Version Bump 3.1.0

Add `CSRF_TRUSTED_ORIGINS` to `local.py`

See merge request allianceauth/allianceauth!1446

MANIFEST.in

@@ -0,0 +1,7 @@
+include LICENSE
+include README.md
+include MANIFEST.in
+graft allianceauth
+
+global-exclude __pycache__
+global-exclude *.py[co]

allianceauth/__init__.py

@@ -1,7 +1,7 @@
 # This will make sure the app is always imported when
 # Django starts so that shared_task will use this app.
 
-__version__ = '3.0.0'
+__version__ = '3.1.0'
 __title__ = 'Alliance Auth'
 __url__ = 'https://gitlab.com/allianceauth/allianceauth'
 NAME = f'{__title__} v{__version__}'

allianceauth/project_template/project_name/settings/local.py

@@ -13,6 +13,12 @@ STATIC_ROOT = "/var/www/{{ project_name }}/static/"
 # in page titles and the site header.
 SITE_NAME = '{{ project_name }}'
 
+# This is your websites URL, set it accordingly
+SITE_URL = "https://example.com"
+
+# Django security
+CSRF_TRUSTED_ORIGINS = [SITE_URL]
+
 # Change this to enable/disable debug mode, which displays
 # useful error messages but can leak sensitive data.
 DEBUG = False
@@ -39,15 +45,16 @@ DATABASES['default'] = {
 
 # Register an application at https://developers.eveonline.com for Authentication
 # & API Access and fill out these settings. Be sure to set the callback URL
-# to https://example.com/sso/callback substituting your domain for example.com
+# to https://example.com/sso/callback substituting your domain for example.com in
+# CCP's developer portal
 # Logging in to auth requires the publicData scope (can be overridden through the
 # LOGIN_TOKEN_SCOPES setting). Other apps may require more (see their docs).
 ESI_SSO_CLIENT_ID = ''
 ESI_SSO_CLIENT_SECRET = ''
-ESI_SSO_CALLBACK_URL = ''
+ESI_SSO_CALLBACK_URL = f"{SITE_URL}/sso/callback"
 ESI_USER_CONTACT_EMAIL = ''    # A server maintainer that CCP can contact in case of issues.
 
-# By default emails are validated before new users can log in.
+# By default, emails are validated before new users can log in.
 # It's recommended to use a free service like SparkPost or Elastic Email to send email.
 # https://www.sparkpost.com/docs/integrations/django/
 # https://elasticemail.com/resources/settings/smtp-api/

docker/.env.example

@@ -1,7 +1,7 @@
 PROTOCOL=https://
 AUTH_SUBDOMAIN=%AUTH_SUBDOMAIN%
 DOMAIN=%DOMAIN%
-AA_DOCKER_TAG=registry.gitlab.com/allianceauth/allianceauth/auth:v3.0.0
+AA_DOCKER_TAG=registry.gitlab.com/allianceauth/allianceauth/auth:v3.1.0
 
 # Nginx Proxy Manager
 PROXY_HTTP_PORT=80

docker/Dockerfile

@@ -1,5 +1,5 @@
 FROM python:3.9-slim
-ARG AUTH_VERSION=v3.0.0
+ARG AUTH_VERSION=v3.1.0
 ARG AUTH_PACKAGE=allianceauth==${AUTH_VERSION}
 ENV VIRTUAL_ENV=/opt/venv
 ENV AUTH_USER=allianceauth

docs/features/services/discord.md

@@ -17,8 +17,11 @@ Make the following changes in your auth project's settings file (`local.py`):
 
 ```python
 # Discord Configuration
+# Be sure to set the callback URLto https://example.com/discord/callback/
+# substituting your domain for example.com in Discord's developer portal
+# (Be sure to add the trailing slash)
 DISCORD_GUILD_ID = ''
-DISCORD_CALLBACK_URL = ''
+DISCORD_CALLBACK_URL = f"{SITE_URL}/discord/callback/"
 DISCORD_APP_ID = ''
 DISCORD_APP_SECRET = ''
 DISCORD_BOT_TOKEN = ''

docs/installation/allianceauth.md

@@ -344,8 +344,6 @@ For **scopes** your SSO app needs to have at least `publicData`. Additional scop
 
 As **callback URL** you want to define the URL of your Alliance Auth site plus the route: `/sso/callback`. Example for a valid callback URL: `https://auth.example.com/sso/callback`
 
-In `local.py` you will need to set `ESI_USER_CONTACT_EMAIL` to an email address to ensure that CCP has reliable contact information for you.
-
 ### Alliance Auth Project
 
 Update Pip before installing python packages:
@@ -384,7 +382,14 @@ The following command bootstraps a Django project which will run your **Alliance
 allianceauth start myauth
 ```
 
-The settings file needs configuring. Edit the template at `myauth/myauth/settings/local.py`. Be sure to configure the EVE SSO as defined earlier in **Eve Online Settings** and valid Email settings.
+The settings file needs configuring, edit the template at `myauth/myauth/settings/local.py`.
+
+**Be sure to configure:**
+* Your site URL as `SITE_URL`
+* The Database account setup earlier in **Database Setup**
+* `ESI_SSO_CLIENT_ID`, `ESI_SSO_CLIENT_SECRET` from the EVE Online Developers Portal earlier in **Eve Online Settings**
+* `ESI_USER_CONTACT_EMAIL` to an email address to ensure that CCP has reliable contact information for you
+* Valid Email server settings.
 
 Django needs to install models to the database before it can start.