Version Bump 3.8.0

Update source language strings
Merge branch 'transifex' into 'master'
2026-02-04 06:06:19 +01:00 · 2023-11-09 00:00:28 +10:00 · 2023-11-08 23:56:16 +10:00 · 2023-11-08 13:48:26 +00:00 · 2023-11-08 13:48:26 +00:00 · 2023-11-08 13:05:25 +00:00
641 changed files with 25618 additions and 12220 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -22,3 +22,7 @@ indent_style = tab

 [*.bat]
 indent_style = tab
+
+[{Dockerfile,*.dockerfile}]
+indent_style = space
+indent_size = 4
--- a/.gitignore
+++ b/.gitignore
@@ -38,7 +38,6 @@ htmlcov/
 .tox/
 .coverage
 .cache
-nosetests.xml
 coverage.xml

 # Translations
@@ -70,9 +69,6 @@ celerybeat-schedule
 #gitlab configs
 .gitlab/

-#transifex
-.tx/
-
 #other
 .flake8
 .pylintrc
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,12 +1,20 @@
+.only-default: &only-default
+  only:
+    - master
+    - branches
+    - merge_requests
+
 stages:
- pre-commit
- gitlab
- test
- deploy
+  - pre-commit
+  - gitlab
+  - test
+  - deploy
+  - docker

 include:
- template: Dependency-Scanning.gitlab-ci.yml
- template: Security/SAST.gitlab-ci.yml
+  - template: Dependency-Scanning.gitlab-ci.yml
+  - template: Security/SAST.gitlab-ci.yml
+  - template: Security/Secret-Detection.gitlab-ci.yml

 before_script:
  - apt-get update && apt-get install redis-server -y
@@ -15,8 +23,9 @@ before_script:
  - pip install wheel tox

 pre-commit-check:
+  <<: *only-default
  stage: pre-commit
-  image: python:3.6-buster
+  image: python:3.10-bullseye
  variables:
    PRE_COMMIT_HOME: ${CI_PROJECT_DIR}/.cache/pre-commit
  cache:
@@ -33,75 +42,239 @@ sast:
 dependency_scanning:
  stage: gitlab
  before_script:
-  - apt-get update && apt-get install redis-server libmariadb-dev -y
-  - redis-server --daemonize yes
-  - python -V
-  - pip install wheel tox
+    - apt-get update && apt-get install redis-server libmariadb-dev -y
+    - redis-server --daemonize yes
+    - python -V
+    - pip install wheel tox

-test-3.7-core:
-  image: python:3.7-bullseye
-  script:
-  - tox -e py37-core
-  artifacts:
-    when: always
-    reports:
-      cobertura: coverage.xml
+secret_detection:
+  stage: gitlab
+  before_script: []

 test-3.8-core:
+  <<: *only-default
  image: python:3.8-bullseye
  script:
-  - tox -e py38-core
+    - tox -e py38-core
  artifacts:
    when: always
    reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml

 test-3.9-core:
+  <<: *only-default
  image: python:3.9-bullseye
  script:
-  - tox -e py39-core
+    - tox -e py39-core
  artifacts:
    when: always
    reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml

-test-3.7-all:
-  image: python:3.7-bullseye
+test-3.10-core:
+  <<: *only-default
+  image: python:3.10-bullseye
  script:
-  - tox -e py37-all
+    - tox -e py310-core
  artifacts:
    when: always
    reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.11-core:
+  <<: *only-default
+  image: python:3.11-bullseye
+  script:
+    - tox -e py311-core
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-pvpy-core:
+  <<: *only-default
+  image: pypy:3.9-bullseye
+  script:
+    - tox -e pypy-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+  allow_failure: true

 test-3.8-all:
+  <<: *only-default
  image: python:3.8-bullseye
  script:
-  - tox -e py38-all
+    - tox -e py38-all
  artifacts:
    when: always
    reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml

 test-3.9-all:
+  <<: *only-default
  image: python:3.9-bullseye
  script:
-  - tox -e py39-all
+    - tox -e py39-all
  artifacts:
    when: always
    reports:
-      cobertura: coverage.xml
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.10-all:
+  <<: *only-default
+  image: python:3.10-bullseye
+  script:
+    - tox -e py310-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+test-3.11-all:
+  <<: *only-default
+  image: python:3.11-bullseye
+  script:
+    - tox -e py311-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+  coverage: '/(?i)total.*? (100(?:\.0+)?\%|[1-9]?\d(?:\.\d+)?\%)$/'
+
+test-pvpy-all:
+  <<: *only-default
+  image: pypy:3.9-bullseye
+  script:
+    - tox -e pypy-all
+  artifacts:
+    when: always
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+  allow_failure: true
+
+build-test:
+  stage: test
+  image: python:3.10-bullseye
+
+  before_script:
+    - python -m pip install --upgrade pip
+    - python -m pip install --upgrade build
+    - python -m pip install --upgrade setuptools wheel
+
+  script:
+    - python -m build
+
+  artifacts:
+    when: always
+    name: "$CI_JOB_NAME-$CI_COMMIT_REF_SLUG"
+    paths:
+      - dist/*
+    expire_in: 1 year
+
+test-docs:
+  <<: *only-default
+  image: python:3.10-bullseye
+  script:
+  - tox -e docs

 deploy_production:
  stage: deploy
-  image: python:3.9-bullseye
+  image: python:3.10-bullseye

  before_script:
-    - pip install twine wheel
+    - python -m pip install --upgrade pip
+    - python -m pip install --upgrade build
+    - python -m pip install --upgrade setuptools wheel twine

  script:
-    - python setup.py sdist bdist_wheel
-    - twine upload dist/*
+    - python -m build
+    - python -m twine upload dist/*

  rules:
    - if: $CI_COMMIT_TAG
+
+build-image:
+  before_script: []
+  image: docker:20.10.10
+  stage: docker
+  services:
+    - docker:20.10.10-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_SHORT_SHA
+    CURRENT_TAG=$CI_REGISTRY_IMAGE/auth:$CI_COMMIT_TAG
+    MINOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1-2)
+    MAJOR_TAG=$CI_REGISTRY_IMAGE/auth:$(echo $CI_COMMIT_TAG | cut -d '.' -f 1)
+    LATEST_TAG=$CI_REGISTRY_IMAGE/auth:latest
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_VERSION=$(echo $CI_COMMIT_TAG | cut -c 2-)
+    docker tag $IMAGE_TAG $CURRENT_TAG
+    docker tag $IMAGE_TAG $MINOR_TAG
+    docker tag $IMAGE_TAG $MAJOR_TAG
+    docker tag $IMAGE_TAG $LATEST_TAG
+    docker image push --all-tags $CI_REGISTRY_IMAGE/auth
+  rules:
+    - if: $CI_COMMIT_TAG
+      when: delayed
+      start_in: 10 minutes
+
+build-image-dev:
+  before_script: []
+  image: docker:20.10.10
+  stage: docker
+  services:
+    - docker:20.10.10-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_COMMIT_BRANCH-$CI_COMMIT_SHORT_SHA
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+https://gitlab.com/allianceauth/allianceauth@$CI_COMMIT_BRANCH
+    docker push $IMAGE_TAG
+  rules:
+    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME == ""'
+      when: manual
+    - if: '$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME != ""'
+      when: never
+
+build-image-mr:
+  before_script: []
+  image: docker:20.10.10
+  stage: docker
+  services:
+    - docker:20.10.10-dind
+  script: |
+    CURRENT_DATE=$(echo $CI_COMMIT_TIMESTAMP | head -c 10 | tr -d -)
+    IMAGE_TAG=$CI_REGISTRY_IMAGE/auth:$CURRENT_DATE-$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME-$CI_COMMIT_SHORT_SHA
+
+    docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+    docker build . -t $IMAGE_TAG -f docker/Dockerfile --build-arg AUTH_PACKAGE=git+$CI_MERGE_REQUEST_SOURCE_PROJECT_URL@$CI_MERGE_REQUEST_SOURCE_BRANCH_NAME
+    docker push $IMAGE_TAG
+  rules:
+    - if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
+      when: manual
+    - if: '$CI_PIPELINE_SOURCE != "merge_request_event"'
+      when: never
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -5,24 +5,75 @@

 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.0.1
+    rev: v4.4.0
    hooks:
-      - id: check-case-conflict
-      - id: check-json
-      - id: check-xml
+      # Identify invalid files
+      - id: check-ast
      - id: check-yaml
-      - id: fix-byte-order-marker
-      - id: trailing-whitespace
-        exclude: (\.min\.css|\.min\.js|\.mo|\.po|swagger\.json)$
-      - id: end-of-file-fixer
-        exclude: (\.min\.css|\.min\.js|\.mo|\.po|swagger\.json)$
-      - id: mixed-line-ending
-        args: [ '--fix=lf' ]
+      - id: check-json
+      - id: check-toml
+      - id: check-xml
+
+      # git checks
+      - id: check-merge-conflict
+      - id: check-added-large-files
+        args: [ --maxkb=1000 ]
+      - id: detect-private-key
+      - id: check-case-conflict
+
+      # Python checks
+#      - id: check-docstring-first
+      - id: debug-statements
+#      - id: requirements-txt-fixer
      - id: fix-encoding-pragma
-        args: [ '--remove' ]
+        args: [ --remove ]
+      - id: fix-byte-order-marker
+
+      # General quality checks
+      - id: mixed-line-ending
+        args: [ --fix=lf ]
+      - id: trailing-whitespace
+        args: [ --markdown-linebreak-ext=md ]
+        exclude: |
+          (?x)(
+            \.min\.css|
+            \.min\.js|
+            \.po|
+            \.mo|
+            swagger\.json
+          )
+      - id: check-executables-have-shebangs
+      - id: end-of-file-fixer
+        exclude: |
+          (?x)(
+            \.min\.css|
+            \.min\.js|
+            \.po|
+            \.mo|
+            swagger\.json
+          )

  - repo: https://github.com/editorconfig-checker/editorconfig-checker.python
-    rev: 2.3.5
+    rev: 2.7.2
    hooks:
      - id: editorconfig-checker
-        exclude: ^(LICENSE|allianceauth\/static\/css\/themes\/bootstrap-locals.less|allianceauth\/eveonline\/swagger.json|(.*.po)|(.*.mo))
+        exclude: |
+          (?x)(
+            LICENSE|
+            allianceauth\/static\/allianceauth\/css\/themes\/bootstrap-locals.less|
+            \.po|
+            \.mo|
+            swagger\.json
+          )
+
+  - repo: https://github.com/adamchainz/django-upgrade
+    rev: 1.14.0
+    hooks:
+      - id: django-upgrade
+        args: [ --target-version=4.0 ]
+
+  - repo: https://github.com/asottile/pyupgrade
+    rev: v3.10.1
+    hooks:
+      - id: pyupgrade
+        args: [ --py38-plus ]
--- a/.readthedocs.yml
+++ b/.readthedocs.yml
@@ -5,19 +5,22 @@
 # Required
 version: 2

+# Set the version of Python and other tools you might need
+build:
+  os: ubuntu-20.04
+  apt_packages:
+    - redis
+  tools:
+    python: "3.8"
+
 # Build documentation in the docs/ directory with Sphinx
 sphinx:
  configuration: docs/conf.py

-# Build documentation with MkDocs
-#mkdocs:
-#  configuration: mkdocs.yml
-
 # Optionally build your docs in additional formats such as PDF and ePub
 formats: all

 # Optionally set the version of Python and requirements required to build your docs
 python:
-  version: 3.7
  install:
    - requirements: docs/requirements.txt
--- a/.tx/config
+++ b/.tx/config
@@ -0,0 +1,10 @@
+[main]
+host     = https://app.transifex.com
+lang_map = zh-Hans: zh_Hans
+
+[o:alliance-auth:p:alliance-auth:r:django-po]
+file_filter  = allianceauth/locale/<lang>/LC_MESSAGES/django.po
+source_file  = allianceauth/locale/en/LC_MESSAGES/django.po
+source_lang  = en
+type         = PO
+minimum_perc = 0
--- a/.tx/transifex.yml
+++ b/.tx/transifex.yml
@@ -0,0 +1,10 @@
+filters:
+  - filter_type: file
+    file_format: PO
+    source_file: allianceauth/locale/en/LC_MESSAGES/django.po
+    source_language: en
+    translation_files_expression: allianceauth/locale/<lang>/LC_MESSAGES/django.po
+
+settings:
+  language_mapping:
+    zh-Hans: zh_Hans
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -1,7 +0,0 @@
-include LICENSE
-include README.md
-include MANIFEST.in
-graft allianceauth
-
-global-exclude __pycache__
-global-exclude *.py[co]
--- a/README.md
+++ b/README.md
@@ -36,7 +36,7 @@ Main features:

 - Can be easily extended with additional services and apps. Many are provided by the community and can be found here: [Community Creations](https://gitlab.com/allianceauth/community-creations)

- English :flag_gb:, Chinese :flag_cn:, German :flag_de:, Spanish :flag_es:, Korean :flag_kr: and Russian :flag_ru: localization
+- English :flag_gb:, Chinese :flag_cn:, German :flag_de:, Spanish :flag_es:, Korean :flag_kr:, Russian :flag_ru:, Italian :flag_it:, French :flag_fr:, Japanese :flag_jp: and Ukrainian :flag_ua: Localization

 For further details about AA - including an installation guide and a full list of included services and plugin apps - please see the [official documentation](http://allianceauth.rtfd.io).

@@ -56,13 +56,15 @@ Here is an example of the Alliance Auth web site with some plug-ins apps and ser

 - [Aaron Kable](https://gitlab.com/aaronkable/)
 - [Ariel Rin](https://gitlab.com/soratidus999/)
- [Basraah](https://gitlab.com/basraah/)
 - [Col Crunch](https://gitlab.com/colcrunch/)
 - [Erik Kalkoken](https://gitlab.com/ErikKalkoken/)
+- [Rounon Dax](https://gitlab.com/ppfeufer)
+- [snipereagle1](https://gitlab.com/mckernanin)

 ### Former Developers

 - [Adarnof](https://gitlab.com/adarnof/)
+- [Basraah](https://gitlab.com/basraah/)

 ### Beta Testers / Bug Fixers

--- a/allianceauth/init.py
+++ b/allianceauth/init.py
@@ -1,8 +1,11 @@
+"""An auth system for EVE Online to help in-game organizations
+manage online service access.
+"""
+
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.

-__version__ = '2.9.0'
+__version__ = '3.8.0'
 __title__ = 'Alliance Auth'
 __url__ = 'https://gitlab.com/allianceauth/allianceauth'
-NAME = '%s v%s' % (__title__, __version__)
-default_app_config = 'allianceauth.apps.AllianceAuthConfig'
+NAME = f'{__title__} v{__version__}'
--- a/allianceauth/analytics/init.py
+++ b/allianceauth/analytics/init.py
@@ -1 +0,0 @@
-default_app_config = 'allianceauth.analytics.apps.AnalyticsConfig'
--- a/allianceauth/analytics/middleware.py
+++ b/allianceauth/analytics/middleware.py
@@ -1,5 +1,6 @@
 from bs4 import BeautifulSoup

+from django.conf import settings
 from django.utils.deprecation import MiddlewareMixin
 from .models import AnalyticsTokens, AnalyticsIdentifier
 from .tasks import send_ga_tracking_web_view
@@ -10,6 +11,8 @@ import re
 class AnalyticsMiddleware(MiddlewareMixin):
    def process_response(self, request, response):
        """Django Middleware: Process Page Views and creates Analytics Celery Tasks"""
+        if getattr(settings, "ANALYTICS_DISABLED", False):
+            return response
        analyticstokens = AnalyticsTokens.objects.all()
        client_id = AnalyticsIdentifier.objects.get(id=1).identifier.hex
        try:
--- a/allianceauth/analytics/migrations/0004_auto_20211015_0502.py
+++ b/allianceauth/analytics/migrations/0004_auto_20211015_0502.py
@@ -1,11 +1,11 @@
 # Generated by Django 3.1.13 on 2021-10-15 05:02

+from django.core.exceptions import ObjectDoesNotExist
 from django.db import migrations


 def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
-    # We can't import the Person model directly as it may be a newer
-    # version than this migration expects. We use the historical version.
+    # Add /admin/ and /user_notifications_count/ path to ignore

    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
    admin = AnalyticsPath.objects.create(ignore_path=r"^\/admin\/.*")
@@ -17,8 +17,19 @@ def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):


 def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
-    # nothing should need to migrate away here?
-    return True
+    #
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+
+    token = Tokens.objects.get(token="UA-186249766-2")
+    try:
+        admin = AnalyticsPath.objects.get(ignore_path=r"^\/admin\/.*", analyticstokens=token)
+        user_notifications_count = AnalyticsPath.objects.get(ignore_path=r"^\/user_notifications_count\/.*", analyticstokens=token)
+        admin.delete()
+        user_notifications_count.delete()
+    except ObjectDoesNotExist:
+        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
+        pass


 class Migration(migrations.Migration):
--- a/allianceauth/analytics/migrations/0005_alter_analyticspath_ignore_path.py
+++ b/allianceauth/analytics/migrations/0005_alter_analyticspath_ignore_path.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.8 on 2021-10-17 16:26
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0004_auto_20211015_0502'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='analyticspath',
+            name='ignore_path',
+            field=models.CharField(default='/example/', help_text='Regex Expression, If matched no Analytics Page View is sent', max_length=254),
+        ),
+    ]
--- a/allianceauth/analytics/migrations/0006_more_ignore_paths.py
+++ b/allianceauth/analytics/migrations/0006_more_ignore_paths.py
@@ -0,0 +1,40 @@
+# Generated by Django 3.2.8 on 2021-10-19 01:47
+
+from django.core.exceptions import ObjectDoesNotExist
+from django.db import migrations
+
+
+def modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    # Add the /account/activate path to ignore
+
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    account_activate = AnalyticsPath.objects.create(ignore_path=r"^\/account\/activate\/.*")
+
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+    token = Tokens.objects.get(token="UA-186249766-2")
+    token.ignore_paths.add(account_activate)
+
+
+def undo_modify_aa_team_token_add_page_ignore_paths(apps, schema_editor):
+    #
+    AnalyticsPath = apps.get_model('analytics', 'AnalyticsPath')
+    Tokens = apps.get_model('analytics', 'AnalyticsTokens')
+
+    token = Tokens.objects.get(token="UA-186249766-2")
+
+    try:
+        account_activate = AnalyticsPath.objects.get(ignore_path=r"^\/account\/activate\/.*", analyticstokens=token)
+        account_activate.delete()
+    except ObjectDoesNotExist:
+        # Its fine if it doesnt exist, we just dont want them building up when re-migrating
+        pass
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('analytics', '0005_alter_analyticspath_ignore_path'),
+    ]
+
+    operations = [
+        migrations.RunPython(modify_aa_team_token_add_page_ignore_paths, undo_modify_aa_team_token_add_page_ignore_paths)
+    ]
--- a/allianceauth/analytics/models.py
+++ b/allianceauth/analytics/models.py
@@ -8,15 +8,15 @@ from uuid import uuid4
 class AnalyticsIdentifier(models.Model):

    identifier = models.UUIDField(default=uuid4,
-                                  editable=False)
+                                editable=False)

    def save(self, *args, **kwargs):
        if not self.pk and AnalyticsIdentifier.objects.exists():
            # Force a single object
            raise ValidationError('There is can be only one \
-                                   AnalyticsIdentifier instance')
+                                    AnalyticsIdentifier instance')
        self.pk = self.id = 1 # If this happens to be deleted and recreated, force it to be 1
-        return super(AnalyticsIdentifier, self).save(*args, **kwargs)
+        return super().save(*args, **kwargs)


 class AnalyticsPath(models.Model):
--- a/allianceauth/analytics/signals.py
+++ b/allianceauth/analytics/signals.py
@@ -1,7 +1,8 @@
-from allianceauth.analytics.tasks import analytics_event
-from celery.signals import task_failure, task_success
-
 import logging
+from celery.signals import task_failure, task_success
+from django.conf import settings
+from allianceauth.analytics.tasks import analytics_event
+
 logger = logging.getLogger(__name__)


@@ -11,6 +12,8 @@ def process_failure_signal(
                        sender, task_id, signal,
                        args, kwargs, einfo, **kw):
    logger.debug("Celery task_failure signal %s" % sender.__class__.__name__)
+    if getattr(settings, "ANALYTICS_DISABLED", False):
+        return

    category = sender.__module__

@@ -30,6 +33,8 @@ def process_failure_signal(
@task_success.connect
 def celery_success_signal(sender, result=None, **kw):
    logger.debug("Celery task_success signal %s" % sender.__class__.__name__)
+    if getattr(settings, "ANALYTICS_DISABLED", False):
+        return

    category = sender.__module__

--- a/allianceauth/analytics/tasks.py
+++ b/allianceauth/analytics/tasks.py
@@ -21,8 +21,8 @@ if getattr(settings, "ANALYTICS_ENABLE_DEBUG", False) and settings.DEBUG:
    # Force sending of analytics data during in a debug/test environemt
    # Usefull for developers working on this feature.
    logger.warning(
-                "You have 'ANALYTICS_ENABLE_DEBUG' Enabled! "
-                "This debug instance will send analytics data!")
+        "You have 'ANALYTICS_ENABLE_DEBUG' Enabled! "
+        "This debug instance will send analytics data!")
    DEBUG_URL = COLLECTION_URL

 ANALYTICS_URL = COLLECTION_URL
@@ -40,13 +40,12 @@ def analytics_event(category: str,
    Send a Google Analytics Event for each token stored
    Includes check for if its enabled/disabled

-    Parameters
-    -------
-    `category` (str): Celery Namespace
-    `action` (str): Task Name
-    `label` (str): Optional, Task Success/Exception
-    `value` (int): Optional, If bulk, Query size, can be a binary True/False
-    `event_type` (str): Optional, Celery or Stats only, Default to Celery
+    Args:
+        `category` (str): Celery Namespace
+        `action` (str): Task Name
+        `label` (str): Optional, Task Success/Exception
+        `value` (int): Optional, If bulk, Query size, can be a binary True/False
+        `event_type` (str): Optional, Celery or Stats only, Default to Celery
    """
    analyticstokens = AnalyticsTokens.objects.all()
    client_id = AnalyticsIdentifier.objects.get(id=1).identifier.hex
@@ -60,20 +59,21 @@ def analytics_event(category: str,

        if allowed is True:
            tracking_id = token.token
-            send_ga_tracking_celery_event.s(tracking_id=tracking_id,
-                                            client_id=client_id,
-                                            category=category,
-                                            action=action,
-                                            label=label,
-                                            value=value).\
-                apply_async(priority=9)
+            send_ga_tracking_celery_event.s(
+                tracking_id=tracking_id,
+                client_id=client_id,
+                category=category,
+                action=action,
+                label=label,
+                value=value).apply_async(priority=9)


@shared_task()
 def analytics_daily_stats():
    """Celery Task: Do not call directly

-    Gathers a series of daily statistics and sends analytics events containing them"""
+    Gathers a series of daily statistics and sends analytics events containing them
+    """
    users = install_stat_users()
    tokens = install_stat_tokens()
    addons = install_stat_addons()
--- a/allianceauth/analytics/tests/test_integration.py
+++ b/allianceauth/analytics/tests/test_integration.py
@@ -0,0 +1,109 @@
+from unittest.mock import patch
+from urllib.parse import parse_qs
+
+import requests_mock
+
+from django.test import override_settings
+
+from allianceauth.analytics.tasks import ANALYTICS_URL
+from allianceauth.eveonline.tasks import update_character
+from allianceauth.tests.auth_utils import AuthUtils
+from allianceauth.utils.testing import NoSocketsTestCase
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True)
+@requests_mock.mock()
+class TestAnalyticsForViews(NoSocketsTestCase):
+    @override_settings(ANALYTICS_DISABLED=False)
+    def test_should_run_analytics(self, requests_mocker):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        self.client.force_login(user)
+        # when
+        response = self.client.get("/dashboard/")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertTrue(requests_mocker.called)
+
+    @override_settings(ANALYTICS_DISABLED=True)
+    def test_should_not_run_analytics(self, requests_mocker):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        self.client.force_login(user)
+        # when
+        response = self.client.get("/dashboard/")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertFalse(requests_mocker.called)
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True)
+@requests_mock.mock()
+class TestAnalyticsForTasks(NoSocketsTestCase):
+    @override_settings(ANALYTICS_DISABLED=False)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_run_analytics_for_successful_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertTrue(requests_mocker.called)
+        payload = parse_qs(requests_mocker.last_request.text)
+        self.assertListEqual(payload["el"], ["Success"])
+
+    @override_settings(ANALYTICS_DISABLED=True)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_not_run_analytics_for_successful_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertFalse(requests_mocker.called)
+
+    @override_settings(ANALYTICS_DISABLED=False)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_run_analytics_for_failed_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        mock_update_character.side_effect = RuntimeError
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertTrue(requests_mocker.called)
+        payload = parse_qs(requests_mocker.last_request.text)
+        self.assertNotEqual(payload["el"], ["Success"])
+
+    @override_settings(ANALYTICS_DISABLED=True)
+    @patch("allianceauth.eveonline.models.EveCharacter.objects.update_character")
+    def test_should_not_run_analytics_for_failed_task(
+        self, requests_mocker, mock_update_character
+    ):
+        # given
+        requests_mocker.post(ANALYTICS_URL)
+        mock_update_character.side_effect = RuntimeError
+        user = AuthUtils.create_user("Bruce Wayne")
+        character = AuthUtils.add_main_character_2(user, "Bruce Wayne", 1001)
+        # when
+        update_character.delay(character.character_id)
+        # then
+        self.assertTrue(mock_update_character.called)
+        self.assertFalse(requests_mocker.called)
--- a/allianceauth/analytics/tests/test_middleware.py
+++ b/allianceauth/analytics/tests/test_middleware.py
@@ -1,5 +1,6 @@
 from allianceauth.analytics.middleware import AnalyticsMiddleware
 from unittest.mock import Mock
+from django.http import HttpResponse

 from django.test.testcases import TestCase

@@ -7,7 +8,7 @@ from django.test.testcases import TestCase
 class TestAnalyticsMiddleware(TestCase):

    def setUp(self):
-        self.middleware = AnalyticsMiddleware()
+        self.middleware = AnalyticsMiddleware(HttpResponse)
        self.request = Mock()
        self.request.headers = {
                "User-Agent": "AUTOMATED TEST"
--- a/allianceauth/analytics/tests/test_tasks.py
+++ b/allianceauth/analytics/tests/test_tasks.py
@@ -1,12 +1,22 @@
+import requests_mock
+
+from django.test.utils import override_settings
+
 from allianceauth.analytics.tasks import (
    analytics_event,
    send_ga_tracking_celery_event,
    send_ga_tracking_web_view)
-from django.test.testcases import TestCase
+from allianceauth.utils.testing import NoSocketsTestCase


-class TestAnalyticsTasks(TestCase):
-    def test_analytics_event(self):
+GOOGLE_ANALYTICS_DEBUG_URL = 'https://www.google-analytics.com/debug/collect'
+
+
+@override_settings(CELERY_ALWAYS_EAGER=True, CELERY_EAGER_PROPAGATES_EXCEPTIONS=True)
+@requests_mock.Mocker()
+class TestAnalyticsTasks(NoSocketsTestCase):
+    def test_analytics_event(self, requests_mocker):
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
        analytics_event(
                        category='allianceauth.analytics',
                        action='send_tests',
@@ -14,15 +24,19 @@ class TestAnalyticsTasks(TestCase):
                        value=1,
                        event_type='Stats')

-    def test_send_ga_tracking_web_view_sent(self):
-        # This test sends if the event SENDS to google
-        # Not if it was successful
+    def test_send_ga_tracking_web_view_sent(self, requests_mocker):
+        """This test sends if the event SENDS to google.
+        Not if it was successful.
+        """
+        # given
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        page = '/index/'
        title = 'Hello World'
        locale = 'en'
        useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
+        # when
        response = send_ga_tracking_web_view(
                                            tracking_id,
                                            client_id,
@@ -30,15 +44,23 @@ class TestAnalyticsTasks(TestCase):
                                            title,
                                            locale,
                                            useragent)
+        # then
        self.assertEqual(response.status_code, 200)

-    def test_send_ga_tracking_web_view_success(self):
+    def test_send_ga_tracking_web_view_success(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={"hitParsingResult":[{'valid': True}]}
+        )
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        page = '/index/'
        title = 'Hello World'
        locale = 'en'
        useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
+        # when
        json_response = send_ga_tracking_web_view(
                                                tracking_id,
                                                client_id,
@@ -46,15 +68,42 @@ class TestAnalyticsTasks(TestCase):
                                                title,
                                                locale,
                                                useragent).json()
+        # then
        self.assertTrue(json_response["hitParsingResult"][0]["valid"])

-    def test_send_ga_tracking_web_view_invalid_token(self):
+    def test_send_ga_tracking_web_view_invalid_token(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={
+                "hitParsingResult":[
+                    {
+                        'valid': False,
+                        'parserMessage': [
+                            {
+                                'messageType': 'INFO',
+                                'description': 'IP Address from this hit was anonymized to 1.132.110.0.',
+                                'messageCode': 'VALUE_MODIFIED'
+                            },
+                            {
+                                'messageType': 'ERROR',
+                                'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.",
+                                'messageCode': 'VALUE_INVALID', 'parameter': 'tid'
+                            }
+                        ],
+                        'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'
+                    }
+                ]
+            }
+        )
        tracking_id = 'UA-IntentionallyBadTrackingID-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        page = '/index/'
        title = 'Hello World'
        locale = 'en'
        useragent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
+        # when
        json_response = send_ga_tracking_web_view(
                                            tracking_id,
                                            client_id,
@@ -62,18 +111,25 @@ class TestAnalyticsTasks(TestCase):
                                            title,
                                            locale,
                                            useragent).json()
+        # then
        self.assertFalse(json_response["hitParsingResult"][0]["valid"])
-        self.assertEqual(json_response["hitParsingResult"][0]["parserMessage"][1]["description"], "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.")
+        self.assertEqual(
+            json_response["hitParsingResult"][0]["parserMessage"][1]["description"],
+            "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details."
+        )

        # [{'valid': False, 'parserMessage': [{'messageType': 'INFO', 'description': 'IP Address from this hit was anonymized to 1.132.110.0.', 'messageCode': 'VALUE_MODIFIED'}, {'messageType': 'ERROR', 'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.", 'messageCode': 'VALUE_INVALID', 'parameter': 'tid'}], 'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'}]

-    def test_send_ga_tracking_celery_event_sent(self):
+    def test_send_ga_tracking_celery_event_sent(self, requests_mocker):
+        # given
+        requests_mocker.register_uri('POST', GOOGLE_ANALYTICS_DEBUG_URL)
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        category = 'test'
        action = 'test'
        label = 'test'
        value = '1'
+        # when
        response = send_ga_tracking_celery_event(
                                                tracking_id,
                                                client_id,
@@ -81,15 +137,23 @@ class TestAnalyticsTasks(TestCase):
                                                action,
                                                label,
                                                value)
+        # then
        self.assertEqual(response.status_code, 200)

-    def test_send_ga_tracking_celery_event_success(self):
+    def test_send_ga_tracking_celery_event_success(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={"hitParsingResult":[{'valid': True}]}
+        )
        tracking_id = 'UA-186249766-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        category = 'test'
        action = 'test'
        label = 'test'
        value = '1'
+        # when
        json_response = send_ga_tracking_celery_event(
                                                    tracking_id,
                                                    client_id,
@@ -97,15 +161,42 @@ class TestAnalyticsTasks(TestCase):
                                                    action,
                                                    label,
                                                    value).json()
+        # then
        self.assertTrue(json_response["hitParsingResult"][0]["valid"])

-    def test_send_ga_tracking_celery_event_invalid_token(self):
+    def test_send_ga_tracking_celery_event_invalid_token(self, requests_mocker):
+        # given
+        requests_mocker.register_uri(
+            'POST',
+            GOOGLE_ANALYTICS_DEBUG_URL,
+            json={
+                "hitParsingResult":[
+                    {
+                        'valid': False,
+                        'parserMessage': [
+                            {
+                                'messageType': 'INFO',
+                                'description': 'IP Address from this hit was anonymized to 1.132.110.0.',
+                                'messageCode': 'VALUE_MODIFIED'
+                            },
+                            {
+                                'messageType': 'ERROR',
+                                'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.",
+                                'messageCode': 'VALUE_INVALID', 'parameter': 'tid'
+                            }
+                        ],
+                        'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'
+                    }
+                ]
+            }
+        )
        tracking_id = 'UA-IntentionallyBadTrackingID-2'
        client_id = 'ab33e241fbf042b6aa77c7655a768af7'
        category = 'test'
        action = 'test'
        label = 'test'
        value = '1'
+        # when
        json_response = send_ga_tracking_celery_event(
                                                    tracking_id,
                                                    client_id,
@@ -113,7 +204,9 @@ class TestAnalyticsTasks(TestCase):
                                                    action,
                                                    label,
                                                    value).json()
+        # then
        self.assertFalse(json_response["hitParsingResult"][0]["valid"])
-        self.assertEqual(json_response["hitParsingResult"][0]["parserMessage"][1]["description"], "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.")
-
-        # [{'valid': False, 'parserMessage': [{'messageType': 'INFO', 'description': 'IP Address from this hit was anonymized to 1.132.110.0.', 'messageCode': 'VALUE_MODIFIED'}, {'messageType': 'ERROR', 'description': "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details.", 'messageCode': 'VALUE_INVALID', 'parameter': 'tid'}], 'hit': '/debug/collect?v=1&tid=UA-IntentionallyBadTrackingID-2&cid=ab33e241fbf042b6aa77c7655a768af7&t=pageview&dp=/index/&dt=Hello World&ul=en&ua=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36&aip=1&an=allianceauth&av=2.9.0a2'}]
+        self.assertEqual(
+            json_response["hitParsingResult"][0]["parserMessage"][1]["description"],
+            "The value provided for parameter 'tid' is invalid. Please see http://goo.gl/a8d4RP#tid for details."
+        )
--- a/allianceauth/authentication/init.py
+++ b/allianceauth/authentication/init.py
@@ -1 +0,0 @@
-default_app_config = 'allianceauth.authentication.apps.AuthenticationConfig'
--- a/allianceauth/authentication/admin.py
+++ b/allianceauth/authentication/admin.py
@@ -1,26 +1,44 @@
 from django.contrib import admin
 from django.contrib.auth.admin import UserAdmin as BaseUserAdmin
-from django.contrib.auth.models import User as BaseUser, \
-    Permission as BasePermission, Group
+from django.contrib.auth.models import Group
+from django.contrib.auth.models import Permission as BasePermission
+from django.contrib.auth.models import User as BaseUser
 from django.db.models import Count, Q
-from allianceauth.services.hooks import ServicesHook
-from django.db.models.signals import pre_save, post_save, pre_delete, \
-    post_delete, m2m_changed
 from django.db.models.functions import Lower
+from django.db.models.signals import (
+    m2m_changed,
+    post_delete,
+    post_save,
+    pre_delete,
+    pre_save
+)
 from django.dispatch import receiver
-from django.forms import ModelForm
-from django.utils.html import format_html
 from django.urls import reverse
+from django.utils.html import format_html
 from django.utils.text import slugify

-from allianceauth.authentication.models import State, get_guest_state,\
-    CharacterOwnership, UserProfile, OwnershipRecord
-from allianceauth.hooks import get_hooks
-from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo,\
-    EveAllianceInfo
+from allianceauth.authentication.models import (
+    CharacterOwnership,
+    OwnershipRecord,
+    State,
+    UserProfile,
+    get_guest_state
+)
+from allianceauth.eveonline.models import (
+    EveAllianceInfo,
+    EveCharacter,
+    EveCorporationInfo,
+    EveFactionInfo
+)
 from allianceauth.eveonline.tasks import update_character
-from .app_settings import AUTHENTICATION_ADMIN_USERS_MAX_GROUPS, \
-    AUTHENTICATION_ADMIN_USERS_MAX_CHARS
+from allianceauth.hooks import get_hooks
+from allianceauth.services.hooks import ServicesHook
+
+from .app_settings import (
+    AUTHENTICATION_ADMIN_USERS_MAX_CHARS,
+    AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
+)
+from .forms import UserChangeForm, UserProfileForm


 def make_service_hooks_update_groups_action(service):
@@ -36,8 +54,8 @@ def make_service_hooks_update_groups_action(service):
            for user in queryset:  # queryset filtering doesn't work here?
                service.update_groups(user)

-    update_service_groups.__name__ = str('update_{}_groups'.format(slugify(service.name)))
-    update_service_groups.short_description = "Sync groups for selected {} accounts".format(service.title)
+    update_service_groups.__name__ = str(f'update_{slugify(service.name)}_groups')
+    update_service_groups.short_description = f"Sync groups for selected {service.title} accounts"
    return update_service_groups


@@ -54,24 +72,15 @@ def make_service_hooks_sync_nickname_action(service):
            for user in queryset:  # queryset filtering doesn't work here?
                service.sync_nickname(user)

-    sync_nickname.__name__ = str('sync_{}_nickname'.format(slugify(service.name)))
-    sync_nickname.short_description = "Sync nicknames for selected {} accounts".format(service.title)
+    sync_nickname.__name__ = str(f'sync_{slugify(service.name)}_nickname')
+    sync_nickname.short_description = f"Sync nicknames for selected {service.title} accounts"
    return sync_nickname


-class QuerysetModelForm(ModelForm):
-    # allows specifying FK querysets through kwarg
-    def __init__(self, querysets=None, *args, **kwargs):
-        querysets = querysets or {}
-        super().__init__(*args, **kwargs)
-        for field, qs in querysets.items():
-            self.fields[field].queryset = qs
-
-
 class UserProfileInline(admin.StackedInline):
    model = UserProfile
    readonly_fields = ('state',)
-    form = QuerysetModelForm
+    form = UserProfileForm
    verbose_name = ''
    verbose_name_plural = 'Profile'

@@ -99,6 +108,7 @@ class UserProfileInline(admin.StackedInline):
        return False


+@admin.display(description="")
 def user_profile_pic(obj):
    """profile pic column data for user objects

@@ -111,13 +121,10 @@ def user_profile_pic(obj):
            '<img src="{}" class="img-circle">',
            user_obj.profile.main_character.portrait_url(size=32)
        )
-    else:
-        return None
-
-
-user_profile_pic.short_description = ''
+    return None


+@admin.display(description="user / main", ordering="username")
 def user_username(obj):
    """user column data for user objects

@@ -139,18 +146,17 @@ def user_username(obj):
            user_obj.username,
            user_obj.profile.main_character.character_name
        )
-    else:
-        return format_html(
-            '<strong><a href="{}">{}</a></strong>',
-            link,
-            user_obj.username,
-        )
-
-
-user_username.short_description = 'user / main'
-user_username.admin_order_field = 'username'
+    return format_html(
+        '<strong><a href="{}">{}</a></strong>',
+        link,
+        user_obj.username,
+    )


+@admin.display(
+    description="Corporation / Alliance (Main)",
+    ordering="profile__main_character__corporation_name"
+)
 def user_main_organization(obj):
    """main organization column data for user objects

@@ -159,23 +165,13 @@ def user_main_organization(obj):
    """
    user_obj = obj.user if hasattr(obj, 'user') else obj
    if not user_obj.profile.main_character:
-        result = None
-    else:
-        corporation = user_obj.profile.main_character.corporation_name
-        if user_obj.profile.main_character.alliance_id:
-            result = format_html(
-                '{}<br>{}',
-                corporation,
-                user_obj.profile.main_character.alliance_name
-            )
-        else:
-            result = corporation
-    return result
-
-
-user_main_organization.short_description = 'Corporation / Alliance (Main)'
-user_main_organization.admin_order_field = \
-    'profile__main_character__corporation_name'
+        return ''
+    result = user_obj.profile.main_character.corporation_name
+    if user_obj.profile.main_character.alliance_id:
+        result += f'<br>{user_obj.profile.main_character.alliance_name}'
+    elif user_obj.profile.main_character.faction_name:
+        result += f'<br>{user_obj.profile.main_character.faction_name}'
+    return format_html(result)


 class MainCorporationsFilter(admin.SimpleListFilter):
@@ -194,21 +190,19 @@ class MainCorporationsFilter(admin.SimpleListFilter):
            .distinct()\
            .order_by(Lower('corporation_name'))
        return tuple(
-            [(x['corporation_id'], x['corporation_name']) for x in qs]
+            (x['corporation_id'], x['corporation_name']) for x in qs
        )

    def queryset(self, request, qs):
        if self.value() is None:
            return qs.all()
-        else:
-            if qs.model == User:
-                return qs.filter(
-                    profile__main_character__corporation_id=self.value()
-                )
-            else:
-                return qs.filter(
-                    user__profile__main_character__corporation_id=self.value()
-                )
+        if qs.model == User:
+            return qs.filter(
+                profile__main_character__corporation_id=self.value()
+            )
+        return qs.filter(
+            user__profile__main_character__corporation_id=self.value()
+        )


 class MainAllianceFilter(admin.SimpleListFilter):
@@ -221,28 +215,61 @@ class MainAllianceFilter(admin.SimpleListFilter):
    parameter_name = 'main_alliance_id__exact'

    def lookups(self, request, model_admin):
-        qs = EveCharacter.objects\
-            .exclude(alliance_id=None)\
-            .exclude(userprofile=None)\
-            .values('alliance_id', 'alliance_name')\
-            .distinct()\
+        qs = (
+            EveCharacter.objects
+            .exclude(alliance_id=None)
+            .exclude(userprofile=None)
+            .values('alliance_id', 'alliance_name')
+            .distinct()
            .order_by(Lower('alliance_name'))
+        )
        return tuple(
-            [(x['alliance_id'], x['alliance_name']) for x in qs]
+            (x['alliance_id'], x['alliance_name']) for x in qs
        )

    def queryset(self, request, qs):
        if self.value() is None:
            return qs.all()
-        else:
-            if qs.model == User:
-                return qs.filter(profile__main_character__alliance_id=self.value())
-            else:
-                return qs.filter(
-                    user__profile__main_character__alliance_id=self.value()
-                )
+        if qs.model == User:
+            return qs.filter(profile__main_character__alliance_id=self.value())
+        return qs.filter(
+            user__profile__main_character__alliance_id=self.value()
+        )


+class MainFactionFilter(admin.SimpleListFilter):
+    """Custom filter to filter on factions from mains only
+
+    works for both User objects and objects with `user` as FK to User
+    To be used for all user based admin lists
+    """
+    title = 'faction'
+    parameter_name = 'main_faction_id__exact'
+
+    def lookups(self, request, model_admin):
+        qs = (
+            EveCharacter.objects
+            .exclude(faction_id=None)
+            .exclude(userprofile=None)
+            .values('faction_id', 'faction_name')
+            .distinct()
+            .order_by(Lower('faction_name'))
+        )
+        return tuple(
+            (x['faction_id'], x['faction_name']) for x in qs
+        )
+
+    def queryset(self, request, qs):
+        if self.value() is None:
+            return qs.all()
+        if qs.model == User:
+            return qs.filter(profile__main_character__faction_id=self.value())
+        return qs.filter(
+            user__profile__main_character__faction_id=self.value()
+        )
+
+
+@admin.display(description="Update main character model from ESI")
 def update_main_character_model(modeladmin, request, queryset):
    tasks_count = 0
    for obj in queryset:
@@ -251,33 +278,72 @@ def update_main_character_model(modeladmin, request, queryset):
            tasks_count += 1

    modeladmin.message_user(
-        request,
-        'Update from ESI started for {} characters'.format(tasks_count)
+        request, f'Update from ESI started for {tasks_count} characters'
    )


-update_main_character_model.short_description = \
-    'Update main character model from ESI'
-
-
 class UserAdmin(BaseUserAdmin):
    """Extending Django's UserAdmin model

    Behavior of groups and characters columns can be configured via settings
    """

+    inlines = BaseUserAdmin.inlines + [UserProfileInline]
+    ordering = ('username', )
+    list_select_related = ('profile__state', 'profile__main_character')
+    show_full_result_count = True
+    list_display = (
+        user_profile_pic,
+        user_username,
+        '_state',
+        '_groups',
+        user_main_organization,
+        '_characters',
+        'is_active',
+        'date_joined',
+        '_role'
+    )
+    list_display_links = None
+    list_filter = (
+        'profile__state',
+        'groups',
+        MainCorporationsFilter,
+        MainAllianceFilter,
+        MainFactionFilter,
+        'is_active',
+        'date_joined',
+        'is_staff',
+        'is_superuser'
+    )
+    search_fields = ('username', 'character_ownerships__character__character_name')
+    readonly_fields = ('date_joined', 'last_login')
+    filter_horizontal = ('groups', 'user_permissions',)
+    form = UserChangeForm
+
    class Media:
        css = {
-            "all": ("authentication/css/admin.css",)
+            "all": ("allianceauth/authentication/css/admin.css",)
        }

    def get_queryset(self, request):
        qs = super().get_queryset(request)
        return qs.prefetch_related("character_ownerships__character", "groups")

-    def get_actions(self, request):
-        actions = super(BaseUserAdmin, self).get_actions(request)
+    def get_form(self, request, obj=None, **kwargs):
+        """Inject current request into change form object."""

+        MyForm = super().get_form(request, obj, **kwargs)
+        if obj:
+            class MyFormInjected(MyForm):
+                def __new__(cls, *args, **kwargs):
+                    kwargs['request'] = request
+                    return MyForm(*args, **kwargs)
+
+            return MyFormInjected
+        return MyForm
+
+    def get_actions(self, request):
+        actions = super().get_actions(request)
        actions[update_main_character_model.__name__] = (
            update_main_character_model,
            update_main_character_model.__name__,
@@ -321,37 +387,6 @@ class UserAdmin(BaseUserAdmin):
            )
        return result

-    inlines = BaseUserAdmin.inlines + [UserProfileInline]
-    ordering = ('username', )
-    list_select_related = ('profile__state', 'profile__main_character')
-    show_full_result_count = True
-    list_display = (
-        user_profile_pic,
-        user_username,
-        '_state',
-        '_groups',
-        user_main_organization,
-        '_characters',
-        'is_active',
-        'date_joined',
-        '_role'
-    )
-    list_display_links = None
-    list_filter = (
-        'profile__state',
-        'groups',
-        MainCorporationsFilter,
-        MainAllianceFilter,
-        'is_active',
-        'date_joined',
-        'is_staff',
-        'is_superuser'
-    )
-    search_fields = (
-        'username',
-        'character_ownerships__character__character_name'
-    )
-
    def _characters(self, obj):
        character_ownerships = list(obj.character_ownerships.all())
        characters = [obj.character.character_name for obj in character_ownerships]
@@ -360,22 +395,16 @@ class UserAdmin(BaseUserAdmin):
            AUTHENTICATION_ADMIN_USERS_MAX_CHARS
        )

-    _characters.short_description = 'characters'
-
+    @admin.display(ordering="profile__state")
    def _state(self, obj):
        return obj.profile.state.name

-    _state.short_description = 'state'
-    _state.admin_order_field = 'profile__state'
-
    def _groups(self, obj):
-        my_groups = sorted([group.name for group in list(obj.groups.all())])
+        my_groups = sorted(group.name for group in list(obj.groups.all()))
        return self._list_2_html_w_tooltips(
            my_groups, AUTHENTICATION_ADMIN_USERS_MAX_GROUPS
        )

-    _groups.short_description = 'groups'
-
    def _role(self, obj):
        if obj.is_superuser:
            role = 'Superuser'
@@ -385,8 +414,6 @@ class UserAdmin(BaseUserAdmin):
            role = 'User'
        return role

-    _role.short_description = 'role'
-
    def has_change_permission(self, request, obj=None):
        return request.user.has_perm('auth.change_user')

@@ -396,12 +423,28 @@ class UserAdmin(BaseUserAdmin):
    def has_delete_permission(self, request, obj=None):
        return request.user.has_perm('auth.delete_user')

+    def get_object(self, *args , **kwargs):
+        obj = super().get_object(*args , **kwargs)
+        self.obj = obj  # storing current object for use in formfield_for_manytomany
+        return obj
+
    def formfield_for_manytomany(self, db_field, request, **kwargs):
-        """overriding this formfield to have sorted lists in the form"""
        if db_field.name == "groups":
-            kwargs["queryset"] = Group.objects.all().order_by(Lower('name'))
+            groups_qs = Group.objects.filter(authgroup__states__isnull=True)
+            obj_state = self.obj.profile.state
+            if obj_state:
+                matching_groups_qs = Group.objects.filter(authgroup__states=obj_state)
+                groups_qs = groups_qs | matching_groups_qs
+            kwargs["queryset"] = groups_qs.order_by(Lower("name"))
        return super().formfield_for_manytomany(db_field, request, **kwargs)

+    def get_readonly_fields(self, request, obj=None):
+        if obj and not request.user.is_superuser:
+            return self.readonly_fields + (
+                "is_staff", "is_superuser", "user_permissions"
+            )
+        return self.readonly_fields
+

@admin.register(State)
 class StateAdmin(admin.ModelAdmin):
@@ -412,10 +455,9 @@ class StateAdmin(admin.ModelAdmin):
        qs = super().get_queryset(request)
        return qs.annotate(user_count=Count("userprofile__id"))

+    @admin.display(description="Users", ordering="user_count")
    def _user_count(self, obj):
        return obj.user_count
-    _user_count.short_description = 'Users'
-    _user_count.admin_order_field = 'user_count'

    fieldsets = (
        (None, {
@@ -426,7 +468,8 @@ class StateAdmin(admin.ModelAdmin):
                'public',
                'member_characters',
                'member_corporations',
-                'member_alliances'
+                'member_alliances',
+                'member_factions'
            ),
        })
    )
@@ -434,6 +477,7 @@ class StateAdmin(admin.ModelAdmin):
        'member_characters',
        'member_corporations',
        'member_alliances',
+        'member_factions',
        'permissions'
    ]

@@ -448,6 +492,9 @@ class StateAdmin(admin.ModelAdmin):
        elif db_field.name == "member_alliances":
            kwargs["queryset"] = EveAllianceInfo.objects.all()\
                .order_by(Lower('alliance_name'))
+        elif db_field.name == "member_factions":
+            kwargs["queryset"] = EveFactionInfo.objects.all()\
+                .order_by(Lower('faction_name'))
        elif db_field.name == "permissions":
            kwargs["queryset"] = Permission.objects.select_related("content_type").all()
        return super().formfield_for_manytomany(db_field, request, **kwargs)
@@ -455,7 +502,7 @@ class StateAdmin(admin.ModelAdmin):
    def has_delete_permission(self, request, obj=None):
        if obj == get_guest_state():
            return False
-        return super(StateAdmin, self).has_delete_permission(request, obj=obj)
+        return super().has_delete_permission(request, obj=obj)

    def get_fieldsets(self, request, obj=None):
        if obj == get_guest_state():
@@ -464,15 +511,15 @@ class StateAdmin(admin.ModelAdmin):
                    'fields': ('permissions', 'priority'),
                }),
            )
-        return super(StateAdmin, self).get_fieldsets(request, obj=obj)
+        return super().get_fieldsets(request, obj=obj)
+
+    def get_readonly_fields(self, request, obj=None):
+        if not request.user.is_superuser:
+            return self.readonly_fields + ("permissions",)
+        return self.readonly_fields


 class BaseOwnershipAdmin(admin.ModelAdmin):
-    class Media:
-        css = {
-            "all": ("authentication/css/admin.css",)
-        }
-
    list_select_related = (
        'user__profile__state', 'user__profile__main_character', 'character')
    list_display = (
@@ -485,13 +532,19 @@ class BaseOwnershipAdmin(admin.ModelAdmin):
        'user__username',
        'character__character_name',
        'character__corporation_name',
-        'character__alliance_name'
+        'character__alliance_name',
+        'character__faction_name'
    )
    list_filter = (
        MainCorporationsFilter,
        MainAllianceFilter,
    )

+    class Media:
+        css = {
+            "all": ("allianceauth/authentication/css/admin.css",)
+        }
+
    def get_readonly_fields(self, request, obj=None):
        if obj and obj.pk:
            return 'owner_hash', 'character'
--- a/allianceauth/authentication/apps.py
+++ b/allianceauth/authentication/apps.py
@@ -3,10 +3,14 @@ from django.core.checks import register, Tags


 class AuthenticationConfig(AppConfig):
-    name = 'allianceauth.authentication'
-    label = 'authentication'
+    name = "allianceauth.authentication"
+    label = "authentication"

    def ready(self):
-        super(AuthenticationConfig, self).ready()
-        from allianceauth.authentication import checks, signals
+        from allianceauth.authentication import checks, signals  # noqa: F401
+        from allianceauth.authentication.task_statistics import (
+            signals as celery_signals,
+        )
+
        register(Tags.security)(checks.check_login_scopes_setting)
+        celery_signals.reset_counters()
--- a/allianceauth/authentication/backends.py
+++ b/allianceauth/authentication/backends.py
@@ -2,6 +2,7 @@ import logging

 from django.contrib.auth.backends import ModelBackend
 from django.contrib.auth.models import User, Permission
+from django.contrib import messages

 from .models import UserProfile, CharacterOwnership, OwnershipRecord

@@ -36,17 +37,23 @@ class StateBackend(ModelBackend):
        try:
            ownership = CharacterOwnership.objects.get(character__character_id=token.character_id)
            if ownership.owner_hash == token.character_owner_hash:
-                logger.debug('Authenticating {0} by ownership of character {1}'.format(ownership.user, token.character_name))
-                return ownership.user
+                logger.debug(f'Authenticating {ownership.user} by ownership of character {token.character_name}')
+                if ownership.user.profile.main_character:
+                    if ownership.user.profile.main_character.character_id == token.character_id:
+                        return ownership.user
+                    else:  ## this is an alt, enforce main only.
+                        if request:
+                            messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account.")
+                        return None
            else:
-                logger.debug('{0} has changed ownership. Creating new user account.'.format(token.character_name))
+                logger.debug(f'{token.character_name} has changed ownership. Creating new user account.')
                ownership.delete()
                return self.create_user(token)
        except CharacterOwnership.DoesNotExist:
            try:
                # insecure legacy main check for pre-sso registration auth installs
                profile = UserProfile.objects.get(main_character__character_id=token.character_id)
-                logger.debug('Authenticating {0} by their main character {1} without active ownership.'.format(profile.user, profile.main_character))
+                logger.debug(f'Authenticating {profile.user} by their main character {profile.main_character} without active ownership.')
                # attach an ownership
                token.user = profile.user
                CharacterOwnership.objects.create_by_token(token)
@@ -57,15 +64,22 @@ class StateBackend(ModelBackend):
                if records.exists():
                    # we've seen this character owner before. Re-attach to their old user account
                    user = records[0].user
+                    if user.profile.main_character:
+                        if user.profile.main_character.character_id != token.character_id:
+                            ## this is an alt, enforce main only due to trust issues in SSO.
+                            if request:
+                                messages.error("Unable to authenticate with this Character, Please log in with the main character associated with this account. Then add this character from the dashboard.")
+                            return None
+
                    token.user = user
                    co = CharacterOwnership.objects.create_by_token(token)
-                    logger.debug('Authenticating {0} by matching owner hash record of character {1}'.format(user, co.character))
-                    if not user.profile.main_character:
-                        # set this as their main by default if they have none
-                        user.profile.main_character = co.character
-                        user.profile.save()
+                    logger.debug(f'Authenticating {user} by matching owner hash record of character {co.character}')
+
+                    # set this as their main by default as they have none
+                    user.profile.main_character = co.character
+                    user.profile.save()
                    return user
-            logger.debug('Unable to authenticate character {0}. Creating new user.'.format(token.character_name))
+            logger.debug(f'Unable to authenticate character {token.character_name}. Creating new user.')
            return self.create_user(token)

    def create_user(self, token):
@@ -77,7 +91,7 @@ class StateBackend(ModelBackend):
        co = CharacterOwnership.objects.create_by_token(token)  # assign ownership to this user
        user.profile.main_character = co.character  # assign main character as token character
        user.profile.save()
-        logger.debug('Created new user {0}'.format(user))
+        logger.debug(f'Created new user {user}')
        return user

    @staticmethod
@@ -87,10 +101,10 @@ class StateBackend(ModelBackend):
        if User.objects.filter(username__startswith=name).exists():
            u = User.objects.filter(username__startswith=name)
            num = len(u)
-            username = "%s_%s" % (name, num)
+            username = f"{name}_{num}"
            while u.filter(username=username).exists():
                num += 1
-                username = "%s_%s" % (name, num)
+                username = f"{name}_{num}"
        else:
            username = name
        return username
--- a/allianceauth/authentication/core/init.py
+++ b/allianceauth/authentication/core/init.py
--- a/allianceauth/authentication/core/celery_workers.py
+++ b/allianceauth/authentication/core/celery_workers.py
@@ -0,0 +1,48 @@
+"""API for interacting with celery workers."""
+
+import itertools
+import logging
+from typing import Optional
+
+from amqp.exceptions import ChannelError
+from celery import current_app
+
+from django.conf import settings
+
+logger = logging.getLogger(__name__)
+
+
+def active_tasks_count() -> Optional[int]:
+    """Return count of currently active tasks
+    or None if celery workers are not online.
+    """
+    inspect = current_app.control.inspect()
+    return _tasks_count(inspect.active())
+
+
+def _tasks_count(data: dict) -> Optional[int]:
+    """Return count of tasks in data from celery inspect API."""
+    try:
+        tasks = itertools.chain(*data.values())
+    except AttributeError:
+        return None
+    return len(list(tasks))
+
+
+def queued_tasks_count() -> Optional[int]:
+    """Return count of queued tasks. Return None if there was an error."""
+    try:
+        with current_app.connection_or_acquire() as conn:
+            result = conn.default_channel.queue_declare(
+                queue=getattr(settings, "CELERY_DEFAULT_QUEUE", "celery"), passive=True
+            )
+            return result.message_count
+
+    except ChannelError:
+        # Queue doesn't exist, probably empty
+        return 0
+
+    except Exception:
+        logger.exception("Failed to get celery queue length")
+
+    return None
--- a/allianceauth/authentication/decorators.py
+++ b/allianceauth/authentication/decorators.py
@@ -1,18 +1,28 @@
-from django.conf.urls import include
-from django.contrib.auth.decorators import user_passes_test
-from django.core.exceptions import PermissionDenied
 from functools import wraps
-from django.shortcuts import redirect
+from typing import Callable, Iterable, Optional
+
+from django.urls import include
 from django.contrib import messages
+from django.contrib.auth.decorators import login_required, user_passes_test
+from django.core.exceptions import PermissionDenied
+from django.shortcuts import redirect
 from django.utils.translation import gettext_lazy as _
-from django.contrib.auth.decorators import login_required


 def user_has_main_character(user):
    return bool(user.profile.main_character)


-def decorate_url_patterns(urls, decorator):
+def decorate_url_patterns(
+    urls, decorator: Callable, excluded_views: Optional[Iterable] = None
+):
+    """Decorate views given in url patterns except when they are explicitly excluded.
+
+    Args:
+        - urls: Django URL patterns
+        - decorator: Decorator to be added to each view
+        - exclude_views: Optional iterable of view names to be excluded
+    """
    url_list, app_name, namespace = include(urls)

    def process_patterns(url_patterns):
@@ -22,6 +32,8 @@ def decorate_url_patterns(urls, decorator):
                process_patterns(pattern.url_patterns)
            else:
                # this is a pattern
+                if excluded_views and pattern.lookup_str in excluded_views:
+                    return
                pattern.callback = decorator(pattern.callback)

    process_patterns(url_list)
--- a/allianceauth/authentication/forms.py
+++ b/allianceauth/authentication/forms.py
@@ -1,8 +1,66 @@
 from django import forms
-from django.utils.translation import ugettext_lazy as _
+from django.contrib.auth.forms import UserChangeForm as BaseUserChangeForm
+from django.contrib.auth.models import Group
+from django.core.exceptions import ValidationError
+from django.forms import ModelForm
+from django.utils.translation import gettext_lazy as _
+
 from allianceauth.authentication.models import User
+
+
 class RegistrationForm(forms.Form):
    email = forms.EmailField(label=_('Email'), max_length=254, required=True)

    class _meta:
        model = User
+
+
+class UserProfileForm(ModelForm):
+    """Allows specifying FK querysets through kwarg"""
+
+    def __init__(self, querysets=None, *args, **kwargs):
+        querysets = querysets or {}
+        super().__init__(*args, **kwargs)
+        for field, qs in querysets.items():
+            self.fields[field].queryset = qs
+
+
+class UserChangeForm(BaseUserChangeForm):
+    """Add custom cleaning to UserChangeForm"""
+
+    def __init__(self, *args, **kwargs):
+        self.request = kwargs.pop("request")  # Inject current request into form object
+        super().__init__(*args, **kwargs)
+
+    def clean(self):
+        cleaned_data = super().clean()
+        if not self.request.user.is_superuser:
+            if self.instance:
+                current_restricted = set(
+                    self.instance.groups.filter(
+                        authgroup__restricted=True
+                    ).values_list("pk", flat=True)
+                )
+            else:
+                current_restricted = set()
+            new_restricted = set(
+                cleaned_data["groups"].filter(
+                    authgroup__restricted=True
+                ).values_list("pk", flat=True)
+            )
+            if current_restricted != new_restricted:
+                restricted_removed = current_restricted - new_restricted
+                restricted_added = new_restricted - current_restricted
+                restricted_changed = restricted_removed | restricted_added
+                restricted_names_qs = Group.objects.filter(
+                    pk__in=restricted_changed
+                ).values_list("name", flat=True)
+                restricted_names = ",".join(list(restricted_names_qs))
+                raise ValidationError(
+                    {
+                        "groups": _(
+                            "You are not allowed to add or remove these "
+                            "restricted groups: %s" % restricted_names
+                        )
+                    }
+                )
--- a/allianceauth/authentication/hmac_urls.py
+++ b/allianceauth/authentication/hmac_urls.py
@@ -1,14 +1,13 @@
-from django.conf.urls import url, include
-
 from allianceauth.authentication import views
+from django.urls import include, re_path, path

 urlpatterns = [
-    url(r'^activate/complete/$', views.activation_complete, name='registration_activation_complete'),
+    path('activate/complete/', views.activation_complete, name='registration_activation_complete'),
    # The activation key can make use of any character from the
    # URL-safe base64 alphabet, plus the colon as a separator.
-    url(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
-    url(r'^register/$', views.RegistrationView.as_view(), name='registration_register'),
-    url(r'^register/complete/$', views.registration_complete, name='registration_complete'),
-    url(r'^register/closed/$', views.registration_closed, name='registration_disallowed'),
-    url(r'', include('django.contrib.auth.urls')),
+    re_path(r'^activate/(?P<activation_key>[-:\w]+)/$', views.ActivationView.as_view(), name='registration_activate'),
+    path('register/', views.RegistrationView.as_view(), name='registration_register'),
+    path('register/complete/', views.registration_complete, name='registration_complete'),
+    path('register/closed/', views.registration_closed, name='registration_disallowed'),
+    path('', include('django.contrib.auth.urls')),
 ]
--- a/allianceauth/authentication/management/commands/checkmains.py
+++ b/allianceauth/authentication/management/commands/checkmains.py
@@ -11,10 +11,10 @@ class Command(BaseCommand):
        if profiles.exists():
            for profile in profiles:
                self.stdout.write(self.style.ERROR(
-                    '{0} does not have an ownership. Resetting user {1} main character.'.format(profile.main_character,
+                    '{} does not have an ownership. Resetting user {} main character.'.format(profile.main_character,
                                                                                                profile.user)))
                profile.main_character = None
                profile.save()
-            self.stdout.write(self.style.WARNING('Reset {0} main characters.'.format(profiles.count())))
+            self.stdout.write(self.style.WARNING(f'Reset {profiles.count()} main characters.'))
        else:
            self.stdout.write(self.style.SUCCESS('All main characters have active ownership.'))
--- a/allianceauth/authentication/managers.py
+++ b/allianceauth/authentication/managers.py
@@ -16,6 +16,8 @@ def available_states_query(character):
        query |= Q(member_corporations__corporation_id=character.corporation_id)
    if character.alliance_id:
        query |= Q(member_alliances__alliance_id=character.alliance_id)
+    if character.faction_id:
+        query |= Q(member_factions__faction_id=character.faction_id)
    return query


@@ -49,7 +51,7 @@ class StateQuerySet(QuerySet):
            for state in self:
                for profile in state.userprofile_set.all():
                    profile.assign_state(state=self.model.objects.exclude(pk=state.pk).get_for_user(profile.user))
-        super(StateQuerySet, self).delete()
+        super().delete()


 class StateManager(Manager):
--- a/allianceauth/authentication/middleware.py
+++ b/allianceauth/authentication/middleware.py
@@ -0,0 +1,45 @@
+from django.conf import settings
+from django.utils.deprecation import MiddlewareMixin
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+class UserSettingsMiddleware(MiddlewareMixin):
+    def process_response(self, request, response):
+        """Django Middleware: User Settings."""
+
+        # Intercept the built in django /setlang/ view and also save it to Database.
+        # Note the annoymous user check, only logged in users will ever hit the DB here
+        if request.path == '/i18n/setlang/' and not request.user.is_anonymous:
+            try:
+                request.user.profile.language = request.POST['language']
+                request.user.profile.save()
+            except Exception as e:
+                logger.exception(e)
+
+        # Only act during the login flow, _after_ user is activated (step 2: post-sso)
+        elif request.path == '/sso/login' and not request.user.is_anonymous:
+            # Set the Language Cookie, if it doesnt match the DB
+            # Null = hasnt been set by the user ever, dont act.
+            try:
+                if request.user.profile.language != request.LANGUAGE_CODE and request.user.profile.language is not None:
+                    response.set_cookie(key=settings.LANGUAGE_COOKIE_NAME,
+                                        value=request.user.profile.language,
+                                        max_age=settings.LANGUAGE_COOKIE_AGE)
+            except Exception as e:
+                logger.exception(e)
+
+            # Set our Night mode flag from the DB
+            # Null = hasnt been set by the user ever, dont act.
+            #
+            # Night mode intercept is not needed in this middleware.
+            # is saved direct to DB in NightModeRedirectView
+            try:
+                if request.user.profile.night_mode is not None:
+                    request.session["NIGHT_MODE"] = request.user.profile.night_mode
+            except Exception as e:
+                logger.exception(e)
+
+        return response
--- a/allianceauth/authentication/migrations/0001_initial.py
+++ b/allianceauth/authentication/migrations/0001_initial.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-05 21:38
-from __future__ import unicode_literals

 from django.conf import settings
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0002_auto_20160907_1914.py
+++ b/allianceauth/authentication/migrations/0002_auto_20160907_1914.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-07 19:14
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0003_authservicesinfo_state.py
+++ b/allianceauth/authentication/migrations/0003_authservicesinfo_state.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-09 20:29
-from __future__ import unicode_literals

 from django.db import migrations, models

--- a/allianceauth/authentication/migrations/0004_create_permissions.py
+++ b/allianceauth/authentication/migrations/0004_create_permissions.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-09 23:19
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0005_delete_perms.py
+++ b/allianceauth/authentication/migrations/0005_delete_perms.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-09 23:11
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0006_auto_20160910_0542.py
+++ b/allianceauth/authentication/migrations/0006_auto_20160910_0542.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-10 05:42
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0007_remove_authservicesinfo_is_blue.py
+++ b/allianceauth/authentication/migrations/0007_remove_authservicesinfo_is_blue.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-10 21:50
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0008_set_state.py
+++ b/allianceauth/authentication/migrations/0008_set_state.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-12 13:04
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0009_auto_20161021_0228.py
+++ b/allianceauth/authentication/migrations/0009_auto_20161021_0228.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.2 on 2016-10-21 02:28
-from __future__ import unicode_literals

 from django.db import migrations, models

--- a/allianceauth/authentication/migrations/0010_only_one_authservicesinfo.py
+++ b/allianceauth/authentication/migrations/0010_only_one_authservicesinfo.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2017-01-07 06:47
-from __future__ import unicode_literals

 from django.db import migrations

@@ -9,7 +8,7 @@ def count_completed_fields(model):
 def forward(apps, schema_editor):
    # this ensures only one model exists per user
    AuthServicesInfo = apps.get_model('authentication', 'AuthServicesInfo')
-    users = set([a.user for a in AuthServicesInfo.objects.all()])
+    users = {a.user for a in AuthServicesInfo.objects.all()}
    for u in users:
        auths = AuthServicesInfo.objects.filter(user=u)
        if auths.count() > 1:
--- a/allianceauth/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py
+++ b/allianceauth/authentication/migrations/0011_authservicesinfo_user_onetoonefield.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2017-01-07 07:11
-from __future__ import unicode_literals

 from django.conf import settings
 from django.db import migrations, models
--- a/allianceauth/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py
+++ b/allianceauth/authentication/migrations/0012_remove_add_delete_authservicesinfo_permissions.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.5 on 2017-01-12 00:59
-from __future__ import unicode_literals

 from django.db import migrations, models

--- a/allianceauth/authentication/migrations/0013_service_modules.py
+++ b/allianceauth/authentication/migrations/0013_service_modules.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.2 on 2016-12-11 23:14
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0014_fleetup_permission.py
+++ b/allianceauth/authentication/migrations/0014_fleetup_permission.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.1 on 2016-09-09 23:19
-from __future__ import unicode_literals

 from django.db import migrations

--- a/allianceauth/authentication/migrations/0015_user_profiles.py
+++ b/allianceauth/authentication/migrations/0015_user_profiles.py
@@ -1,5 +1,4 @@
 # Generated by Django 1.10.5 on 2017-03-22 23:09
-from __future__ import unicode_literals

 import allianceauth.authentication.models
 import django.db.models.deletion
--- a/allianceauth/authentication/migrations/0017_remove_fleetup_permission.py
+++ b/allianceauth/authentication/migrations/0017_remove_fleetup_permission.py
@@ -1,5 +1,3 @@
-from __future__ import unicode_literals
-
 from django.db import migrations


--- a/allianceauth/authentication/migrations/0018_alter_state_name_length.py
+++ b/allianceauth/authentication/migrations/0018_alter_state_name_length.py
@@ -0,0 +1,18 @@
+# Generated by Django 3.2.8 on 2021-10-20 05:22
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0017_remove_fleetup_permission'),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name='state',
+            name='name',
+            field=models.CharField(max_length=32, unique=True),
+        ),
+    ]
--- a/allianceauth/authentication/migrations/0018_state_member_factions.py
+++ b/allianceauth/authentication/migrations/0018_state_member_factions.py
@@ -0,0 +1,19 @@
+# Generated by Django 3.1.13 on 2021-10-12 20:21
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('eveonline', '0015_factions'),
+        ('authentication', '0017_remove_fleetup_permission'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='state',
+            name='member_factions',
+            field=models.ManyToManyField(blank=True, help_text='Factions to whose members this state is available.', to='eveonline.EveFactionInfo'),
+        ),
+    ]
--- a/allianceauth/authentication/migrations/0019_merge_20211026_0919.py
+++ b/allianceauth/authentication/migrations/0019_merge_20211026_0919.py
@@ -0,0 +1,14 @@
+# Generated by Django 3.2.8 on 2021-10-26 09:19
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0018_alter_state_name_length'),
+        ('authentication', '0018_state_member_factions'),
+    ]
+
+    operations = [
+    ]
--- a/allianceauth/authentication/migrations/0020_userprofile_language_userprofile_night_mode.py
+++ b/allianceauth/authentication/migrations/0020_userprofile_language_userprofile_night_mode.py
@@ -0,0 +1,23 @@
+# Generated by Django 4.0.2 on 2022-02-26 03:45
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('authentication', '0019_merge_20211026_0919'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='userprofile',
+            name='language',
+            field=models.CharField(blank=True, choices=[('en', 'English'), ('de', 'German'), ('es', 'Spanish'), ('zh-hans', 'Chinese Simplified'), ('ru', 'Russian'), ('ko', 'Korean'), ('fr', 'French'), ('ja', 'Japanese'), ('it', 'Italian')], default='', max_length=10, verbose_name='Language'),
+        ),
+        migrations.AddField(
+            model_name='userprofile',
+            name='night_mode',
+            field=models.BooleanField(blank=True, null=True, verbose_name='Night Mode'),
+        ),
+    ]
--- a/allianceauth/authentication/migrations/0021_alter_userprofile_language.py
+++ b/allianceauth/authentication/migrations/0021_alter_userprofile_language.py
@@ -0,0 +1,34 @@
+# Generated by Django 4.0.10 on 2023-05-28 15:36
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("authentication", "0020_userprofile_language_userprofile_night_mode"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="userprofile",
+            name="language",
+            field=models.CharField(
+                blank=True,
+                choices=[
+                    ("en", "English"),
+                    ("de", "German"),
+                    ("es", "Spanish"),
+                    ("zh-hans", "Chinese Simplified"),
+                    ("ru", "Russian"),
+                    ("ko", "Korean"),
+                    ("fr", "French"),
+                    ("ja", "Japanese"),
+                    ("it", "Italian"),
+                    ("uk", "Ukrainian"),
+                ],
+                default="",
+                max_length=10,
+                verbose_name="Language",
+            ),
+        ),
+    ]
--- a/allianceauth/authentication/models.py
+++ b/allianceauth/authentication/models.py
@@ -2,9 +2,10 @@ import logging

 from django.contrib.auth.models import User, Permission
 from django.db import models, transaction
-from django.utils.translation import ugettext_lazy as _
-from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo
+from django.utils.translation import gettext_lazy as _
+from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo, EveAllianceInfo, EveFactionInfo
 from allianceauth.notifications import notify
+from django.conf import settings

 from .managers import CharacterOwnershipManager, StateManager

@@ -12,13 +13,18 @@ logger = logging.getLogger(__name__)


 class State(models.Model):
-    name = models.CharField(max_length=20, unique=True)
+    name = models.CharField(max_length=32, unique=True)
    permissions = models.ManyToManyField(Permission, blank=True)
    priority = models.IntegerField(unique=True, help_text="Users get assigned the state with the highest priority available to them.")

-    member_characters = models.ManyToManyField(EveCharacter, blank=True, help_text="Characters to which this state is available.")
-    member_corporations = models.ManyToManyField(EveCorporationInfo, blank=True, help_text="Corporations to whose members this state is available.")
-    member_alliances = models.ManyToManyField(EveAllianceInfo, blank=True, help_text="Alliances to whose members this state is available.")
+    member_characters = models.ManyToManyField(EveCharacter, blank=True,
+                                                help_text="Characters to which this state is available.")
+    member_corporations = models.ManyToManyField(EveCorporationInfo, blank=True,
+                                                help_text="Corporations to whose members this state is available.")
+    member_alliances = models.ManyToManyField(EveAllianceInfo, blank=True,
+                                            help_text="Alliances to whose members this state is available.")
+    member_factions = models.ManyToManyField(EveFactionInfo, blank=True,
+                                            help_text="Factions to whose members this state is available.")
    public = models.BooleanField(default=False, help_text="Make this state available to any character.")

    objects = StateManager()
@@ -39,7 +45,7 @@ class State(models.Model):
        with transaction.atomic():
            for profile in self.userprofile_set.all():
                profile.assign_state(state=State.objects.exclude(pk=self.pk).get_for_user(profile.user))
-        super(State, self).delete(**kwargs)
+        super().delete(**kwargs)


 def get_guest_state():
@@ -57,9 +63,44 @@ class UserProfile(models.Model):
    class Meta:
        default_permissions = ('change',)

-    user = models.OneToOneField(User, related_name='profile', on_delete=models.CASCADE)
-    main_character = models.OneToOneField(EveCharacter, blank=True, null=True, on_delete=models.SET_NULL)
-    state = models.ForeignKey(State, on_delete=models.SET_DEFAULT, default=get_guest_state_pk)
+    class Language(models.TextChoices):
+        """
+        Choices for UserProfile.language
+        """
+
+        ENGLISH = 'en', _('English')
+        GERMAN = 'de', _('German')
+        SPANISH = 'es', _('Spanish')
+        CHINESE = 'zh-hans', _('Chinese Simplified')
+        RUSSIAN = 'ru', _('Russian')
+        KOREAN = 'ko', _('Korean')
+        FRENCH = 'fr', _('French')
+        JAPANESE = 'ja', _('Japanese')
+        ITALIAN = 'it', _('Italian')
+        UKRAINIAN = 'uk', _('Ukrainian')
+
+    user = models.OneToOneField(
+        User,
+        related_name='profile',
+        on_delete=models.CASCADE)
+    main_character = models.OneToOneField(
+        EveCharacter,
+        blank=True,
+        null=True,
+        on_delete=models.SET_NULL)
+    state = models.ForeignKey(
+        State,
+        on_delete=models.SET_DEFAULT,
+        default=get_guest_state_pk)
+    language = models.CharField(
+        _("Language"), max_length=10,
+        choices=Language.choices,
+        blank=True,
+        default='')
+    night_mode = models.BooleanField(
+        _("Night Mode"),
+        blank=True,
+        null=True)

    def assign_state(self, state=None, commit=True):
        if not state:
@@ -67,7 +108,7 @@ class UserProfile(models.Model):
        if self.state != state:
            self.state = state
            if commit:
-                logger.info('Updating {} state to {}'.format(self.user, self.state))
+                logger.info(f'Updating {self.user} state to {self.state}')
                self.save(update_fields=['state'])
                notify(
                    self.user,
@@ -88,8 +129,6 @@ class UserProfile(models.Model):

    def __str__(self):
        return str(self.user)
-
-
 class CharacterOwnership(models.Model):
    class Meta:
        default_permissions = ('change', 'delete')
@@ -102,7 +141,7 @@ class CharacterOwnership(models.Model):
    objects = CharacterOwnershipManager()

    def __str__(self):
-        return "%s: %s" % (self.user, self.character)
+        return f"{self.user}: {self.character}"


 class OwnershipRecord(models.Model):
@@ -115,4 +154,4 @@ class OwnershipRecord(models.Model):
        ordering = ['-created']

    def __str__(self):
-        return "%s: %s on %s" % (self.user, self.character, self.created)
+        return f"{self.user}: {self.character} on {self.created}"
--- a/allianceauth/authentication/signals.py
+++ b/allianceauth/authentication/signals.py
@@ -1,6 +1,11 @@
 import logging

-from .models import CharacterOwnership, UserProfile, get_guest_state, State, OwnershipRecord
+from .models import (
+    CharacterOwnership,
+    UserProfile,
+    get_guest_state,
+    State,
+    OwnershipRecord)
 from django.contrib.auth.models import User
 from django.db.models import Q
 from django.db.models.signals import pre_save, post_save, pre_delete, post_delete, m2m_changed
@@ -11,7 +16,7 @@ from allianceauth.eveonline.models import EveCharacter

 logger = logging.getLogger(__name__)

-state_changed = Signal(providing_args=['user', 'state'])
+state_changed = Signal()


 def trigger_state_check(state):
@@ -29,27 +34,32 @@ def trigger_state_check(state):
@receiver(m2m_changed, sender=State.member_characters.through)
 def state_member_characters_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
-        logger.debug('State {} member characters changed. Re-evaluating membership.'.format(instance))
+        logger.debug(f'State {instance} member characters changed. Re-evaluating membership.')
        trigger_state_check(instance)


@receiver(m2m_changed, sender=State.member_corporations.through)
 def state_member_corporations_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
-        logger.debug('State {} member corporations changed. Re-evaluating membership.'.format(instance))
+        logger.debug(f'State {instance} member corporations changed. Re-evaluating membership.')
        trigger_state_check(instance)


@receiver(m2m_changed, sender=State.member_alliances.through)
 def state_member_alliances_changed(sender, instance, action, *args, **kwargs):
    if action.startswith('post_'):
-        logger.debug('State {} member alliances changed. Re-evaluating membership.'.format(instance))
+        logger.debug(f'State {instance} member alliances changed. Re-evaluating membership.')
        trigger_state_check(instance)

+@receiver(m2m_changed, sender=State.member_factions.through)
+def state_member_factions_changed(sender, instance, action, *args, **kwargs):
+    if action.startswith('post_'):
+        logger.debug(f'State {instance} member factions changed. Re-evaluating membership.')
+        trigger_state_check(instance)

@receiver(post_save, sender=State)
 def state_saved(sender, instance, *args, **kwargs):
-    logger.debug('State {} saved. Re-evaluating membership.'.format(instance))
+    logger.debug(f'State {instance} saved. Re-evaluating membership.')
    trigger_state_check(instance)


@@ -60,22 +70,22 @@ def reassess_on_profile_save(sender, instance, created, *args, **kwargs):
    if not created:
        update_fields = kwargs.pop('update_fields', []) or []
        if 'state' not in update_fields:
-            logger.debug('Profile for {} saved without state change. Re-evaluating state.'.format(instance.user))
+            logger.debug(f'Profile for {instance.user} saved without state change. Re-evaluating state.')
            instance.assign_state()


@receiver(post_save, sender=User)
 def create_required_models(sender, instance, created, *args, **kwargs):
-    # ensure all users have a model
+    # ensure all users have our Sub-Models
    if created:
-        logger.debug('User {} created. Creating default UserProfile.'.format(instance))
+        logger.debug(f'User {instance} created. Creating default UserProfile.')
        UserProfile.objects.get_or_create(user=instance)


@receiver(post_save, sender=Token)
 def record_character_ownership(sender, instance, created, *args, **kwargs):
    if created:
-        logger.debug('New token for {0} character {1} saved. Evaluating ownership.'.format(instance.user, instance.character_name))
+        logger.debug(f'New token for {instance.user} character {instance.character_name} saved. Evaluating ownership.')
        if instance.user:
            query = Q(owner_hash=instance.character_owner_hash) & Q(user=instance.user)
        else:
@@ -84,13 +94,13 @@ def record_character_ownership(sender, instance, created, *args, **kwargs):
        CharacterOwnership.objects.filter(character__character_id=instance.character_id).exclude(query).delete()
        # create character if needed
        if EveCharacter.objects.filter(character_id=instance.character_id).exists() is False:
-            logger.debug('Token is for a new character. Creating model for {0} ({1})'.format(instance.character_name, instance.character_id))
+            logger.debug(f'Token is for a new character. Creating model for {instance.character_name} ({instance.character_id})')
            EveCharacter.objects.create_character(instance.character_id)
        char = EveCharacter.objects.get(character_id=instance.character_id)
        # check if we need to create ownership
        if instance.user and not CharacterOwnership.objects.filter(
                character__character_id=instance.character_id).exists():
-            logger.debug("Character {0} is not yet owned. Assigning ownership to {1}".format(instance.character_name, instance.user))
+            logger.debug(f"Character {instance.character_name} is not yet owned. Assigning ownership to {instance.user}")
            CharacterOwnership.objects.update_or_create(character=char, defaults={'owner_hash': instance.character_owner_hash, 'user': instance.user})


@@ -98,7 +108,7 @@ def record_character_ownership(sender, instance, created, *args, **kwargs):
 def validate_main_character(sender, instance, *args, **kwargs):
    try:
        if instance.user.profile.main_character == instance.character:
-            logger.info("Ownership of a main character {0} has been revoked. Resetting {1} main character.".format(
+            logger.info("Ownership of a main character {} has been revoked. Resetting {} main character.".format(
                instance.character, instance.user))
            # clear main character as user no longer owns them
            instance.user.profile.main_character = None
@@ -111,7 +121,7 @@ def validate_main_character(sender, instance, *args, **kwargs):
@receiver(post_delete, sender=Token)
 def validate_ownership(sender, instance, *args, **kwargs):
    if not Token.objects.filter(character_owner_hash=instance.character_owner_hash).filter(refresh_token__isnull=False).exists():
-        logger.info("No remaining tokens to validate ownership of character {0}. Revoking ownership.".format(instance.character_name))
+        logger.info(f"No remaining tokens to validate ownership of character {instance.character_name}. Revoking ownership.")
        CharacterOwnership.objects.filter(owner_hash=instance.character_owner_hash).delete()


@@ -122,11 +132,11 @@ def assign_state_on_active_change(sender, instance, *args, **kwargs):
        old_instance = User.objects.get(pk=instance.pk)
        if old_instance.is_active != instance.is_active:
            if instance.is_active:
-                logger.debug("User {0} has been activated. Assigning state.".format(instance))
+                logger.debug(f"User {instance} has been activated. Assigning state.")
                instance.profile.assign_state()
            else:
                logger.debug(
-                    "User {0} has been deactivated. Revoking state and assigning to guest state.".format(instance))
+                    f"User {instance} has been deactivated. Revoking state and assigning to guest state.")
                instance.profile.state = get_guest_state()
                instance.profile.save(update_fields=['state'])

@@ -135,10 +145,10 @@ def assign_state_on_active_change(sender, instance, *args, **kwargs):
 def check_state_on_character_update(sender, instance, *args, **kwargs):
    # if this is a main character updating, check that user's state
    try:
-        logger.debug("Character {0} has been saved. Assessing owner's state for changes.".format(instance))
+        logger.debug(f"Character {instance} has been saved. Assessing owner's state for changes.")
        instance.userprofile.assign_state()
    except UserProfile.DoesNotExist:
-        logger.debug("Character {0} is not a main character. No state assessment required.".format(instance))
+        logger.debug(f"Character {instance} is not a main character. No state assessment required.")
        pass


@@ -148,7 +158,7 @@ def ownership_record_creation(sender, instance, created, *args, **kwargs):
        records = OwnershipRecord.objects.filter(owner_hash=instance.owner_hash).filter(character=instance.character)
        if records.exists():
            if records[0].user == instance.user:  # most recent record is sorted first
-                logger.debug("Already have ownership record of {0} by user {1}".format(instance.character, instance.user))
+                logger.debug(f"Already have ownership record of {instance.character} by user {instance.user}")
                return
-        logger.info("Character {0} has a new owner {1}. Creating ownership record.".format(instance.character, instance.user))
+        logger.info(f"Character {instance.character} has a new owner {instance.user}. Creating ownership record.")
        OwnershipRecord.objects.create(user=instance.user, character=instance.character, owner_hash=instance.owner_hash)
--- a/allianceauth/authentication/static/allianceauth/authentication/css/admin.css
+++ b/allianceauth/authentication/static/allianceauth/authentication/css/admin.css
@@ -0,0 +1,31 @@
+/*
+CSS for allianceauth admin site
+*/
+
+/* styling for profile pic */
+.img-circle {
+    border-radius: 50%;
+}
+
+.column-user_profile_pic {
+    white-space: nowrap;
+    width: 1px;
+}
+
+/* tooltip */
+.tooltip {
+    position: relative;
+}
+
+.tooltip:hover::after {
+    background-color: rgb(255 255 204);
+    border: 1px rgb(128 128 128) solid;
+    color: rgb(0 0 0);
+    content: attr(data-tooltip);
+    left: 1em;
+    min-width: 200px;
+    padding: 8px;
+    position: absolute;
+    top: 1.1em;
+    z-index: 1;
+}
--- a/allianceauth/authentication/static/allianceauth/authentication/img/background.jpg
+++ b/allianceauth/authentication/static/allianceauth/authentication/img/background.jpg
--- a/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_Black.png
+++ b/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_Black.png
--- a/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_White.png
+++ b/allianceauth/authentication/static/allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_White.png
--- a/allianceauth/authentication/static/authentication/css/admin.css
+++ b/allianceauth/authentication/static/authentication/css/admin.css
@@ -1,29 +0,0 @@
-/*
-CSS for allianceauth admin site
-*/
-
-/* styling for profile pic */
-.img-circle {
-    border-radius: 50%;
-}
-.column-user_profile_pic {
-    width: 1px;
-    white-space: nowrap;
-}
-
-/* tooltip */
-.tooltip {
-    position: relative ;
-}
-.tooltip:hover::after {
-    content: attr(data-tooltip) ;
-    position: absolute ;
-    top: 1.1em ;
-    left: 1em ;
-    min-width: 200px ;
-    border: 1px #808080 solid ;
-    padding: 8px ;
-    color: black ;
-    background-color: rgb(255, 255, 204) ;
-    z-index: 1 ;
-}
--- a/allianceauth/authentication/task_statistics/init.py
+++ b/allianceauth/authentication/task_statistics/init.py
--- a/allianceauth/authentication/task_statistics/counters.py
+++ b/allianceauth/authentication/task_statistics/counters.py
@@ -0,0 +1,45 @@
+"""Counters for Task Statistics."""
+
+import datetime as dt
+from typing import NamedTuple, Optional
+
+from .event_series import EventSeries
+
+# Global series for counting task events.
+succeeded_tasks = EventSeries("SUCCEEDED_TASKS")
+retried_tasks = EventSeries("RETRIED_TASKS")
+failed_tasks = EventSeries("FAILED_TASKS")
+
+
+class _TaskCounts(NamedTuple):
+    succeeded: int
+    retried: int
+    failed: int
+    total: int
+    earliest_task: Optional[dt.datetime]
+    hours: int
+
+
+def dashboard_results(hours: int) -> _TaskCounts:
+    """Counts of all task events within the given time frame."""
+
+    def earliest_if_exists(events: EventSeries, earliest: dt.datetime) -> list:
+        my_earliest = events.first_event(earliest=earliest)
+        return [my_earliest] if my_earliest else []
+
+    earliest = dt.datetime.utcnow() - dt.timedelta(hours=hours)
+    earliest_events = []
+    succeeded_count = succeeded_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(succeeded_tasks, earliest)
+    retried_count = retried_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(retried_tasks, earliest)
+    failed_count = failed_tasks.count(earliest=earliest)
+    earliest_events += earliest_if_exists(failed_tasks, earliest)
+    return _TaskCounts(
+        succeeded=succeeded_count,
+        retried=retried_count,
+        failed=failed_count,
+        total=succeeded_count + retried_count + failed_count,
+        earliest_task=min(earliest_events) if earliest_events else None,
+        hours=hours,
+    )
--- a/allianceauth/authentication/task_statistics/event_series.py
+++ b/allianceauth/authentication/task_statistics/event_series.py
@@ -0,0 +1,100 @@
+"""Event series for Task Statistics."""
+
+import datetime as dt
+import logging
+from typing import List, Optional
+
+from pytz import utc
+from redis import Redis
+
+from .helpers import get_redis_client_or_stub
+
+logger = logging.getLogger(__name__)
+
+
+class EventSeries:
+    """API for recording and analyzing a series of events."""
+
+    _ROOT_KEY = "ALLIANCEAUTH_EVENT_SERIES"
+
+    def __init__(self, key_id: str, redis: Optional[Redis] = None) -> None:
+        self._redis = get_redis_client_or_stub() if not redis else redis
+        self._key_id = str(key_id)
+        self.clear()
+
+    @property
+    def is_disabled(self):
+        """True when this object is disabled, e.g. Redis was not available at startup."""
+        return hasattr(self._redis, "IS_STUB")
+
+    @property
+    def _key_counter(self):
+        return f"{self._ROOT_KEY}_{self._key_id}_COUNTER"
+
+    @property
+    def _key_sorted_set(self):
+        return f"{self._ROOT_KEY}_{self._key_id}_SORTED_SET"
+
+    def add(self, event_time: dt.datetime = None) -> None:
+        """Add event.
+
+        Args:
+        - event_time: timestamp of event. Will use current time if not specified.
+        """
+        if not event_time:
+            event_time = dt.datetime.utcnow()
+        my_id = self._redis.incr(self._key_counter)
+        self._redis.zadd(self._key_sorted_set, {my_id: event_time.timestamp()})
+
+    def all(self) -> List[dt.datetime]:
+        """List of all known events."""
+        return [
+            event[1]
+            for event in self._redis.zrangebyscore(
+                self._key_sorted_set,
+                "-inf",
+                "+inf",
+                withscores=True,
+                score_cast_func=self._cast_scores_to_dt,
+            )
+        ]
+
+    def clear(self) -> None:
+        """Clear all events."""
+        self._redis.delete(self._key_sorted_set)
+        self._redis.delete(self._key_counter)
+
+    def count(self, earliest: dt.datetime = None, latest: dt.datetime = None) -> int:
+        """Count of events, can be restricted to given time frame.
+
+        Args:
+        - earliest: Date of first events to count(inclusive), or -infinite if not specified
+        - latest: Date of last events to count(inclusive), or +infinite if not specified
+        """
+        minimum = "-inf" if not earliest else earliest.timestamp()
+        maximum = "+inf" if not latest else latest.timestamp()
+        return self._redis.zcount(self._key_sorted_set, min=minimum, max=maximum)
+
+    def first_event(self, earliest: dt.datetime = None) -> Optional[dt.datetime]:
+        """Date/Time of first event. Returns `None` if series has no events.
+
+        Args:
+        - earliest: Date of first events to count(inclusive), or any if not specified
+        """
+        minimum = "-inf" if not earliest else earliest.timestamp()
+        event = self._redis.zrangebyscore(
+            self._key_sorted_set,
+            minimum,
+            "+inf",
+            withscores=True,
+            start=0,
+            num=1,
+            score_cast_func=self._cast_scores_to_dt,
+        )
+        if not event:
+            return None
+        return event[0][1]
+
+    @staticmethod
+    def _cast_scores_to_dt(score) -> dt.datetime:
+        return dt.datetime.fromtimestamp(float(score), tz=utc)
--- a/allianceauth/authentication/task_statistics/helpers.py
+++ b/allianceauth/authentication/task_statistics/helpers.py
@@ -0,0 +1,49 @@
+"""Helpers for Task Statistics."""
+
+import logging
+
+from redis import Redis, RedisError
+
+from allianceauth.utils.cache import get_redis_client
+
+logger = logging.getLogger(__name__)
+
+
+class _RedisStub:
+    """Stub of a Redis client.
+
+    It's purpose is to prevent EventSeries objects from trying to access Redis
+    when it is not available. e.g. when the Sphinx docs are rendered by readthedocs.org.
+    """
+
+    IS_STUB = True
+
+    def delete(self, *args, **kwargs):
+        pass
+
+    def incr(self, *args, **kwargs):
+        return 0
+
+    def zadd(self, *args, **kwargs):
+        pass
+
+    def zcount(self, *args, **kwargs):
+        pass
+
+    def zrangebyscore(self, *args, **kwargs):
+        pass
+
+
+def get_redis_client_or_stub() -> Redis:
+    """Return AA's default cache client or a stub if Redis is not available."""
+    redis = get_redis_client()
+    try:
+        if not redis.ping():
+            raise RuntimeError()
+    except (AttributeError, RedisError, RuntimeError):
+        logger.exception(
+            "Failed to establish a connection with Redis. "
+            "This EventSeries object is disabled.",
+        )
+        return _RedisStub()
+    return redis
--- a/allianceauth/authentication/task_statistics/signals.py
+++ b/allianceauth/authentication/task_statistics/signals.py
@@ -0,0 +1,53 @@
+"""Signals for Task Statistics."""
+
+from celery.signals import (
+    task_failure, task_internal_error, task_retry, task_success, worker_ready,
+)
+
+from django.conf import settings
+
+from .counters import failed_tasks, retried_tasks, succeeded_tasks
+
+
+def reset_counters():
+    """Reset all counters for the celery status."""
+    succeeded_tasks.clear()
+    failed_tasks.clear()
+    retried_tasks.clear()
+
+
+def is_enabled() -> bool:
+    """Return True if task statistics are enabled, else return False."""
+    return not bool(
+        getattr(settings, "ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED", False)
+    )
+
+
+@worker_ready.connect
+def reset_counters_when_celery_restarted(*args, **kwargs):
+    if is_enabled():
+        reset_counters()
+
+
+@task_success.connect
+def record_task_succeeded(*args, **kwargs):
+    if is_enabled():
+        succeeded_tasks.add()
+
+
+@task_retry.connect
+def record_task_retried(*args, **kwargs):
+    if is_enabled():
+        retried_tasks.add()
+
+
+@task_failure.connect
+def record_task_failed(*args, **kwargs):
+    if is_enabled():
+        failed_tasks.add()
+
+
+@task_internal_error.connect
+def record_task_internal_error(*args, **kwargs):
+    if is_enabled():
+        failed_tasks.add()
--- a/allianceauth/authentication/task_statistics/tests/init.py
+++ b/allianceauth/authentication/task_statistics/tests/init.py
--- a/allianceauth/authentication/task_statistics/tests/test_counters.py
+++ b/allianceauth/authentication/task_statistics/tests/test_counters.py
@@ -0,0 +1,52 @@
+import datetime as dt
+
+from django.test import TestCase
+from django.utils.timezone import now
+
+from allianceauth.authentication.task_statistics.counters import (
+    dashboard_results, failed_tasks, retried_tasks, succeeded_tasks,
+)
+
+
+class TestDashboardResults(TestCase):
+    def test_should_return_counts_for_given_time_frame_only(self):
+        # given
+        earliest_task = now() - dt.timedelta(minutes=15)
+
+        succeeded_tasks.clear()
+        succeeded_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        succeeded_tasks.add(earliest_task)
+        succeeded_tasks.add()
+        succeeded_tasks.add()
+
+        retried_tasks.clear()
+        retried_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        retried_tasks.add(now() - dt.timedelta(seconds=30))
+        retried_tasks.add()
+
+        failed_tasks.clear()
+        failed_tasks.add(now() - dt.timedelta(hours=1, seconds=1))
+        failed_tasks.add()
+
+        # when
+        results = dashboard_results(hours=1)
+        # then
+        self.assertEqual(results.succeeded, 3)
+        self.assertEqual(results.retried, 2)
+        self.assertEqual(results.failed, 1)
+        self.assertEqual(results.total, 6)
+        self.assertEqual(results.earliest_task, earliest_task)
+
+    def test_should_work_with_no_data(self):
+        # given
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+        # when
+        results = dashboard_results(hours=1)
+        # then
+        self.assertEqual(results.succeeded, 0)
+        self.assertEqual(results.retried, 0)
+        self.assertEqual(results.failed, 0)
+        self.assertEqual(results.total, 0)
+        self.assertIsNone(results.earliest_task)
--- a/allianceauth/authentication/task_statistics/tests/test_event_series.py
+++ b/allianceauth/authentication/task_statistics/tests/test_event_series.py
@@ -0,0 +1,151 @@
+import datetime as dt
+
+from pytz import utc
+
+from django.test import TestCase
+from django.utils.timezone import now
+
+from allianceauth.authentication.task_statistics.event_series import (
+    EventSeries,
+)
+from allianceauth.authentication.task_statistics.helpers import _RedisStub
+
+MODULE_PATH = "allianceauth.authentication.task_statistics.event_series"
+
+
+class TestEventSeries(TestCase):
+    def test_should_add_event(self):
+        # given
+        events = EventSeries("dummy")
+        # when
+        events.add()
+        # then
+        result = events.all()
+        self.assertEqual(len(result), 1)
+        self.assertAlmostEqual(result[0], now(), delta=dt.timedelta(seconds=30))
+
+    def test_should_add_event_with_specified_time(self):
+        # given
+        events = EventSeries("dummy")
+        my_time = dt.datetime(2021, 11, 1, 12, 15, tzinfo=utc)
+        # when
+        events.add(my_time)
+        # then
+        result = events.all()
+        self.assertEqual(len(result), 1)
+        self.assertAlmostEqual(result[0], my_time, delta=dt.timedelta(seconds=30))
+
+    def test_should_count_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        result = events.count()
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_count_zero(self):
+        # given
+        events = EventSeries("dummy")
+        # when
+        result = events.count()
+        # then
+        self.assertEqual(result, 0)
+
+    def test_should_count_events_within_timeframe_1(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(
+            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc),
+            latest=dt.datetime(2021, 12, 1, 12, 17, tzinfo=utc),
+        )
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_count_events_within_timeframe_2(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(earliest=dt.datetime(2021, 12, 1, 12, 8))
+        # then
+        self.assertEqual(result, 3)
+
+    def test_should_count_events_within_timeframe_3(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.count(latest=dt.datetime(2021, 12, 1, 12, 12))
+        # then
+        self.assertEqual(result, 2)
+
+    def test_should_clear_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        events.clear()
+        # then
+        self.assertEqual(events.count(), 0)
+
+    def test_should_return_date_of_first_event(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.first_event()
+        # then
+        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+
+    def test_should_return_date_of_first_event_with_range(self):
+        # given
+        events = EventSeries("dummy")
+        events.add(dt.datetime(2021, 12, 1, 12, 0, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 15, tzinfo=utc))
+        events.add(dt.datetime(2021, 12, 1, 12, 30, tzinfo=utc))
+        # when
+        result = events.first_event(
+            earliest=dt.datetime(2021, 12, 1, 12, 8, tzinfo=utc)
+        )
+        # then
+        self.assertEqual(result, dt.datetime(2021, 12, 1, 12, 10, tzinfo=utc))
+
+    def test_should_return_all_events(self):
+        # given
+        events = EventSeries("dummy")
+        events.add()
+        events.add()
+        # when
+        results = events.all()
+        # then
+        self.assertEqual(len(results), 2)
+
+    def test_should_not_report_as_disabled_when_initialized_normally(self):
+        # given
+        events = EventSeries("dummy")
+        # when/then
+        self.assertFalse(events.is_disabled)
+
+    def test_should_report_as_disabled_when_initialized_with_redis_stub(self):
+        # given
+        events = EventSeries("dummy", redis=_RedisStub())
+        # when/then
+        self.assertTrue(events.is_disabled)
--- a/allianceauth/authentication/task_statistics/tests/test_helpers.py
+++ b/allianceauth/authentication/task_statistics/tests/test_helpers.py
@@ -0,0 +1,28 @@
+from unittest import TestCase
+from unittest.mock import patch
+
+from redis import RedisError
+
+from allianceauth.authentication.task_statistics.helpers import (
+    _RedisStub, get_redis_client_or_stub,
+)
+
+MODULE_PATH = "allianceauth.authentication.task_statistics.helpers"
+
+
+class TestGetRedisClient(TestCase):
+    def test_should_return_mock_if_redis_not_available_1(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
+            mock_get_master_client.return_value.ping.side_effect = RedisError
+            result = get_redis_client_or_stub()
+        # then
+        self.assertIsInstance(result, _RedisStub)
+
+    def test_should_return_mock_if_redis_not_available_2(self):
+        # when
+        with patch(MODULE_PATH + ".get_redis_client") as mock_get_master_client:
+            mock_get_master_client.return_value.ping.return_value = False
+            result = get_redis_client_or_stub()
+        # then
+        self.assertIsInstance(result, _RedisStub)
--- a/allianceauth/authentication/task_statistics/tests/test_signals.py
+++ b/allianceauth/authentication/task_statistics/tests/test_signals.py
@@ -0,0 +1,86 @@
+from unittest.mock import patch
+
+from celery.exceptions import Retry
+
+from django.test import TestCase, override_settings
+
+from allianceauth.authentication.task_statistics.counters import (
+    failed_tasks,
+    retried_tasks,
+    succeeded_tasks,
+)
+from allianceauth.authentication.task_statistics.signals import (
+    reset_counters,
+    is_enabled,
+)
+from allianceauth.eveonline.tasks import update_character
+
+
+@override_settings(
+    CELERY_ALWAYS_EAGER=True, ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False
+)
+class TestTaskSignals(TestCase):
+    fixtures = ["disable_analytics"]
+
+    def setUp(self) -> None:
+        succeeded_tasks.clear()
+        retried_tasks.clear()
+        failed_tasks.clear()
+
+    def test_should_record_successful_task(self):
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.return_value = None
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 1)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+
+    def test_should_record_retried_task(self):
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.side_effect = Retry
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 1)
+
+    def test_should_record_failed_task(self):
+        # when
+        with patch(
+            "allianceauth.eveonline.tasks.EveCharacter.objects.update_character"
+        ) as mock_update:
+            mock_update.side_effect = RuntimeError
+            update_character.delay(1)
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 1)
+
+    def test_should_reset_counters(self):
+        # given
+        succeeded_tasks.add()
+        retried_tasks.add()
+        failed_tasks.add()
+        # when
+        reset_counters()
+        # then
+        self.assertEqual(succeeded_tasks.count(), 0)
+        self.assertEqual(retried_tasks.count(), 0)
+        self.assertEqual(failed_tasks.count(), 0)
+
+
+class TestIsEnabled(TestCase):
+    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=False)
+    def test_enabled(self):
+        self.assertTrue(is_enabled())
+
+    @override_settings(ALLIANCEAUTH_DASHBOARD_TASK_STATISTICS_DISABLED=True)
+    def test_disabled(self):
+        self.assertFalse(is_enabled())
--- a/allianceauth/authentication/tasks.py
+++ b/allianceauth/authentication/tasks.py
@@ -22,13 +22,13 @@ def check_character_ownership(owner_hash):
                continue
            except (KeyError, IncompleteResponseError):
                # We can't validate the hash hasn't changed but also can't assume it has. Abort for now.
-                logger.warning("Failed to validate owner hash of {0} due to problems contacting SSO servers.".format(
+                logger.warning("Failed to validate owner hash of {} due to problems contacting SSO servers.".format(
                    tokens[0].character_name))
                break

            if not t.character_owner_hash == old_hash:
                logger.info(
-                    'Character %s has changed ownership. Revoking %s tokens.' % (t.character_name, tokens.count()))
+                    f'Character {t.character_name} has changed ownership. Revoking {tokens.count()} tokens.')
                tokens.delete()
            break

--- a/allianceauth/authentication/templates/authentication/dashboard.html
+++ b/allianceauth/authentication/templates/authentication/dashboard.html
@@ -1,11 +1,10 @@
 {% extends "allianceauth/base.html" %}
-{% load static %}
 {% load i18n %}

-{% block page_title %}{% trans "Dashboard" %}{% endblock %}
+{% block page_title %}{% translate "Dashboard" %}{% endblock %}

 {% block content %}
-    <h1 class="page-header text-center">{% trans "Dashboard" %}</h1>
+    <h1 class="page-header text-center">{% translate "Dashboard" %}</h1>
    {% if user.is_staff %}
        {% include 'allianceauth/admin-status/include.html' %}
    {% endif %}
@@ -15,9 +14,9 @@
                <div class="panel panel-primary" style="height:100%">
                    <div class="panel-heading">
                        <h3 class="panel-title">
-                            {% blocktrans with state=request.user.profile.state %}
+                            {% blocktranslate with state=request.user.profile.state %}
                                Main Character (State: {{ state }})
-                            {% endblocktrans %}
+                            {% endblocktranslate %}
                        </h3>
                    </div>
                    <div class="panel-body">
@@ -28,7 +27,7 @@
                                        <table class="table">
                                            <tr>
                                                <td class="text-center">
-                                                    <img class="ra-avatar"src="{{ main.portrait_url_128 }}">
+                                                    <img class="ra-avatar" src="{{ main.portrait_url_128 }}" alt="{{ main.character_name }}">
                                                </td>
                                            </tr>
                                            <tr>
@@ -40,7 +39,7 @@
                                        <table class="table">
                                            <tr>
                                                <td class="text-center">
-                                                    <img class="ra-avatar"src="{{ main.corporation_logo_url_128 }}">
+                                                    <img class="ra-avatar" src="{{ main.corporation_logo_url_128 }}" alt="{{ main.corporation_name }}">
                                                </td>
                                            </tr>
                                            <tr>
@@ -53,43 +52,68 @@
                                            <table class="table">
                                                <tr>
                                                    <td class="text-center">
-                                                        <img class="ra-avatar"src="{{ main.alliance_logo_url_128 }}">
+                                                        <img class="ra-avatar" src="{{ main.alliance_logo_url_128 }}" alt="{{ main.alliance_name }}">
                                                    </td>
                                                </tr>
                                                <tr>
                                                    <td class="text-center">{{ main.alliance_name }}</td>
                                                <tr>
                                            </table>
+                                        {% elif main.faction_id %}
+                                            <table class="table">
+                                                <tr>
+                                                    <td class="text-center">
+                                                        <img class="ra-avatar" src="{{ main.faction_logo_url_128 }}" alt="{{ main.faction_name }}">
+                                                    </td>
+                                                </tr>
+                                                <tr>
+                                                    <td class="text-center">{{ main.faction_name }}</td>
+                                                <tr>
+                                            </table>
                                        {% endif %}
                                    </div>
                                </div>
                                <div class="table visible-xs-block">
                                    <p>
-                                        <img class="ra-avatar" src="{{ main.portrait_url_64 }}">
-                                        <img class="ra-avatar" src="{{ main.corporation_logo_url_64 }}">
-                                        <img class="ra-avatar" src="{{ main.alliance_logo_url_64 }}">
+                                        <img class="ra-avatar" src="{{ main.portrait_url_64 }}" alt="{{ main.corporation_name }}">
+                                        <img class="ra-avatar" src="{{ main.corporation_logo_url_64 }}" alt="{{ main.corporation_name }}">
+                                        {% if main.alliance_id %}
+                                            <img class="ra-avatar" src="{{ main.alliance_logo_url_64 }}" alt="{{ main.alliance_name }}">
+                                        {% endif %}
+                                        {% if main.faction_id %}
+                                            <img class="ra-avatar" src="{{ main.faction_logo_url_64 }}" alt="{{ main.faction_name }}">
+                                        {% endif %}
                                    </p>
                                    <p>
                                        <strong>{{ main.character_name }}</strong><br>
                                        {{ main.corporation_name }}<br>
-                                        {{ main.alliance_name }}
+                                        {% if main.alliance_id %}
+                                            {{ main.alliance_name }}<br>
+                                        {% endif %}
+                                        {% if main.faction_id %}
+                                            {{ main.faction_name }}
+                                        {% endif %}
                                    </p>
                                </div>
                            {% endwith %}
                        {% else %}
                            <div class="alert alert-danger" role="alert">
-                                {% trans "No main character set." %}
+                                {% translate "No main character set." %}
                            </div>
                        {% endif %}
                        <div class="clearfix"></div>
                        <div class="row">
-                            <div class="col-sm-6 button-wrapper">
-                                <a href="{% url 'authentication:add_character' %}" class="btn btn-block btn-info"
-                                title="Add Character">{% trans 'Add Character' %}</a>
+                            <div class="col-sm-6">
+                                <p>
+                                    <a href="{% url 'authentication:add_character' %}" class="btn btn-block btn-info"
+                                    title="Add Character">{% translate 'Add Character' %}</a>
+                                </p>
                            </div>
-                            <div class="col-sm-6 button-wrapper">
-                                <a href="{% url 'authentication:change_main_character' %}" class="btn btn-block btn-info"
-                                title="Change Main Character">{% trans "Change Main" %}</a>
+                            <div class="col-sm-6">
+                                <p>
+                                    <a href="{% url 'authentication:change_main_character' %}" class="btn btn-block btn-info"
+                                    title="Change Main Character">{% translate "Change Main" %}</a>
+                                </p>
                            </div>
                        </div>
                    </div>
@@ -98,10 +122,10 @@
            <div class="col-sm-6 text-center">
                <div class="panel panel-success" style="height:100%">
                    <div class="panel-heading">
-                        <h3 class="panel-title">{% trans "Group Memberships" %}</h3>
+                        <h3 class="panel-title">{% translate "Group Memberships" %}</h3>
                    </div>
                    <div class="panel-body">
-                        <div style="height: 240px;overflow:-moz-scrollbars-vertical;overflow-y:auto;">
+                        <div style="height: 240px;overflow-y:auto;">
                            <table class="table table-aa">
                                {% for group in groups %}
                                    <tr>
@@ -118,7 +142,7 @@
        <div class="panel panel-default">
            <div class="panel-heading">
                <h3 class="panel-title text-center" style="text-align: center">
-                    {% trans 'Characters' %}
+                    {% translate 'Characters' %}
                </h3>
            </div>
            <div class="panel-body">
@@ -126,19 +150,20 @@
                    <thead>
                        <tr>
                            <th class="text-center"></th>
-                            <th class="text-center">{% trans 'Name' %}</th>
-                            <th class="text-center">{% trans 'Corp' %}</th>
-                            <th class="text-center">{% trans 'Alliance' %}</th>
+                            <th class="text-center">{% translate 'Name' %}</th>
+                            <th class="text-center">{% translate 'Corp' %}</th>
+                            <th class="text-center">{% translate 'Alliance' %}</th>
                        </tr>
                    </thead>
                    <tbody>
                        {% for char in characters %}
                            <tr>
-                                <td class="text-center"><img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}">
+                                <td class="text-center">
+                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
                                </td>
                                <td class="text-center">{{ char.character_name }}</td>
                                <td class="text-center">{{ char.corporation_name }}</td>
-                                <td class="text-center">{{ char.alliance_name }}</td>
+                                <td class="text-center">{{ char.alliance_name|default:"" }}</td>
                            </tr>
                        {% endfor %}
                    </tbody>
@@ -148,7 +173,7 @@
                        {% for char in characters %}
                            <tr>
                                <td class="text-center" style="vertical-align: middle">
-                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}">
+                                    <img class="ra-avatar img-circle" src="{{ char.portrait_url_32 }}" alt="{{ char.character_name }}">
                                </td>
                                <td class="text-center" style="vertical-align: middle; width: 100%">
                                    <strong>{{ char.character_name }}</strong><br>
--- a/allianceauth/authentication/templates/authentication/tokens.html
+++ b/allianceauth/authentication/templates/authentication/tokens.html
@@ -0,0 +1,62 @@
+{% extends "allianceauth/base.html" %}
+{% load i18n %}
+
+{% block page_title %}{% translate "Dashboard" %}{% endblock %}
+
+{% block content %}
+    <h1 class="page-header text-center">{% translate "Token Management" %}</h1>
+    <div class="col-sm-12">
+        <table class="table table-aa" id="table_tokens" style="width:100%">
+            <thead>
+                <tr>
+                    <th>{% translate "Scopes" %}</th>
+                    <th class="text-right">{% translate "Actions" %}</th>
+                    <th>{% translate "Character" %}</th>
+
+                </tr>
+            </thead>
+            <tbody>
+                {% for t in tokens %}
+                    <tr>
+                        <td styl="white-space:initial;">{% for s in t.scopes.all %}<span class="label label-default">{{s.name}}</span> {% endfor %}</td>
+                        <td nowrap class="text-right"><a href="{% url 'authentication:token_delete' t.id %}" class="btn btn-danger"><i class="fas fa-trash"></i></a> <a href="{% url 'authentication:token_refresh' t.id %}" class="btn btn-success"><i class="fas fa-sync-alt"></i></a></td>
+                        <td>{{t.character_name}}</td>
+                    </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+        {% translate "This page is a best attempt, but backups or database logs can still contain your tokens. Always revoke tokens on https://community.eveonline.com/support/third-party-applications/ where possible."|urlize %}
+    </div>
+{% endblock %}
+
+{% block extra_javascript %}
+    {% include 'bundles/datatables-js.html' %}
+{% endblock %}
+
+{% block extra_css %}
+    {% include 'bundles/datatables-css.html' %}
+{% endblock %}
+
+{% block extra_script %}
+    $(document).ready(function(){
+        let grp = 2;
+        var table = $('#table_tokens').DataTable({
+            "columnDefs": [{ orderable: false, targets: [0,1] },{ "visible": false, "targets": grp }],
+            "order": [[grp, 'asc']],
+            "drawCallback": function (settings) {
+                var api = this.api();
+                var rows = api.rows({ page: 'current' }).nodes();
+                var last = null;
+                api.column(grp, { page: 'current' })
+                    .data()
+                    .each(function (group, i) {
+                        if (last !== group) {
+                            $(rows).eq(i).before('<tr class="info"><td colspan="3">' + group + '</td></tr>');
+                            last = group;
+                        }
+                    });
+            },
+            "stateSave": true,
+        });
+    });
+{% endblock %}
--- a/allianceauth/authentication/templates/public/base.html
+++ b/allianceauth/authentication/templates/public/base.html
@@ -1,4 +1,5 @@
 {% load static %}
+<!DOCTYPE html>
 <html lang="en">
    <head>
        <meta charset="utf-8">
@@ -7,12 +8,12 @@
        <meta name="description" content="">
        <meta name="author" content="">
        <meta property="og:title" content="{{ SITE_NAME }}">
-        <meta property="og:image" content="{{ request.scheme }}://{{ request.get_host }}{% static 'icons/apple-touch-icon.png' %}">
+        <meta property="og:image" content="{{ SITE_URL }}{% static 'allianceauth/icons/apple-touch-icon.png' %}">
        <meta property="og:description" content="Alliance Auth - An auth system for EVE Online to help in-game organizations manage online service access.">

        {% include 'allianceauth/icons.html' %}

-        <title>{% block title %}{{ SITE_NAME }}{% endblock %}</title>
+        <title>{% block title %}{% block page_title %}{% endblock page_title %} - {{ SITE_NAME }}{% endblock title %}</title>

        {% include 'bundles/bootstrap-css.html' %}
        {% include 'bundles/fontawesome.html' %}
@@ -21,7 +22,7 @@

        <style>
            body {
-                background: url('{% static 'authentication/img/background.jpg' %}') no-repeat center center fixed;
+                background: url('{% static 'allianceauth/authentication/img/background.jpg' %}') no-repeat center center fixed;
                -webkit-background-size: cover;
                -moz-background-size: cover;
                -o-background-size: cover;
@@ -31,6 +32,7 @@
            .panel-transparent {
                background: rgba(48, 48, 48, 0.7);
                color: #ffffff;
+                padding-bottom: 21px;
            }

            .panel-body {
@@ -47,7 +49,7 @@
        </style>
    </head>
    <body>
-        <div class="container" style="margin-top:150px">
+        <div class="container" style="margin-top:150px;">
            {% block content %}
            {% endblock %}
        </div>
--- a/allianceauth/authentication/templates/public/lang_select.html
+++ b/allianceauth/authentication/templates/public/lang_select.html
@@ -5,8 +5,8 @@
        <select onchange="this.form.submit()" class="form-control" id="lang-select" name="language">
            {% get_language_info_list for LANGUAGES as languages %}
            {% for language in languages %}
-                <option value="{{ language.code }}"{% if language.code == LANGUAGE_CODE %} selected="selected"{% endif %}>
-                    {{ language.name_local }} ({{ language.code }})
+                <option lang="{{ language.code }}" value="{{ language.code }}"{% if language.code == LANGUAGE_CODE %} selected="selected"{% endif %}>
+                    {{ language.name_local|capfirst }} ({{ language.code }})
                </option>
            {% endfor %}
        </select>
--- a/allianceauth/authentication/templates/public/login.html
+++ b/allianceauth/authentication/templates/public/login.html
@@ -1,8 +1,12 @@
 {% extends 'public/middle_box.html' %}
+
+{% load i18n %}
 {% load static %}
-{% block page_title %}Login{% endblock %}
+
+{% block page_title %}{% translate "Login" %}{% endblock %}
+
 {% block middle_box_content %}
-    <a href="{% url 'auth_sso_login' %}{% if request.GET.next %}?next={{request.GET.next}}{%endif%}">
-        <img class="img-responsive center-block" src="{% static 'img/sso/EVE_SSO_Login_Buttons_Large_Black.png' %}" border=0>
+    <a href="{% url 'auth_sso_login' %}{% if request.GET.next %}?next={{request.GET.next | urlencode}}{%endif%}">
+        <img class="img-responsive center-block" src="{% static 'allianceauth/authentication/img/sso/EVE_SSO_Login_Buttons_Large_Black.png' %}" alt="{% translate 'Login with Eve SSO' %}">
    </a>
 {% endblock %}
--- a/allianceauth/authentication/templates/public/middle_box.html
+++ b/allianceauth/authentication/templates/public/middle_box.html
@@ -1,6 +1,7 @@
 {% extends 'public/base.html' %}
-{% load static %}
-{% block title %}Login{% endblock %}
+
+{% load i18n %}
+
 {% block content %}
    <div class="col-md-4 col-md-offset-4">
        {% if messages %}
@@ -8,6 +9,7 @@
                <div class="alert alert-{{ message.level_tag}}">{{ message }}</div>
            {% endfor %}
        {% endif %}
+
        <div class="panel panel-default panel-transparent">
            <div class="panel-body">
                <div class="col-md-12">
@@ -15,10 +17,25 @@
                    {% endblock %}
                </div>
            </div>
+
            {% include 'public/lang_select.html' %}
+
+            <p class="text-center" style="margin-top: 2rem;">
+                {% translate "For information on SSO, ESI and security read the CCP Dev Blog" %}<br>
+                <a href="https://www.eveonline.com/article/introducing-esi" target="_blank" rel="noopener noreferrer">
+                    {% translate "Introducing ESI - A New API For Eve Online" %}
+                </a>
+            </p>
+
+            <p class="text-center">
+                <a href="https://community.eveonline.com/support/third-party-applications/" target="_blank" rel="noopener noreferrer">
+                    {% translate "Manage ESI Applications" %}
+                </a>
+            </p>
        </div>
    </div>
 {% endblock %}
+
 {% block extra_include %}
    {% include 'bundles/bootstrap-js.html' %}
 {% endblock %}
--- a/allianceauth/authentication/templates/public/register.html
+++ b/allianceauth/authentication/templates/public/register.html
@@ -1,13 +1,16 @@
 {% extends 'public/base.html' %}
-{% load static %}
+
 {% load bootstrap %}
 {% load i18n %}
-{% block page_title %}Registration{% endblock %}
+
+{% block page_title %}{% translate "Registration" %}{% endblock %}
+
 {% block extra_include %}
    {% include 'bundles/bootstrap-css.html' %}
    {% include 'bundles/fontawesome.html' %}
    {% include 'bundles/bootstrap-js.html' %}
 {% endblock %}
+
 {% block content %}
    <div class="col-md-4 col-md-offset-4">
        <div class="panel panel-default panel-transparent">
@@ -15,7 +18,7 @@
                <form method="POST">
                    {% csrf_token %}
                    {{ form|bootstrap }}
-                    <button class="btn btn-lg btn-primary btn-block" type="submit">{% trans "Register" %}</button>
+                    <button class="btn btn-lg btn-primary btn-block" type="submit">{% translate "Register" %}</button>
                </form>
            </div>
        </div>
--- a/allianceauth/authentication/templates/registration/activate.html
+++ b/allianceauth/authentication/templates/registration/activate.html
@@ -1,5 +1,5 @@
 {% extends 'public/middle_box.html' %}
 {% load i18n %}
 {% block middle_box_content %}
-    <div class="alert alert-danger">{% trans 'Invalid or expired activation link.' %}</div>
+    <div class="alert alert-danger">{% translate 'Invalid or expired activation link.' %}</div>
 {% endblock %}
--- a/allianceauth/authentication/templates/registration/activation_email.txt
+++ b/allianceauth/authentication/templates/registration/activation_email.txt
@@ -2,10 +2,6 @@ You're receiving this email because someone has entered this email address while

 If this was you, please click on the link below to confirm your email address:

-<a href="{{ scheme }}://{{ url }}">Confirm email address</a>
-
-Link not working? Try copy/pasting this URL into your browser:
-
 {{ scheme }}://{{ url }}

 This link will expire in {{ expiration_days }} day(s).
--- a/allianceauth/authentication/templates/registration/activation_email_html.txt
+++ b/allianceauth/authentication/templates/registration/activation_email_html.txt
@@ -0,0 +1,19 @@
+<p>
+    You're receiving this email because someone has entered this email address while registering for an account on {{ site.domain }}
+</p>
+
+<p>
+    If this was you, please click on the link below to confirm your email address:
+<p>
+
+<p>
+    <a href="{{ scheme }}://{{ url }}">Confirm email address</a>
+</p>
+
+<p>
+    This link will expire in {{ expiration_days }} day(s).
+</p>
+
+<p>
+    If this was not you, it is safe to ignore this email.
+</p>
--- a/allianceauth/authentication/templates/registration/password_reset_email.html
+++ b/allianceauth/authentication/templates/registration/password_reset_email.html
@@ -1,15 +0,0 @@
-{% load i18n %}{% autoescape off %}
-    {% blocktrans trimmed %}You're receiving this email because you requested a password reset for your
-        user account.{% endblocktrans %}
-
-    {% trans "Please go to the following page and choose a new password:" %}
-    {% block reset_link %}
-        {{domain}}{% url 'password_reset_confirm' uidb64=uid token=token %}
-    {% endblock %}
-    {% trans "Your username, in case you've forgotten:" %} {{ user.get_username }}
-
-    {% trans "Thanks for using our site!" %}
-
-    {% blocktrans %}Your IT Team{% endblocktrans %}
-
-{% endautoescape %}
--- a/allianceauth/authentication/templates/registration/registration_form.html
+++ b/allianceauth/authentication/templates/registration/registration_form.html
@@ -1,14 +0,0 @@
-{% extends 'public/middle_box.html' %}
-{% load bootstrap %}
-{% load i18n %}
-{% load static %}
-{% block page_title %}Register{% endblock %}
-{% block middle_box_content %}
-    <form class="form-signin" role="form" action="" method="POST">
-        {% csrf_token %}
-        {{ form|bootstrap }}
-        <br/>
-        <button class="btn btn-lg btn-primary btn-block" type="submit">{% trans "Submit" %}</button>
-        <br/>
-    </form>
-{% endblock %}
--- a/allianceauth/authentication/tests/init.py
+++ b/allianceauth/authentication/tests/init.py
@@ -1,4 +1,17 @@
+from django.db.models.signals import (
+    m2m_changed,
+    post_save,
+    pre_delete,
+    pre_save
+)
 from django.urls import reverse
+from unittest import mock
+
+MODULE_PATH = 'allianceauth.authentication'
+
+
+def patch(target, *args, **kwargs):
+    return mock.patch(f'{MODULE_PATH}{target}', *args, **kwargs)


 def get_admin_change_view_url(obj: object) -> str:
--- a/allianceauth/authentication/tests/core/init.py
+++ b/allianceauth/authentication/tests/core/init.py
--- a/allianceauth/authentication/tests/core/test_celery_workers.py
+++ b/allianceauth/authentication/tests/core/test_celery_workers.py
@@ -0,0 +1,85 @@
+from unittest.mock import patch
+
+from amqp.exceptions import ChannelError
+
+from django.test import TestCase
+
+from allianceauth.authentication.core.celery_workers import (
+    active_tasks_count, queued_tasks_count,
+)
+
+MODULE_PATH = "allianceauth.authentication.core.celery_workers"
+
+
+@patch(MODULE_PATH + ".current_app")
+class TestActiveTasksCount(TestCase):
+    def test_should_return_correct_count_when_no_active_tasks(self, mock_current_app):
+        # given
+        mock_current_app.control.inspect.return_value.active.return_value = {
+            "queue": []
+        }
+        # when
+        result = active_tasks_count()
+        # then
+        self.assertEqual(result, 0)
+
+    def test_should_return_correct_task_count_for_active_tasks(self, mock_current_app):
+        # given
+        mock_current_app.control.inspect.return_value.active.return_value = {
+            "queue": [1, 2, 3]
+        }
+        # when
+        result = active_tasks_count()
+        # then
+        self.assertEqual(result, 3)
+
+    def test_should_return_correct_task_count_for_multiple_queues(
+        self, mock_current_app
+    ):
+        # given
+        mock_current_app.control.inspect.return_value.active.return_value = {
+            "queue_1": [1, 2],
+            "queue_2": [3, 4],
+        }
+        # when
+        result = active_tasks_count()
+        # then
+        self.assertEqual(result, 4)
+
+    def test_should_return_none_when_celery_not_available(self, mock_current_app):
+        # given
+        mock_current_app.control.inspect.return_value.active.return_value = None
+        # when
+        result = active_tasks_count()
+        # then
+        self.assertIsNone(result)
+
+
+@patch(MODULE_PATH + ".current_app")
+class TestQueuedTasksCount(TestCase):
+    def test_should_return_queue_length_when_queue_exists(self, mock_current_app):
+        # given
+        mock_conn = (
+            mock_current_app.connection_or_acquire.return_value.__enter__.return_value
+        )
+        mock_conn.default_channel.queue_declare.return_value.message_count = 7
+        # when
+        result = queued_tasks_count()
+        # then
+        self.assertEqual(result, 7)
+
+    def test_should_return_0_when_queue_does_not_exists(self, mock_current_app):
+        # given
+        mock_current_app.connection_or_acquire.side_effect = ChannelError
+        # when
+        result = queued_tasks_count()
+        # then
+        self.assertEqual(result, 0)
+
+    def test_should_return_None_on_other_errors(self, mock_current_app):
+        # given
+        mock_current_app.connection_or_acquire.side_effect = RuntimeError
+        # when
+        result = queued_tasks_count()
+        # then
+        self.assertIsNone(result)
--- a/allianceauth/authentication/tests/test_admin.py
+++ b/allianceauth/authentication/tests/test_admin.py
@@ -1,6 +1,9 @@
+from bs4 import BeautifulSoup
 from urllib.parse import quote
 from unittest.mock import patch, MagicMock

+from django_webtest import WebTest
+
 from django.contrib.admin.sites import AdminSite
 from django.contrib.auth.models import Group
 from django.test import TestCase, RequestFactory, Client
@@ -9,7 +12,7 @@ from allianceauth.authentication.models import (
    CharacterOwnership, State, OwnershipRecord
 )
 from allianceauth.eveonline.models import (
-    EveCharacter, EveCorporationInfo, EveAllianceInfo
+    EveCharacter, EveCorporationInfo, EveAllianceInfo, EveFactionInfo
 )
 from allianceauth.services.hooks import ServicesHook
 from allianceauth.tests.auth_utils import AuthUtils
@@ -20,6 +23,7 @@ from ..admin import (
    StateAdmin,
    MainCorporationsFilter,
    MainAllianceFilter,
+    MainFactionFilter,
    OwnershipRecordAdmin,
    User,
    UserAdmin,
@@ -36,7 +40,7 @@ from . import get_admin_change_view_url, get_admin_search_url
 MODULE_PATH = 'allianceauth.authentication.admin'


-class MockRequest(object):
+class MockRequest:
    def __init__(self, user=None):
        self.user = user

@@ -180,6 +184,31 @@ class TestCaseWithTestData(TestCase):
        cls.user_3.is_superuser = True
        cls.user_3.save()

+        # user 4 - corp and faction, no alliance
+        cls.character_4 = EveCharacter.objects.create(
+            character_id=4321,
+            character_name='Professor X',
+            corporation_id=5432,
+            corporation_name="Xavier's School for Gifted Youngsters",
+            corporation_ticker='MUTNT',
+            alliance_id=None,
+            faction_id=999,
+            faction_name='The X-Men',
+        )
+        cls.user_4 = User.objects.create_user(
+            cls.character_4.character_name.replace(' ', '_'),
+            'abc@example.com',
+            'password'
+        )
+        CharacterOwnership.objects.create(
+            character=cls.character_4,
+            owner_hash='x1' + cls.character_4.character_name,
+            user=cls.user_4
+        )
+        cls.user_4.profile.main_character = cls.character_4
+        cls.user_4.profile.save()
+        EveFactionInfo.objects.create(faction_id=999, faction_name='The X-Men')
+

 def make_generic_search_request(ModelClass: type, search_term: str):
    User.objects.create_superuser(
@@ -188,11 +217,12 @@ def make_generic_search_request(ModelClass: type, search_term: str):
    c = Client()
    c.login(username='superuser', password='secret')
    return c.get(
-        '%s?q=%s' % (get_admin_search_url(ModelClass), quote(search_term))
+        f'{get_admin_search_url(ModelClass)}?q={quote(search_term)}'
    )


 class TestCharacterOwnershipAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]

    def setUp(self):
        self.modeladmin = CharacterOwnershipAdmin(
@@ -219,6 +249,7 @@ class TestCharacterOwnershipAdmin(TestCaseWithTestData):


 class TestOwnershipRecordAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]

    def setUp(self):
        self.modeladmin = OwnershipRecordAdmin(
@@ -245,11 +276,12 @@ class TestOwnershipRecordAdmin(TestCaseWithTestData):


 class TestStateAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]

-    def setUp(self):
-        self.modeladmin = StateAdmin(
-            model=User, admin_site=AdminSite()
-        )
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.modeladmin = StateAdmin(model=User, admin_site=AdminSite())

    def test_change_view_loads_normally(self):
        User.objects.create_superuser(
@@ -274,6 +306,7 @@ class TestStateAdmin(TestCaseWithTestData):


 class TestUserAdmin(TestCaseWithTestData):
+    fixtures = ["disable_analytics"]

    def setUp(self):
        self.factory = RequestFactory()
@@ -315,9 +348,13 @@ class TestUserAdmin(TestCaseWithTestData):
        self.assertEqual(user_main_organization(self.user_2), expected)

    def test_user_main_organization_u3(self):
-        expected = None
+        expected = ''
        self.assertEqual(user_main_organization(self.user_3), expected)

+    def test_user_main_organization_u4(self):
+        expected = "Xavier's School for Gifted Youngsters<br>The X-Men"
+        self.assertEqual(user_main_organization(self.user_4), expected)
+
    def test_characters_u1(self):
        expected = 'Batman, Bruce Wayne'
        result = self.modeladmin._characters(self.user_1)
@@ -390,7 +427,7 @@ class TestUserAdmin(TestCaseWithTestData):

    # actions

-    @patch(MODULE_PATH + '.UserAdmin.message_user', auto_spec=True)
+    @patch(MODULE_PATH + '.UserAdmin.message_user', auto_spec=True, unsafe=True)
    @patch(MODULE_PATH + '.update_character')
    def test_action_update_main_character_model(
        self, mock_task, mock_message_user
@@ -420,6 +457,7 @@ class TestUserAdmin(TestCaseWithTestData):
        expected = [
            (2002, 'Daily Planet'),
            (2001, 'Wayne Technologies'),
+            (5432, "Xavier's School for Gifted Youngsters"),
        ]
        self.assertEqual(filterspec.lookup_choices, expected)

@@ -463,6 +501,34 @@ class TestUserAdmin(TestCaseWithTestData):
        expected = [self.user_1]
        self.assertSetEqual(set(queryset), set(expected))

+    def test_filter_main_factions(self):
+        class UserAdminTest(BaseUserAdmin):
+            list_filter = (MainFactionFilter,)
+
+        my_modeladmin = UserAdminTest(User, AdminSite())
+
+        # Make sure the lookups are correct
+        request = self.factory.get('/')
+        request.user = self.user_4
+        changelist = my_modeladmin.get_changelist_instance(request)
+        filters = changelist.get_filters(request)
+        filterspec = filters[0][0]
+        expected = [
+            (999, 'The X-Men'),
+        ]
+        self.assertEqual(filterspec.lookup_choices, expected)
+
+        # Make sure the correct queryset is returned
+        request = self.factory.get(
+            '/',
+            {'main_faction_id__exact': self.character_4.faction_id}
+        )
+        request.user = self.user_4
+        changelist = my_modeladmin.get_changelist_instance(request)
+        queryset = changelist.get_queryset(request)
+        expected = [self.user_4]
+        self.assertSetEqual(set(queryset), set(expected))
+
    def test_change_view_loads_normally(self):
        User.objects.create_superuser(
            username='superuser', password='secret', email='admin@example.com'
@@ -479,6 +545,229 @@ class TestUserAdmin(TestCaseWithTestData):
        self.assertEqual(response.status_code, expected)


+class TestStateAdminChangeFormSuperuserExclusiveEdits(WebTest):
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.super_admin = User.objects.create_superuser("super_admin")
+        cls.staff_admin = User.objects.create_user("staff_admin")
+        cls.staff_admin.is_staff = True
+        cls.staff_admin.save()
+        cls.staff_admin = AuthUtils.add_permissions_to_user_by_name(
+            [
+                "authentication.add_state",
+                "authentication.change_state",
+                "authentication.view_state",
+            ],
+            cls.staff_admin
+        )
+        cls.superuser_exclusive_fields = ["permissions",]
+
+    def test_should_show_all_fields_to_superuser_for_add(self):
+        # given
+        self.app.set_user(self.super_admin)
+        page = self.app.get("/admin/authentication/state/add/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admins_for_add(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        page = self.app.get("/admin/authentication/state/add/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+    def test_should_show_all_fields_to_superuser_for_change(self):
+        # given
+        self.app.set_user(self.super_admin)
+        state = AuthUtils.get_member_state()
+        page = self.app.get(f"/admin/authentication/state/{state.pk}/change/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admin_for_change(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        state = AuthUtils.get_member_state()
+        page = self.app.get(f"/admin/authentication/state/{state.pk}/change/")
+        # when
+        form = page.forms["state_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+
+class TestUserAdminChangeForm(TestCase):
+    fixtures = ["disable_analytics"]
+
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.modeladmin = UserAdmin(model=User, admin_site=AdminSite())
+
+    def test_should_show_groups_available_to_user_with_blue_state_only(self):
+        # given
+        superuser = User.objects.create_superuser("Super")
+        user = AuthUtils.create_user("bruce_wayne")
+        character = AuthUtils.add_main_character_2(
+            user,
+            name="Bruce Wayne",
+            character_id=1001,
+            corp_id=2001,
+            corp_name="Wayne Technologies"
+        )
+        blue_state = State.objects.get(name="Blue")
+        blue_state.member_characters.add(character)
+        member_state = AuthUtils.get_member_state()
+        group_1 = Group.objects.create(name="Group 1")
+        group_2 = Group.objects.create(name="Group 2")
+        group_2.authgroup.states.add(blue_state)
+        group_3 = Group.objects.create(name="Group 3")
+        group_3.authgroup.states.add(member_state)
+        self.client.force_login(superuser)
+        # when
+        response = self.client.get(f"/admin/authentication/user/{user.pk}/change/")
+        # then
+        self.assertEqual(response.status_code, 200)
+        soup = BeautifulSoup(response.rendered_content, features="html.parser")
+        groups_select = soup.find("select", {"id": "id_groups"}).find_all('option')
+        group_ids = {int(option["value"]) for option in groups_select}
+        self.assertSetEqual(group_ids, {group_1.pk, group_2.pk})
+
+
+class TestUserAdminChangeFormSuperuserExclusiveEdits(WebTest):
+    fixtures = ["disable_analytics"]
+
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.super_admin = User.objects.create_superuser("super_admin")
+        cls.staff_admin = User.objects.create_user("staff_admin")
+        cls.staff_admin.is_staff = True
+        cls.staff_admin.save()
+        cls.staff_admin = AuthUtils.add_permissions_to_user_by_name(
+            [
+                "auth.change_user",
+                "auth.view_user",
+                "authentication.change_user",
+                "authentication.change_userprofile",
+                "authentication.view_user"
+            ],
+            cls.staff_admin
+        )
+        cls.superuser_exclusive_fields = [
+            "is_staff", "is_superuser", "user_permissions"
+        ]
+
+    def setUp(self) -> None:
+        self.user = AuthUtils.create_user("bruce_wayne")
+
+    def test_should_show_all_fields_to_superuser_for_change(self):
+        # given
+        self.app.set_user(self.super_admin)
+
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        # when
+        form = page.forms["user_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertIn(field, form.fields)
+
+    def test_should_not_show_all_fields_to_staff_admin_for_change(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        # when
+        form = page.forms["user_form"]
+        # then
+        for field in self.superuser_exclusive_fields:
+            with self.subTest(field=field):
+                self.assertNotIn(field, form.fields)
+
+    def test_should_allow_super_admin_to_add_restricted_group_to_user(self):
+        # given
+        self.app.set_user(self.super_admin)
+        group_restricted = Group.objects.create(name="restricted group")
+        group_restricted.authgroup.restricted = True
+        group_restricted.authgroup.save()
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=["restricted group"])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.user.refresh_from_db()
+        self.assertIn(
+            "restricted group", self.user.groups.values_list("name", flat=True)
+        )
+
+    def test_should_not_allow_staff_admin_to_add_restricted_group_to_user(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        group_restricted = Group.objects.create(name="restricted group")
+        group_restricted.authgroup.restricted = True
+        group_restricted.authgroup.save()
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=["restricted group"])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertIn(
+            "You are not allowed to add or remove these restricted groups",
+            response.text
+        )
+
+    def test_should_not_allow_staff_admin_to_remove_restricted_group_from_user(self):
+        # given
+        self.app.set_user(self.staff_admin)
+        group_restricted = Group.objects.create(name="restricted group")
+        group_restricted.authgroup.restricted = True
+        group_restricted.authgroup.save()
+        self.user.groups.add(group_restricted)
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=[])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertIn(
+            "You are not allowed to add or remove these restricted groups",
+            response.text
+        )
+
+    def test_should_allow_staff_admin_to_add_normal_group_to_user(self):
+        # given
+        self.app.set_user(self.super_admin)
+        Group.objects.create(name="normal group")
+        page = self.app.get(f"/admin/authentication/user/{self.user.pk}/change/")
+        form = page.forms["user_form"]
+        # when
+        form["groups"].select_multiple(texts=["normal group"])
+        response = form.submit("save")
+        # then
+        self.assertEqual(response.status_code, 302)
+        self.user.refresh_from_db()
+        self.assertIn("normal group", self.user.groups.values_list("name", flat=True))
+
+
 class TestMakeServicesHooksActions(TestCaseWithTestData):

    class MyServicesHookTypeA(ServicesHook):
--- a/allianceauth/authentication/tests/test_backend.py
+++ b/allianceauth/authentication/tests/test_backend.py
@@ -114,12 +114,19 @@ class TestAuthenticate(TestCase):
    def test_authenticate_main_character(self):
        t = Token(character_id=self.main_character.character_id, character_owner_hash='1')
        user = StateBackend().authenticate(token=t)
-        self.assertEquals(user, self.user)
+        self.assertEqual(user, self.user)

+    """ Alt Login disabled
    def test_authenticate_alt_character(self):
        t = Token(character_id=self.alt_character.character_id, character_owner_hash='2')
        user = StateBackend().authenticate(token=t)
-        self.assertEquals(user, self.user)
+        self.assertEqual(user, self.user)
+    """
+
+    def test_authenticate_alt_character_fail(self):
+        t = Token(character_id=self.alt_character.character_id, character_owner_hash='2')
+        user = StateBackend().authenticate(token=t)
+        self.assertEqual(user, None)

    def test_authenticate_unclaimed_character(self):
        t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='3')
@@ -128,6 +135,7 @@ class TestAuthenticate(TestCase):
        self.assertEqual(user.username, 'Unclaimed_Character')
        self.assertEqual(user.profile.main_character, self.unclaimed_character)

+    """ Alt Login disabled
    def test_authenticate_character_record(self):
        t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='4')
        OwnershipRecord.objects.create(user=self.old_user, character=self.unclaimed_character, owner_hash='4')
@@ -135,6 +143,15 @@ class TestAuthenticate(TestCase):
        self.assertEqual(user, self.old_user)
        self.assertTrue(CharacterOwnership.objects.filter(owner_hash='4', user=self.old_user).exists())
        self.assertTrue(user.profile.main_character)
+    """
+
+    def test_authenticate_character_record_fails(self):
+        t = Token(character_id=self.unclaimed_character.character_id, character_name=self.unclaimed_character.character_name, character_owner_hash='4')
+        OwnershipRecord.objects.create(user=self.old_user, character=self.unclaimed_character, owner_hash='4')
+        user = StateBackend().authenticate(token=t)
+        self.assertEqual(user, self.old_user)
+        self.assertTrue(CharacterOwnership.objects.filter(owner_hash='4', user=self.old_user).exists())
+        self.assertTrue(user.profile.main_character)

    def test_iterate_username(self):
        t = Token(character_id=self.unclaimed_character.character_id,
--- a/allianceauth/authentication/tests/test_decorators.py
+++ b/allianceauth/authentication/tests/test_decorators.py
@@ -4,16 +4,16 @@ from urllib import parse
 from django.conf import settings
 from django.contrib.auth.models import AnonymousUser
 from django.http.response import HttpResponse
-from django.shortcuts import reverse
 from django.test import TestCase
 from django.test.client import RequestFactory
+from django.urls import reverse, URLPattern

 from allianceauth.eveonline.models import EveCharacter
 from allianceauth.tests.auth_utils import AuthUtils

-from ..decorators import main_character_required
-from ..models import CharacterOwnership

+from ..decorators import decorate_url_patterns, main_character_required
+from ..models import CharacterOwnership

 MODULE_PATH = 'allianceauth.authentication'

@@ -66,3 +66,33 @@ class DecoratorTestCase(TestCase):
        setattr(self.request, 'user', self.main_user)
        response = self.dummy_view(self.request)
        self.assertEqual(response.status_code, 200)
+
+
+class TestDecorateUrlPatterns(TestCase):
+    def test_should_add_decorator_by_default(self):
+        # given
+        decorator = mock.MagicMock(name="decorator")
+        view = mock.MagicMock(name="view")
+        path = mock.MagicMock(spec=URLPattern, name="path")
+        path.callback = view
+        path.lookup_str = "my_lookup_str"
+        urls = [path]
+        urlconf_module = urls
+        # when
+        decorate_url_patterns(urlconf_module, decorator)
+        # then
+        self.assertEqual(path.callback, decorator(view))
+
+    def test_should_not_add_decorator_when_excluded(self):
+        # given
+        decorator = mock.MagicMock(name="decorator")
+        view = mock.MagicMock(name="view")
+        path = mock.MagicMock(spec=URLPattern, name="path")
+        path.callback = view
+        path.lookup_str = "my_lookup_str"
+        urls = [path]
+        urlconf_module = urls
+        # when
+        decorate_url_patterns(urlconf_module, decorator, excluded_views=["my_lookup_str"])
+        # then
+        self.assertEqual(path.callback, view)
--- a/allianceauth/authentication/tests/test_middleware.py
+++ b/allianceauth/authentication/tests/test_middleware.py
@@ -0,0 +1,175 @@
+from unittest import mock
+from allianceauth.authentication.middleware import UserSettingsMiddleware
+from unittest.mock import Mock
+from django.http import HttpResponse
+
+from django.test.testcases import TestCase
+
+
+class TestUserSettingsMiddlewareSaveLang(TestCase):
+
+    def setUp(self):
+        self.middleware = UserSettingsMiddleware(HttpResponse)
+        self.request = Mock()
+        self.request.headers = {
+                "User-Agent": "AUTOMATED TEST"
+            }
+        self.request.path = '/i18n/setlang/'
+        self.request.POST = {
+            'language': 'fr'
+        }
+        self.request.user.profile.language = 'de'
+        self.request.user.is_anonymous = False
+        self.response = Mock()
+        self.response.content = 'hello world'
+
+    def test_middleware_passthrough(self):
+        """
+        Simply tests the middleware runs cleanly
+        """
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.response, response)
+
+    def test_middleware_save_language_false_anonymous(self):
+        """
+        Ensures the middleware wont change the usersettings
+        of a non-existent (anonymous) user
+        """
+        self.request.user.is_anonymous = True
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.user.profile.language, 'de')
+        self.assertFalse(self.request.user.profile.save.called)
+        self.assertEqual(self.request.user.profile.save.call_count, 0)
+
+    def test_middleware_save_language_new(self):
+        """
+        does the middleware change a language not set in the DB
+        """
+        self.request.user.profile.language = None
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.user.profile.language, 'fr')
+        self.assertTrue(self.request.user.profile.save.called)
+        self.assertEqual(self.request.user.profile.save.call_count, 1)
+
+    def test_middleware_save_language_changed(self):
+        """
+        Tests the middleware will change a language setting
+        """
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.user.profile.language, 'fr')
+        self.assertTrue(self.request.user.profile.save.called)
+        self.assertEqual(self.request.user.profile.save.call_count, 1)
+
+
+class TestUserSettingsMiddlewareLoginFlow(TestCase):
+
+    def setUp(self):
+        self.middleware = UserSettingsMiddleware(HttpResponse)
+        self.request = Mock()
+        self.request.headers = {
+                "User-Agent": "AUTOMATED TEST"
+            }
+        self.request.path = '/sso/login'
+        self.request.session = {
+            'NIGHT_MODE': False
+        }
+        self.request.LANGUAGE_CODE = 'en'
+        self.request.user.profile.language = 'de'
+        self.request.user.profile.night_mode = True
+        self.request.user.is_anonymous = False
+        self.response = Mock()
+        self.response.content = 'hello world'
+
+    def test_middleware_passthrough(self):
+        """
+        Simply tests the middleware runs cleanly
+        """
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.response, middleware_response)
+
+    def test_middleware_sets_language_cookie_true_no_cookie(self):
+        """
+        tests the middleware will set a cookie, while none is set
+        """
+        self.request.LANGUAGE_CODE = None
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertTrue(middleware_response.set_cookie.called)
+        self.assertEqual(middleware_response.set_cookie.call_count, 1)
+        args, kwargs = middleware_response.set_cookie.call_args
+        self.assertEqual(kwargs['value'], 'de')
+
+    def test_middleware_sets_language_cookie_true_wrong_cookie(self):
+        """
+        tests the middleware will set a cookie, while a different value is set
+        """
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertTrue(middleware_response.set_cookie.called)
+        self.assertEqual(middleware_response.set_cookie.call_count, 1)
+        args, kwargs = middleware_response.set_cookie.call_args
+        self.assertEqual(kwargs['value'], 'de')
+
+    def test_middleware_sets_language_cookie_false_anonymous(self):
+        """
+        ensures the middleware wont set a value for a non existent user (anonymous)
+        """
+        self.request.user.is_anonymous = True
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertFalse = middleware_response.set_cookie.called
+        self.assertEqual(middleware_response.set_cookie.call_count, 0)
+
+    def test_middleware_sets_language_cookie_false_already_set(self):
+        """
+        tests the middleware skips setting the cookie, if its already set correctly
+        """
+        self.request.user.profile.language = 'en'
+        middleware_response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertFalse = middleware_response.set_cookie.called
+        self.assertEqual(middleware_response.set_cookie.call_count, 0)
+
+    def test_middleware_sets_night_mode_not_set(self):
+        """
+        tests the middleware will set night_mode if not set
+        """
+        self.request.session = {}
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.session["NIGHT_MODE"], True)
+
+    def test_middleware_sets_night_mode_set(self):
+        """
+        tests the middleware will set night_mode if set.
+        """
+        response = self.middleware.process_response(
+            self.request,
+            self.response
+            )
+        self.assertEqual(self.request.session["NIGHT_MODE"], True)
--- a/allianceauth/authentication/tests/test_models.py
+++ b/allianceauth/authentication/tests/test_models.py
@@ -4,7 +4,7 @@ from django.contrib.auth.models import User
 from django.test import TestCase

 from allianceauth.eveonline.models import EveCharacter, EveCorporationInfo,\
-    EveAllianceInfo
+    EveAllianceInfo, EveFactionInfo
 from allianceauth.tests.auth_utils import AuthUtils
 from esi.errors import IncompleteResponseError
 from esi.models import Token
@@ -36,8 +36,8 @@ class CharacterOwnershipTestCase(TestCase):
            character_owner_hash='1',
        )
        co = CharacterOwnership.objects.get(character=self.character)
-        self.assertEquals(co.user, self.user)
-        self.assertEquals(co.owner_hash, '1')
+        self.assertEqual(co.user, self.user)
+        self.assertEqual(co.owner_hash, '1')

    def test_transfer_ownership(self):
        Token.objects.create(
@@ -54,7 +54,7 @@ class CharacterOwnershipTestCase(TestCase):
        )
        co = CharacterOwnership.objects.get(character=self.character)
        self.assertNotEqual(self.user, co.user)
-        self.assertEquals(self.alt_user, co.user)
+        self.assertEqual(self.alt_user, co.user)

    def test_clear_main_character(self):
        Token.objects.create(
@@ -80,13 +80,15 @@ class StateTestCase(TestCase):
    def setUpTestData(cls):
        cls.user = AuthUtils.create_user('test_user', disconnect_signals=True)
        AuthUtils.add_main_character(cls.user, 'Test Character', '1', corp_id='1', alliance_id='1',
-                                    corp_name='Test Corp', alliance_name='Test Alliance')
+                                    corp_name='Test Corp', alliance_name='Test Alliance', faction_id=1337,
+                                    faction_name='Permabanned')
        cls.guest_state = get_guest_state()
        cls.test_character = EveCharacter.objects.get(character_id='1')
        cls.test_corporation = EveCorporationInfo.objects.create(corporation_id='1', corporation_name='Test Corp',
                                                                corporation_ticker='TEST', member_count=1)
        cls.test_alliance = EveAllianceInfo.objects.create(alliance_id='1', alliance_name='Test Alliance',
                                                            alliance_ticker='TEST', executor_corp_id='1')
+        cls.test_faction = EveFactionInfo.objects.create(faction_id=1337, faction_name='Permabanned')
        cls.member_state = State.objects.create(
            name='Test Member',
            priority=150,
@@ -98,29 +100,38 @@ class StateTestCase(TestCase):
    def test_state_assignment_on_character_change(self):
        self.member_state.member_characters.add(self.test_character)
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.member_state)
+        self.assertEqual(self.user.profile.state, self.member_state)

        self.member_state.member_characters.remove(self.test_character)
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.guest_state)
+        self.assertEqual(self.user.profile.state, self.guest_state)

    def test_state_assignment_on_corporation_change(self):
        self.member_state.member_corporations.add(self.test_corporation)
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.member_state)
+        self.assertEqual(self.user.profile.state, self.member_state)

        self.member_state.member_corporations.remove(self.test_corporation)
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.guest_state)
+        self.assertEqual(self.user.profile.state, self.guest_state)

    def test_state_assignment_on_alliance_addition(self):
        self.member_state.member_alliances.add(self.test_alliance)
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.member_state)
+        self.assertEqual(self.user.profile.state, self.member_state)

        self.member_state.member_alliances.remove(self.test_alliance)
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.guest_state)
+        self.assertEqual(self.user.profile.state, self.guest_state)
+
+    def test_state_assignment_on_faction_change(self):
+        self.member_state.member_factions.add(self.test_faction)
+        self._refresh_user()
+        self.assertEqual(self.user.profile.state, self.member_state)
+
+        self.member_state.member_factions.remove(self.test_faction)
+        self._refresh_user()
+        self.assertEqual(self.user.profile.state, self.guest_state)

    def test_state_assignment_on_higher_priority_state_creation(self):
        self.member_state.member_characters.add(self.test_character)
@@ -130,10 +141,10 @@ class StateTestCase(TestCase):
        )
        higher_state.member_characters.add(self.test_character)
        self._refresh_user()
-        self.assertEquals(higher_state, self.user.profile.state)
+        self.assertEqual(higher_state, self.user.profile.state)
        higher_state.member_characters.clear()
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)
        self.member_state.member_characters.clear()

    def test_state_assignment_on_lower_priority_state_creation(self):
@@ -144,10 +155,10 @@ class StateTestCase(TestCase):
        )
        lower_state.member_characters.add(self.test_character)
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)
        lower_state.member_characters.clear()
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)
        self.member_state.member_characters.clear()

    def test_state_assignment_on_priority_change(self):
@@ -161,11 +172,11 @@ class StateTestCase(TestCase):
        lower_state.priority = 500
        lower_state.save()
        self._refresh_user()
-        self.assertEquals(lower_state, self.user.profile.state)
+        self.assertEqual(lower_state, self.user.profile.state)
        lower_state.priority = 125
        lower_state.save()
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)

    def test_state_assignment_on_state_deletion(self):
        self.member_state.member_characters.add(self.test_character)
@@ -175,11 +186,11 @@ class StateTestCase(TestCase):
        )
        higher_state.member_characters.add(self.test_character)
        self._refresh_user()
-        self.assertEquals(higher_state, self.user.profile.state)
+        self.assertEqual(higher_state, self.user.profile.state)
        higher_state.delete()
        self.assertFalse(State.objects.filter(name='Higher State').count())
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)

    def test_state_assignment_on_public_toggle(self):
        self.member_state.member_characters.add(self.test_character)
@@ -188,26 +199,26 @@ class StateTestCase(TestCase):
            priority=200,
        )
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)
        higher_state.public = True
        higher_state.save()
        self._refresh_user()
-        self.assertEquals(higher_state, self.user.profile.state)
+        self.assertEqual(higher_state, self.user.profile.state)
        higher_state.public = False
        higher_state.save()
        self._refresh_user()
-        self.assertEquals(self.member_state, self.user.profile.state)
+        self.assertEqual(self.member_state, self.user.profile.state)

    def test_state_assignment_on_active_changed(self):
        self.member_state.member_characters.add(self.test_character)
        self.user.is_active = False
        self.user.save()
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.guest_state)
+        self.assertEqual(self.user.profile.state, self.guest_state)
        self.user.is_active = True
        self.user.save()
        self._refresh_user()
-        self.assertEquals(self.user.profile.state, self.member_state)
+        self.assertEqual(self.user.profile.state, self.member_state)


 class CharacterOwnershipCheckTestCase(TestCase):
--- a/allianceauth/authentication/tests/test_signals.py
+++ b/allianceauth/authentication/tests/test_signals.py
@@ -0,0 +1,94 @@
+from allianceauth.authentication.models import User, UserProfile
+from allianceauth.eveonline.models import (
+    EveCharacter,
+    EveCorporationInfo,
+    EveAllianceInfo
+)
+from django.db.models.signals import (
+    pre_save,
+    post_save,
+    pre_delete,
+    m2m_changed
+)
+from allianceauth.tests.auth_utils import AuthUtils
+
+from django.test.testcases import TestCase
+from unittest.mock import Mock
+from . import patch
+
+
+class TestUserProfileSignals(TestCase):
+
+    def setUp(self):
+        state = AuthUtils.get_member_state()
+
+        self.char = EveCharacter.objects.create(
+            character_id='1234',
+            character_name='test character',
+            corporation_id='2345',
+            corporation_name='test corp',
+            corporation_ticker='tickr',
+            alliance_id='3456',
+            alliance_name='alliance name',
+        )
+
+        self.alliance = EveAllianceInfo.objects.create(
+            alliance_id='3456',
+            alliance_name='alliance name',
+            alliance_ticker='TIKR',
+            executor_corp_id='2345',
+        )
+
+        self.corp = EveCorporationInfo.objects.create(
+            corporation_id='2345',
+            corporation_name='corp name',
+            corporation_ticker='TIKK',
+            member_count=10,
+            alliance=self.alliance,
+        )
+
+        state.member_alliances.add(self.alliance)
+        state.member_corporations.add(self.corp)
+
+        self.member = AuthUtils.create_user('test user')
+        self.member.profile.main_character = self.char
+        self.member.profile.save()
+
+    @patch('.signals.create_required_models')
+    def test_create_required_models_triggered_true(
+            self, create_required_models):
+        """
+        Create a User object here,
+        to generate UserProfile models
+        """
+        post_save.connect(create_required_models, sender=User)
+        AuthUtils.create_user('test_create_required_models_triggered')
+        self.assertTrue = create_required_models.called
+        self.assertEqual(create_required_models.call_count, 1)
+
+        user = User.objects.get(username='test_create_required_models_triggered')
+        self.assertIsNot(UserProfile.objects.get(user=user), False)
+
+    @patch('.signals.create_required_models')
+    def test_create_required_models_triggered_false(
+            self, create_required_models):
+        """
+        Only call a User object Update here,
+        which does not need to generate UserProfile models
+        """
+        post_save.connect(create_required_models, sender=User)
+        char = EveCharacter.objects.create(
+            character_id='1266',
+            character_name='test character2',
+            corporation_id='2345',
+            corporation_name='test corp',
+            corporation_ticker='tickr',
+            alliance_id='3456',
+            alliance_name='alliance name',
+        )
+        self.member.profile.main_character = char
+        self.member.profile.save()
+
+        self.assertTrue = create_required_models.called
+        self.assertEqual(create_required_models.call_count, 0)
+        self.assertIsNot(UserProfile.objects.get(user=self.member), False)
--- a/allianceauth/authentication/tests/test_templatetags.py
+++ b/allianceauth/authentication/tests/test_templatetags.py
@@ -1,6 +1,7 @@
 from math import ceil
 from unittest.mock import patch

+import requests
 import requests_mock
 from packaging.version import Version as Pep440Version

@@ -8,12 +9,8 @@ from django.core.cache import cache
 from django.test import TestCase

 from allianceauth.templatetags.admin_status import (
-    status_overview,
-    _fetch_list_from_gitlab,
-    _current_notifications,
-    _current_version_summary,
-    _fetch_notification_issues_from_gitlab,
-    _latests_versions
+    _current_notifications, _current_version_summary, _fetch_list_from_gitlab,
+    _fetch_notification_issues_from_gitlab, _latests_versions, status_overview,
 )

 MODULE_PATH = 'allianceauth.templatetags'
@@ -54,17 +51,13 @@ TEST_VERSION = '2.6.5'


 class TestStatusOverviewTag(TestCase):
-
    @patch(MODULE_PATH + '.admin_status.__version__', TEST_VERSION)
-    @patch(MODULE_PATH + '.admin_status._fetch_celery_queue_length')
    @patch(MODULE_PATH + '.admin_status._current_version_summary')
    @patch(MODULE_PATH + '.admin_status._current_notifications')
    def test_status_overview(
-        self,
-        mock_current_notifications,
-        mock_current_version_info,
-        mock_fetch_celery_queue_length
+        self, mock_current_notifications, mock_current_version_info
    ):
+        # given
        notifications = {
            'notifications': GITHUB_NOTIFICATION_ISSUES[:5]
        }
@@ -81,23 +74,19 @@ class TestStatusOverviewTag(TestCase):
            'latest_beta_version': '2.4.4a1',
        }
        mock_current_version_info.return_value = version_info
-        mock_fetch_celery_queue_length.return_value = 3
-
+        # when
        result = status_overview()
-        expected = {
-            'notifications': GITHUB_NOTIFICATION_ISSUES[:5],
-            'latest_major': True,
-            'latest_minor': True,
-            'latest_patch': True,
-            'latest_beta': False,
-            'current_version': TEST_VERSION,
-            'latest_major_version': '2.4.5',
-            'latest_minor_version': '2.4.0',
-            'latest_patch_version': '2.4.5',
-            'latest_beta_version': '2.4.4a1',
-            'task_queue_length': 3,
-        }
-        self.assertEqual(result, expected)
+        # then
+        self.assertEqual(result["notifications"], GITHUB_NOTIFICATION_ISSUES[:5])
+        self.assertTrue(result["latest_major"])
+        self.assertTrue(result["latest_minor"])
+        self.assertTrue(result["latest_patch"])
+        self.assertFalse(result["latest_beta"])
+        self.assertEqual(result["current_version"], TEST_VERSION)
+        self.assertEqual(result["latest_major_version"], '2.4.5')
+        self.assertEqual(result["latest_minor_version"], '2.4.0')
+        self.assertEqual(result["latest_patch_version"], '2.4.5')
+        self.assertEqual(result["latest_beta_version"], '2.4.4a1')


 class TestNotifications(TestCase):
@@ -169,11 +158,7 @@ class TestVersionTags(TestCase):
        # when
        result = _current_version_summary()
        # then
-        self.assertTrue(result['latest_major'])
-        self.assertTrue(result['latest_minor'])
        self.assertTrue(result['latest_patch'])
-        self.assertEqual(result['latest_major_version'], '2.0.0')
-        self.assertEqual(result['latest_minor_version'], '2.4.0')
        self.assertEqual(result['latest_patch_version'], '2.4.5')
        self.assertEqual(result['latest_beta_version'], '2.4.6a1')

@@ -222,9 +207,7 @@ class TestLatestsVersion(TestCase):
        tags = create_tags_list(
            ['2.1.1', '2.1.0', '2.0.0', '2.1.1a1', '1.1.1', '1.1.0', '1.0.0']
        )
-        major, minor, patch, beta = _latests_versions(tags)
-        self.assertEqual(major, Pep440Version('2.0.0'))
-        self.assertEqual(minor, Pep440Version('2.1.0'))
+        patch, beta = _latests_versions(tags)
        self.assertEqual(patch, Pep440Version('2.1.1'))
        self.assertEqual(beta, Pep440Version('2.1.1a1'))

@@ -233,9 +216,7 @@ class TestLatestsVersion(TestCase):
        tags = create_tags_list(
            ['2.1.2', '2.1.1', '2.0.1', '2.1.1a1', '1.1.1', '1.1.0', '1.0.0']
        )
-        major, minor, patch, beta = _latests_versions(tags)
-        self.assertEqual(major, Pep440Version('2.0.1'))
-        self.assertEqual(minor, Pep440Version('2.1.1'))
+        patch, beta = _latests_versions(tags)
        self.assertEqual(patch, Pep440Version('2.1.2'))
        self.assertEqual(beta, Pep440Version('2.1.1a1'))

@@ -244,9 +225,7 @@ class TestLatestsVersion(TestCase):
        tags = create_tags_list(
            ['2.1.1', '2.1.0', '2.0.0', '2.1.1a1', 'invalid']
        )
-        major, minor, patch, beta = _latests_versions(tags)
-        self.assertEqual(major, Pep440Version('2.0.0'))
-        self.assertEqual(minor, Pep440Version('2.1.0'))
+        patch, beta = _latests_versions(tags)
        self.assertEqual(patch, Pep440Version('2.1.1'))
        self.assertEqual(beta, Pep440Version('2.1.1a1'))

@@ -317,3 +296,25 @@ class TestFetchListFromGitlab(TestCase):
        result = _fetch_list_from_gitlab(self.url, max_pages=max_pages)
        self.assertEqual(result, GITHUB_TAGS[:4])
        self.assertEqual(requests_mocker.call_count, max_pages)
+
+    @requests_mock.mock()
+    @patch(MODULE_PATH + '.admin_status.logger')
+    def test_should_not_raise_any_exception_from_github_request_but_log_as_warning(
+        self, requests_mocker, mock_logger
+    ):
+        for my_exception in [
+            requests.exceptions.ConnectionError,
+            requests.exceptions.HTTPError,
+            requests.exceptions.URLRequired,
+            requests.exceptions.TooManyRedirects,
+            requests.exceptions.ConnectTimeout,
+            requests.exceptions.Timeout,
+
+        ]:
+            requests_mocker.get(self.url, exc=my_exception)
+            try:
+                result = _fetch_list_from_gitlab(self.url)
+            except Exception as ex:
+                self.fail(f"Unexpected exception raised: {ex}")
+            self.assertTrue(mock_logger.warning.called)
+            self.assertListEqual(result, [])
--- a/allianceauth/authentication/tests/test_views.py
+++ b/allianceauth/authentication/tests/test_views.py
@@ -0,0 +1,39 @@
+import json
+from unittest.mock import patch
+
+from django.test import RequestFactory, TestCase
+
+from allianceauth.authentication.views import task_counts
+from allianceauth.tests.auth_utils import AuthUtils
+
+MODULE_PATH = "allianceauth.authentication.views"
+
+
+def jsonresponse_to_dict(response) -> dict:
+    return json.loads(response.content)
+
+
+@patch(MODULE_PATH + ".queued_tasks_count")
+@patch(MODULE_PATH + ".active_tasks_count")
+class TestRunningTasksCount(TestCase):
+    @classmethod
+    def setUpClass(cls) -> None:
+        super().setUpClass()
+        cls.factory = RequestFactory()
+        cls.user = AuthUtils.create_user("bruce_wayne")
+
+    def test_should_return_data(
+        self, mock_active_tasks_count, mock_queued_tasks_count
+    ):
+        # given
+        mock_active_tasks_count.return_value = 2
+        mock_queued_tasks_count.return_value = 3
+        request = self.factory.get("/")
+        request.user = self.user
+        # when
+        response = task_counts(request)
+        # then
+        self.assertEqual(response.status_code, 200)
+        self.assertDictEqual(
+            jsonresponse_to_dict(response), {"tasks_running": 2, "tasks_queued": 3}
+        )
--- a/allianceauth/authentication/urls.py
+++ b/allianceauth/authentication/urls.py
@@ -1,5 +1,4 @@
-from django.conf.urls import url
-from django.contrib.auth.decorators import login_required
+from django.urls import path
 from django.views.generic.base import TemplateView

 from . import views
@@ -7,21 +6,37 @@ from . import views
 app_name = 'authentication'

 urlpatterns = [
-    url(r'^$', views.index, name='index'),
-    url(
-        r'^account/login/$',
+    path('', views.index, name='index'),
+    path(
+        'account/login/',
        TemplateView.as_view(template_name='public/login.html'),
        name='login'
    ),
-    url(
-        r'^account/characters/main/$',
+    path(
+        'account/characters/main/',
        views.main_character_change,
        name='change_main_character'
    ),
-    url(
-        r'^account/characters/add/$',
+    path(
+        'account/characters/add/',
        views.add_character,
        name='add_character'
    ),
-    url(r'^dashboard/$', views.dashboard, name='dashboard'),
+    path(
+        'account/tokens/manage/',
+        views.token_management,
+        name='token_management'
+    ),
+    path(
+        'account/tokens/delete/<int:token_id>',
+        views.token_delete,
+        name='token_delete'
+    ),
+    path(
+        'account/tokens/refresh/<int:token_id>',
+        views.token_refresh,
+        name='token_refresh'
+    ),
+    path('dashboard/', views.dashboard, name='dashboard'),
+    path('task-counts/', views.task_counts, name='task_counts'),
 ]
--- a/allianceauth/authentication/views.py
+++ b/allianceauth/authentication/views.py
@@ -1,29 +1,31 @@
 import logging

+from django_registration.backends.activation.views import (
+    REGISTRATION_SALT, ActivationView as BaseActivationView,
+    RegistrationView as BaseRegistrationView,
+)
+from django_registration.signals import user_registered
+
 from django.conf import settings
 from django.contrib import messages
-from django.contrib.auth import login, authenticate
+from django.contrib.auth import authenticate, login
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.models import User
 from django.core import signing
 from django.http import JsonResponse
 from django.shortcuts import redirect, render
+from django.template.loader import render_to_string
 from django.urls import reverse, reverse_lazy
 from django.utils.translation import gettext_lazy as _

-from allianceauth.eveonline.models import EveCharacter
 from esi.decorators import token_required
 from esi.models import Token

-from django_registration.backends.activation.views import (
-    RegistrationView as BaseRegistrationView,
-    ActivationView as BaseActivationView,
-    REGISTRATION_SALT
-)
-from django_registration.signals import user_registered
+from allianceauth.eveonline.models import EveCharacter

-from .models import CharacterOwnership
+from .core.celery_workers import active_tasks_count, queued_tasks_count
 from .forms import RegistrationForm
+from .models import CharacterOwnership

 if 'allianceauth.eveonline.autogroups' in settings.INSTALLED_APPS:
    _has_auto_groups = True
@@ -60,10 +62,51 @@ def dashboard(request):
    return render(request, 'authentication/dashboard.html', context)


+@login_required
+def token_management(request):
+    tokens = request.user.token_set.all()
+
+    context = {
+        'tokens': tokens
+    }
+    return render(request, 'authentication/tokens.html', context)
+
+
+@login_required
+def token_delete(request, token_id=None):
+    try:
+        token = Token.objects.get(id=token_id)
+        if request.user == token.user:
+            token.delete()
+            messages.success(request, "Token Deleted.")
+        else:
+            messages.error(request, "This token does not belong to you.")
+    except Token.DoesNotExist:
+        messages.warning(request, "Token does not exist")
+    return redirect('authentication:token_management')
+
+
+@login_required
+def token_refresh(request, token_id=None):
+    try:
+        token = Token.objects.get(id=token_id)
+        if request.user == token.user:
+            try:
+                token.refresh()
+                messages.success(request, "Token refreshed.")
+            except Exception as e:
+                messages.warning(request, f"Failed to refresh token. {e}")
+        else:
+            messages.error(request, "This token does not belong to you.")
+    except Token.DoesNotExist:
+        messages.warning(request, "Token does not exist")
+    return redirect('authentication:token_management')
+
+
@login_required
@token_required(scopes=settings.LOGIN_TOKEN_SCOPES)
 def main_character_change(request, token):
-    logger.debug("main_character_change called by user %s for character %s" % (request.user, token.character_name))
+    logger.debug(f"main_character_change called by user {request.user} for character {token.character_name}")
    try:
        co = CharacterOwnership.objects.get(character__character_id=token.character_id, user=request.user)
    except CharacterOwnership.DoesNotExist:
@@ -87,7 +130,7 @@ def main_character_change(request, token):
 def add_character(request, token):
    if CharacterOwnership.objects.filter(character__character_id=token.character_id).filter(
            owner_hash=token.character_owner_hash).filter(user=request.user).exists():
-        messages.success(request, _('Added %(name)s to your account.'% ({'name': token.character_name})))
+        messages.success(request, _('Added %(name)s to your account.' % ({'name': token.character_name})))
    else:
        messages.error(request, _('Failed to add %(name)s to your account: they already have an account.' % ({'name': token.character_name})))
    return redirect('authentication:dashboard')
@@ -137,9 +180,52 @@ class RegistrationView(BaseRegistrationView):
    form_class = RegistrationForm
    template_name = "public/register.html"
    email_body_template = "registration/activation_email.txt"
+    email_body_template_html = "registration/activation_email_html.txt"
    email_subject_template = "registration/activation_email_subject.txt"
    success_url = reverse_lazy('registration_complete')

+    def send_activation_email(self, user):
+        """
+        Implement our own way to send a mail to make sure we
+        send a RFC conform multipart email
+        :param user:
+        :type user:
+        """
+
+        activation_key = self.get_activation_key(user)
+        context = self.get_email_context(activation_key)
+        context["user"] = user
+
+        # email subject
+        subject = render_to_string(
+            template_name=self.email_subject_template,
+            context=context,
+            request=self.request,
+        )
+        subject = "".join(subject.splitlines())
+
+        # plaintext email body part
+        message = render_to_string(
+            template_name=self.email_body_template,
+            context=context,
+            request=self.request,
+        )
+
+        # html email body part
+        message_html = render_to_string(
+            template_name=self.email_body_template_html,
+            context=context,
+            request=self.request,
+        )
+
+        # send it
+        user.email_user(
+            subject,
+            message,
+            settings.DEFAULT_FROM_EMAIL,
+            **{'html_message': message_html},
+        )
+
    def get_success_url(self, user):
        if not getattr(settings, 'REGISTRATION_VERIFY_EMAIL', True):
            return reverse_lazy('authentication:dashboard')
@@ -154,7 +240,7 @@ class RegistrationView(BaseRegistrationView):
        if not getattr(settings, 'REGISTRATION_VERIFY_EMAIL', True):
            # Keep the request so the user can be automagically logged in.
            setattr(self, 'request', request)
-        return super(RegistrationView, self).dispatch(request, *args, **kwargs)
+        return super().dispatch(request, *args, **kwargs)

    def register(self, form):
        user = User.objects.get(pk=self.request.session.get('registration_uid'))
@@ -173,7 +259,7 @@ class RegistrationView(BaseRegistrationView):
        return signing.dumps(obj=[getattr(user, User.USERNAME_FIELD), user.email], salt=REGISTRATION_SALT)

    def get_email_context(self, activation_key):
-        context = super(RegistrationView, self).get_email_context(activation_key)
+        context = super().get_email_context(activation_key)
        context['url'] = context['site'].domain + reverse('registration_activate', args=[activation_key])
        return context

@@ -185,8 +271,11 @@ class ActivationView(BaseActivationView):

    def validate_key(self, activation_key):
        try:
-            dump = signing.loads(activation_key, salt=REGISTRATION_SALT,
-                                max_age=settings.ACCOUNT_ACTIVATION_DAYS * 86400)
+            dump = signing.loads(
+                activation_key,
+                salt=REGISTRATION_SALT,
+                max_age=settings.ACCOUNT_ACTIVATION_DAYS * 86400
+            )
            return dump
        except signing.BadSignature:
            return None
@@ -216,3 +305,12 @@ def activation_complete(request):
 def registration_closed(request):
    messages.error(request, _('Registration of new accounts is not allowed at this time.'))
    return redirect('authentication:login')
+
+
+def task_counts(request) -> JsonResponse:
+    """Return task counts as JSON for an AJAX call."""
+    data = {
+        "tasks_running": active_tasks_count(),
+        "tasks_queued": queued_tasks_count()
+    }
+    return JsonResponse(data)
--- a/allianceauth/bin/allianceauth.py
+++ b/allianceauth/bin/allianceauth.py
@@ -41,7 +41,7 @@ def create_project(parser, options, args):
    # Call the command with extra context
    call_command(StartProject(), *args, **command_options)

-    print("Success! %(project_name)s has been created." % {'project_name': args[0]})  # noqa
+    print(f"Success! {args[0]} has been created.")  # noqa


 def update_settings(parser, options, args):
@@ -69,10 +69,10 @@ def update_settings(parser, options, args):
    template_settings_path = os.path.join(template_path, 'project_name/settings/base.py')

    # overwrite the local project's base settings
-    with open(template_settings_path, 'r') as template, open(settings_path, 'w') as target:
+    with open(template_settings_path) as template, open(settings_path, 'w') as target:
        target.write(template.read())

-    print("Successfully updated %(project_name)s settings." % {'project_name': project_name})
+    print(f"Successfully updated {project_name} settings.")


 COMMANDS = {
--- a/allianceauth/context_processors.py
+++ b/allianceauth/context_processors.py
@@ -5,5 +5,6 @@ from .views import NightModeRedirectView
 def auth_settings(request):
    return {
        'SITE_NAME': settings.SITE_NAME,
+        'SITE_URL': settings.SITE_URL,
        'NIGHT_MODE': NightModeRedirectView.night_mode_state(request),
    }
--- a/allianceauth/corputils/init.py
+++ b/allianceauth/corputils/init.py
@@ -1 +0,0 @@
-default_app_config = 'allianceauth.corputils.apps.CorpUtilsConfig'
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`default_app_config = 'allianceauth.analytics.apps.AnalyticsConfig'`
				`@@ -1 +0,0 @@`
				`default_app_config = 'allianceauth.authentication.apps.AuthenticationConfig'`
				`@@ -1 +0,0 @@`
				`default_app_config = 'allianceauth.corputils.apps.CorpUtilsConfig'`