EveManager.populate_alliance(alliance_id)
+        except ObjectNotFound:
+            logger.warn('Bad alliance ID in settings: %s' % alliance_id)

-        # create corp info for owning corp if required
-        if ownercorpinfo:
-            if EveCorporationInfo.objects.filter(corporation_id=ownercorpinfo['id']).exists():
-                logger.debug("Updating existing owner corp model with id %s" % ownercorpinfo['id'])
-                EveManager.update_corporation_info(ownercorpinfo['id'], ownercorpinfo['members']['current'], alliance,
-                                                   False)
-            else:
-                logger.info("Creating model for owning corp with id %s" % ownercorpinfo['id'])
-                EveManager.create_corporation_info(ownercorpinfo['id'], ownercorpinfo['name'], ownercorpinfo['ticker'],
-                                                   ownercorpinfo['members']['current'], False, alliance)
+    # update existing corp models
+    for corp in EveCorporationInfo.objects.exclude(
+            corporation_id__in=settings.STR_CORP_IDS + settings.STR_BLUE_CORP_IDS):
+        update_corp.delay(corp.corporation_id)

-        # validate and create corp models for member corps of owning alliance
-        if alliance:
-            current_corps = EveCorporationInfo.objects.filter(alliance=alliance)
-            for corp in current_corps:
-                if corp.corporation_id in ownerallianceinfo['member_corps'] is False:
-                    logger.info("Corp %s is no longer in owning alliance %s - updating model." % (corp, alliance))
-                    corp.alliance = None
-                    corp.save()
-            for member_corp in ownerallianceinfo['member_corps']:
-                if EveCorporationInfo.objects.filter(corporation_id=member_corp).exists():
-                    corp = EveCorporationInfo.objects.get(corporation_id=member_corp)
-                    if corp.alliance == alliance is not True:
-                        logger.info("Associating corp %s with owning alliance %s" % (corp, alliance))
-                        corp.alliance = alliance
-                        corp.save()
-                else:
-                    corpinfo = EveApiManager.get_corporation_information(member_corp)
-                    logger.info("Creating model for owning alliance member corp with id %s" % corpinfo['id'])
-                    EveManager.create_corporation_info(corpinfo['id'], corpinfo['name'], corpinfo['ticker'],
-                                                       corpinfo['members']['current'], False, alliance)
-
-        # update existing corp models
-        for corp in EveCorporationInfo.objects.all():
-            update_corp.delay(corp.corporation_id)
-
-        # update existing alliance models
-        for alliance in EveAllianceInfo.objects.all():
-            update_alliance.delay(alliance.alliance_id)
+    # update existing alliance models
+    for alliance in EveAllianceInfo.objects.exclude(
+            alliance_id__in=settings.STR_ALLIANCE_IDS + settings.STR_BLUE_ALLIANCE_IDS):
+        update_alliance.delay(alliance.alliance_id)

+    try:
        # create standings
        standings = EveApiManager.get_corp_standings()
        if standings:
-            standings = standings[standing_level]
+            standings = standings[settings.STANDING_LEVEL]
            for standing in standings:
-                if int(standings[standing]['standing']) >= settings.BLUE_STANDING:
+                if float(standings[standing]['standing']) >= settings.BLUE_STANDING:
                    logger.debug("Standing %s meets threshold" % standing)
                    if EveApiManager.check_if_id_is_alliance(standing):
                        logger.debug("Standing %s is an alliance" % standing)
@@ -262,7 +169,7 @@ def run_corp_update():
                                alliance.is_blue = True
                                alliance.save()
                        else:
-                            populate_alliance(standing, blue=True)
+                            EveManager.create_alliance(standing, is_blue=True)
                    elif EveApiManager.check_if_id_is_corp(standing):
                        logger.debug("Standing %s is a corp" % standing)
                        if EveCorporationInfo.objects.filter(corporation_id=standing).exists():
@@ -273,13 +180,7 @@ def run_corp_update():
                                corp.save()
                        else:
                            logger.info("Creating model for blue corp with id %s" % standing)
-                            corpinfo = EveApiManager.get_corporation_information(standing)
-                            corp_alliance = None
-                            if EveAllianceInfo.objects.filter(alliance_id=corpinfo['alliance']['id']).exists():
-                                logger.debug("New corp model for standing %s has existing alliance model" % standing)
-                                corp_alliance = EveAllianceInfo.objects.get(alliance_id=corpinfo['alliance']['id'])
-                            EveManager.create_corporation_info(corpinfo['id'], corpinfo['name'], corpinfo['ticker'],
-                                                               corpinfo['members']['current'], True, corp_alliance)
+                            EveManager.create_corporation(standing, is_blue=True)

        # update alliance standings
        for alliance in EveAllianceInfo.objects.filter(is_blue=True):
@@ -288,7 +189,7 @@ def run_corp_update():
                    logger.info("Alliance %s no longer meets minimum blue standing threshold" % alliance)
                    alliance.is_blue = False
                    alliance.save()
-            else:
+            elif alliance.alliance_id not in settings.STR_BLUE_ALLIANCE_IDS:
                logger.info("Alliance %s no longer in standings" % alliance)
                alliance.is_blue = False
                alliance.save()
@@ -300,7 +201,7 @@ def run_corp_update():
                    logger.info("Corp %s no longer meets minimum blue standing threshold" % corp)
                    corp.is_blue = False
                    corp.save()
-            else:
+            elif corp.corporation_id not in settings.STR_BLUE_CORP_IDS:
                if corp.alliance:
                    if not corp.alliance.is_blue:
                        logger.info("Corp %s and its alliance %s are no longer blue" % (corp, corp.alliance))
@@ -310,43 +211,12 @@ def run_corp_update():
                    logger.info("Corp %s is no longer blue" % corp)
                    corp.is_blue = False
                    corp.save()
-
-        # delete unnecessary alliance models
-        for alliance in EveAllianceInfo.objects.filter(is_blue=False):
-            logger.debug("Checking to delete alliance %s" % alliance)
-            if not settings.IS_CORP:
-                if not alliance.alliance_id == settings.ALLIANCE_ID:
-                    logger.info("Deleting unnecessary alliance model %s" % alliance)
-                    alliance.delete()
-            else:
-                if not alliance.evecorporationinfo_set.filter(corporation_id=settings.CORP_ID).exists():
-                    logger.info("Deleting unnecessary alliance model %s" % alliance)
-                    alliance.delete()
-
-        # delete unnecessary corp models
-        for corp in EveCorporationInfo.objects.filter(is_blue=False):
-            logger.debug("Checking to delete corp %s" % corp)
-            if not settings.IS_CORP:
-                if corp.alliance:
-                    logger.debug("Corp %s has alliance %s" % (corp, corp.alliance))
-                    if not corp.alliance.alliance_id == settings.ALLIANCE_ID:
-                        logger.info("Deleting unnecessary corp model %s" % corp)
-                        corp.delete()
-                else:
-                    logger.info("Deleting unnecessary corp model %s" % corp)
-                    corp.delete()
-            else:
-                if corp.corporation_id != settings.CORP_ID:
-                    logger.debug("Corp %s is not owning corp" % corp)
-                    if corp.alliance:
-                        logger.debug("Corp %s has alliance %s" % (corp, corp.alliance))
-                        if not corp.alliance.evecorporationinfo_set.filter(corporation_id=settings.CORP_ID).exists():
-                            logger.info("Deleting unnecessary corp model %s" % corp)
-                            corp.delete()
-                    else:
-                        logger.info("Deleting unnecessary corp model %s" % corp)
-                        corp.delete()
-                else:
-                    logger.debug("Corp %s is owning corp" % corp)
    except evelink.api.APIError as e:
        logger.error("Model update failed with error code %s" % e.code)
+
+    # delete unnecessary alliance models
+    EveAllianceInfo.objects.filter(is_blue=False).exclude(alliance_id__in=settings.STR_ALLIANCE_IDS).delete()
+
+    # delete unnecessary corp models
+    EveCorporationInfo.objects.filter(is_blue=False).exclude(corporation_id__in=settings.STR_CORP_IDS).exclude(
+        alliance__alliance_id__in=settings.STR_ALLIANCE_IDS).delete()
--- a/eveonline/templatetags/init.py
+++ b/eveonline/templatetags/init.py
--- a/eveonline/templatetags/eveonline_extras.py
+++ b/eveonline/templatetags/eveonline_extras.py
@@ -0,0 +1,17 @@
+from django import template
+from django.conf import settings
+from django.utils.safestring import mark_safe
+
+register = template.Library()
+
+
+@register.filter(name='api_link')
+def api_link(api, style_class):
+    if settings.API_KEY_AUDIT_URL:
+        url = settings.API_KEY_AUDIT_URL.format(api_id=api.api_id, vcode=api.api_key, pk=api.pk)
+        element = "<a href='{url}' class='{style}' target='_new'>{api_id}</a>".format(url=url, style=style_class,
+                                                                                      api_id=api.api_id)
+    else:
+        element = "<a href='#' class='{style}' onclick='return prompt({prompt}, {vcode})'>{api_id}</a>".format(
+            style=style_class, prompt='"Verification Code"', vcode='"%s"' % api.api_key, api_id=api.api_id)
+    return mark_safe(element)
--- a/eveonline/views.py
+++ b/eveonline/views.py
@@ -2,7 +2,7 @@ from __future__ import unicode_literals
 from django.shortcuts import render, redirect, get_object_or_404
 from django.contrib.auth.decorators import login_required
 from django.contrib import messages
-
+from django.utils.translation import ugettext_lazy as _
 from eveonline.forms import UpdateKeyForm
 from eveonline.managers import EveManager
 from authentication.managers import AuthServicesInfoManager
@@ -11,8 +11,7 @@ from eveonline.models import EveApiKeyPair, EveCharacter
 from authentication.models import AuthServicesInfo
 from authentication.tasks import set_state
 from eveonline.tasks import refresh_api
-
-from eve_sso.decorators import token_required
+from esi.decorators import token_required
 from django.conf import settings
 import logging

@@ -30,7 +29,7 @@ def add_api_key(request):
                                            api_key=form.cleaned_data['api_key']).exists():
                # allow orphaned keys to proceed to SSO validation upon re-entry
                api_key = EveApiKeyPair.objects.get(api_id=form.cleaned_data['api_id'],
-                                                   api_key=form.cleaned_data['api_key'])
+                                                    api_key=form.cleaned_data['api_key'])
            elif EveApiKeyPair.objects.filter(api_id=form.cleaned_data['api_id']).exists():
                logger.warn('API %s re-added with different vcode.' % form.cleaned_data['api_id'])
                EveApiKeyPair.objects.filter(api_id=form.cleaned_data['api_id']).delete()
@@ -46,19 +45,19 @@ def add_api_key(request):
                api_key.save()
                owner = request.user
            # Grab characters associated with the key pair
-            characters = EveApiManager.get_characters_from_api(form.cleaned_data['api_id'],
-                                                               form.cleaned_data['api_key'])
-            EveManager.create_characters_from_list(characters, owner, form.cleaned_data['api_id'])
+            characters = EveManager.get_characters_from_api(api_key)
+            [EveManager.create_character_obj(c, owner, api_key.api_id) for c in characters if
+             not EveCharacter.objects.filter(character_id=c.id).exists()]
            logger.info("Successfully processed api add form for user %s" % request.user)
            if not settings.API_SSO_VALIDATION:
-                messages.success(request, 'Added API key %s to your account.' % form.cleaned_data['api_id'])
-                auth = AuthServicesInfo.objects.get_or_create(user=request.user)[0]
+                messages.success(request, _('Added API key %(apiid)s to your account.') % {"apiid": form.cleaned_data['api_id']})
+                auth = AuthServicesInfo.objects.get(user=request.user)
                if not auth.main_char_id:
                    return redirect('auth_characters')
-                return redirect("/api_key_management/")
+                return redirect("auth_dashboard")
            else:
                logger.debug('Requesting SSO validation of API %s by user %s' % (api_key.api_id, request.user))
-                return render(request, 'registered/apisso.html', context={'api':api_key})
+                return render(request, 'registered/apisso.html', context={'api': api_key})
        else:
            logger.debug("Form invalid: returning to form.")
    else:
@@ -70,18 +69,17 @@ def add_api_key(request):

@login_required
@token_required(new=True)
-def api_sso_validate(request, tokens, api_id):
+def api_sso_validate(request, token, api_id):
    logger.debug('api_sso_validate called by user %s for api %s' % (request.user, api_id))
    api = get_object_or_404(EveApiKeyPair, api_id=api_id)
    if api.user and api.user != request.user:
        logger.warning('User %s attempting to take ownership of api %s from %s' % (request.user, api_id, api.user))
-        messages.warning(request, 'API %s already claimed by user %s' % (api_id, api.user))
-        return redirect('auth_api_key_management')
+        messages.warning(request, _('API %(apiid)s already claimed by user %(user)s') % {"apiid": api_id, "user": api.user})
+        return redirect('auth_dashboard')
    elif api.sso_verified:
        logger.debug('API %s has already been verified.' % api_id)
-        messages.info(request, 'API %s has already been verified' % api_id)
-        return redirect('auth_api_key_management')
-    token = tokens[0]
+        messages.info(request, _('API %(apiid)s has already been verified') % {"apiid": api_id})
+        return redirect('auth_dashboard')
    logger.debug('API %s has not been verified. Checking if token for %s matches.' % (api_id, token.character_name))
    characters = EveApiManager.get_characters_from_api(api.api_id, api.api_key).result
    if token.character_id in characters:
@@ -89,61 +87,74 @@ def api_sso_validate(request, tokens, api_id):
        api.sso_verified = True
        api.save()
        EveCharacter.objects.filter(character_id__in=characters).update(user=request.user, api_id=api_id)
-        messages.success(request, 'Confirmed ownership of API %s' % api.api_id)
-        auth, c = AuthServicesInfo.objects.get_or_create(user=request.user)
+        messages.success(request, _('Confirmed ownership of API %(apiid)s') % {"apiid": api.api_id})
+        auth = AuthServicesInfo.objects.get(user=request.user)
        if not auth.main_char_id:
            return redirect('auth_characters')
-        return redirect('auth_api_key_management')
+        return redirect('auth_dashboard')
    else:
-        messages.warning(request, '%s not found on API %s. Please SSO as a character on the API.' % (token.character_name, api.api_id))
-    return render(request, 'registered/apisso.html', context={'api':api})
+        messages.warning(request, _('%(character)s not found on API %(apiid)s. Please SSO as a character on the API.') % {
+            "character": token.character_name, "apiid": api.api_id})
+    return render(request, 'registered/apisso.html', context={'api': api})


@login_required
-def api_key_management_view(request):
-    logger.debug("api_key_management_view called by user %s" % request.user)
-    context = {
-        'apikeypairs': EveManager.get_api_key_pairs(request.user.id),
-        'api_sso_validation': settings.API_SSO_VALIDATION or False
-    }
+def dashboard_view(request):
+    logger.debug("dashboard_view called by user %s" % request.user)
+    auth_info = AuthServicesInfo.objects.get(user=request.user)
+    apikeypairs = EveManager.get_api_key_pairs(request.user.id)
+    sso_validation = settings.API_SSO_VALIDATION or False
+    api_chars = []

-    return render(request, 'registered/apikeymanagment.html', context=context)
+    if apikeypairs:
+        for api in apikeypairs:
+            api_chars.append({
+                'id': api.api_id,
+                'sso_verified': api.sso_verified if sso_validation else True,
+                'characters': EveCharacter.objects.filter(api_id=api.api_id),
+            })
+
+    context = {
+        'main': EveManager.get_character_by_id(auth_info.main_char_id),
+        'apis': api_chars,
+        'api_sso_validation': settings.API_SSO_VALIDATION or False,
+    }
+    return render(request, 'registered/dashboard.html', context=context)


@login_required
 def api_key_removal(request, api_id):
    logger.debug("api_key_removal called by user %s for api id %s" % (request.user, api_id))
-    authinfo = AuthServicesInfo.objects.get_or_create(user=request.user)[0]
+    authinfo = AuthServicesInfo.objects.get(user=request.user)
    EveManager.delete_api_key_pair(api_id, request.user.id)
    EveManager.delete_characters_by_api_id(api_id, request.user.id)
-    messages.success(request, 'Deleted API key %s' % api_id)
+    messages.success(request, _('Deleted API key %(apiid)s') % {"apiid": api_id})
    logger.info("Succesfully processed api delete request by user %s for api %s" % (request.user, api_id))
-    if EveCharacter.objects.filter(character_id=authinfo.main_char_id).exists():
-        return redirect("auth_api_key_management")
-    else:
+    if not EveCharacter.objects.filter(character_id=authinfo.main_char_id).exists():
        authinfo.main_char_id = None
        authinfo.save()
        set_state(request.user)
-        return redirect("auth_characters")
+    return redirect("auth_dashboard")


@login_required
 def characters_view(request):
    logger.debug("characters_view called by user %s" % request.user)
-    render_items = {'characters': EveManager.get_characters_by_owner_id(request.user.id),
-                    'authinfo': AuthServicesInfo.objects.get_or_create(user=request.user)[0]}
+    render_items = {'characters': EveCharacter.objects.filter(user=request.user),
+                    'authinfo': AuthServicesInfo.objects.get(user=request.user)}
    return render(request, 'registered/characters.html', context=render_items)


@login_required
 def main_character_change(request, char_id):
    logger.debug("main_character_change called by user %s for character id %s" % (request.user, char_id))
-    if EveManager.check_if_character_owned_by_user(char_id, request.user):
+    if EveCharacter.objects.filter(character_id=char_id).exists() and EveCharacter.objects.get(
+            character_id=char_id).user == request.user:
        AuthServicesInfoManager.update_main_char_id(char_id, request.user)
-        messages.success(request, 'Changed main character ID to %s' % char_id)
+        messages.success(request, _('Changed main character ID to %(charid)s') % {"charid": char_id})
        set_state(request.user)
-        return redirect("auth_characters")
-    messages.error(request, 'Failed to change main character - selected character is not owned by your account.')
+        return redirect("auth_dashboard")
+    messages.error(request, _('Failed to change main character - selected character is not owned by your account.'))
    return redirect("auth_characters")


@@ -154,12 +165,12 @@ def user_refresh_api(request, api_id):
        api_key_pair = EveApiKeyPair.objects.get(api_id=api_id)
        if api_key_pair.user == request.user:
            refresh_api(api_key_pair)
-            messages.success(request, 'Refreshed API key %s' % api_id)
+            messages.success(request, _('Refreshed API key %(apiid)s') % {"apiid": api_id})
            set_state(request.user)
        else:
-            messages.warning(request, 'You are not authorized to refresh that API key.')
+            messages.warning(request, _('You are not authorized to refresh that API key.'))
            logger.warn("User %s not authorized to refresh api id %s" % (request.user, api_id))
    else:
-        messages.warning(request, 'Unable to locate API key %s' % api_id)
+        messages.warning(request, _('Unable to locate API key %(apiid)s') % {"apiid": api_id})
        logger.warn("User %s unable to refresh api id %s - api key not found" % (request.user, api_id))
-    return redirect("auth_api_key_management")
+    return redirect("auth_dashboard")
--- a/fleetactivitytracking/templates/fleetactivitytracking/characternotexisting.html
+++ b/fleetactivitytracking/templates/fleetactivitytracking/characternotexisting.html
@@ -0,0 +1,26 @@
+{% extends 'public/base.html' %}
+{% load i18n %}
+{% block title %}Fleet Participation{% endblock %}
+{% block page_title %}{% trans "Fleet Participation" %}{% endblock %}
+<div class="col-lg-12">
+    <h1 class="page-header text-center">{% trans "Character not found!" %}</h1>
+    <div class="col-lg-12 container" id="example">
+        <div class="row">
+            <div class="col-lg-12">
+                <div class="panel panel-default">
+                    <div class="panel-heading">{{ character_name }}</div>
+                    <div class="panel-body">
+                        <div class="col-lg-2 col-sm-2">
+                             <img class="ra-avatar img-responsive" src="https://image.eveonline.com/Character/{{ character_id }}_128.jpg">
+                        </div>
+                        <div class="col-lg-10 col-sm-2">
+                            <div class="alert alert-danger" role="alert">{% trans "Character not registered!" %}</div>
+                            {% trans "This character is not part of any registered API-key. You must go to" %} <a href=" {% url 'auth_api_key_management' %}">{% trans "API key management</a> and add an API with the character on before being able to click fleet attendance links." %}
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+{% endblock %}
--- a/fleetactivitytracking/templates/fleetactivitytracking/fatlinkformatter.html
+++ b/fleetactivitytracking/templates/fleetactivitytracking/fatlinkformatter.html
--- a/fleetactivitytracking/templates/fleetactivitytracking/fatlinkmodify.html
+++ b/fleetactivitytracking/templates/fleetactivitytracking/fatlinkmodify.html
@@ -0,0 +1,59 @@
+{% extends "public/base.html" %}
+{% load bootstrap %}
+{% load staticfiles %}
+{% load i18n %}
+{% load bootstrap_pagination %}
+{% block title %}Alliance Auth{% endblock %}
+{% block page_title %}{% trans "Fatlink view" %}{% endblock page_title %}
+
+{% block content %}
+    <div class="col-lg-12">
+        <h1 class="page-header text-center">{% trans "Edit fatlink" %} "{{ fatlink }}"
+            <div class="text-right">
+                <form>
+                    <button type="submit" onclick="return confirm('Are you sure?')" class="btn btn-danger" name="deletefat" value="True">
+                        {% trans "Delete fat" %}
+                    </button>
+                </form>
+            </div>
+        </h1>
+        <div class="panel panel-default">
+            <div class="panel-heading">{% trans "Registered characters" %}</div>
+            <div class="panel-body">
+                <div class="text-center">
+                    {% bootstrap_paginate registered_fats range=10 %}
+                </div>
+                <table class="table table-responsive table-hover">
+                    <tr>
+                        <th class="text-center">{% trans "User" %}</th>
+                        <th class="text-center">{% trans "Character" %}</th>
+                        <th class="text-center">{% trans "System" %}</th>
+                        <th class="text-center">{% trans "Ship" %}</th>
+                        <th class="text-center">{% trans "Eve Time" %}</th>
+                        <th></th>
+                    </tr>
+                    {% for fat in registered_fats %}
+                        <tr>
+                            <td class="text-center">{{ fat.user }}</td>
+                            <td class="text-center">{{ fat.character.character_name }}</td>
+                            {%  if fat.station != "No Station" %}
+                                <td class="text-center">{% blocktrans %}Docked in {{ fat.system }}{% endblocktrans %}</td>
+                            {% else %}
+                                <td class="text-center">{{ fat.system }}</td>
+                            {% endif %}
+                            <td class="text-center">{{ fat.shiptype }}</td>
+                            <td class="text-center">{{ fat.fatlink.fatdatetime }}</td>
+                            <td class="text-center">
+                                <form>
+                                    <button type="submit" class="btn btn-warning" name="removechar" value="{{ fat.character.character_id }}">
+                                        <span class="glyphicon glyphicon-remove"></span>
+                                    </button>
+                                </form>
+                            </td>
+                        </tr>
+                    {% endfor %}
+                </table>
+            </div>
+        </div>
+    </div>
+{% endblock content %}
--- a/Show More
+++ b/Show More