diff --git a/docs/installation/config.rst b/docs/installation/config.rst index 8f64cbc..0ce21d8 100644 --- a/docs/installation/config.rst +++ b/docs/installation/config.rst @@ -17,7 +17,7 @@ Available environment variables Required -------- -* ``SECRET_KEY``: Secret key that's used for certain cryptographic utilities. You should generate one via `miniwebtool `_. +* ``SECRET_KEY``: Secret key that's used for certain cryptographic utilities. . * ``ALLOWED_HOSTS``: a comma separated (without spaces!) list of domains that serve the installation. Used to protect against Host header attacks. Defaults to: ``(empty string)``. * ``CACHE_DEFAULT``: redis cache address for the default cache (this **MUST** be set when using Docker). Defaults to: ``localhost:6379/0``. * ``CACHE_AXES``: redis cache address for the brute force login protection cache (this **MUST** be set when using Docker). Defaults to: ``localhost:6379/0``. @@ -80,7 +80,7 @@ Optional * ``LOG_LEVEL``: control the verbosity of logging output. Available values are ``CRITICAL``, ``ERROR``, ``WARNING``, ``INFO`` and ``DEBUG``. Defaults to: ``WARNING``. * ``LOG_QUERIES``: enable (query) logging at the database backend level. Note that you must also set ``DEBUG=1``, which should be done very sparingly!. Defaults to: ``False``. * ``LOG_REQUESTS``: enable logging of the outgoing requests. Defaults to: ``False``. -* ``SESSION_COOKIE_SAMESITE``: The value of the SameSite flag on the session cookie. This flag prevents the cookie from being sent in cross-site requests thus preventing CSRF attacks and making some methods of stealing session cookie impossible. Defaults to: ``Strict``. +* ``SESSION_COOKIE_SAMESITE``: The value of the SameSite flag on the session cookie. This flag prevents the cookie from being sent in cross-site requests thus preventing CSRF attacks and making some methods of stealing session cookie impossible.Currently interferes with OIDC. Keep the value set at Lax if used. Defaults to: ``Lax``. * ``CSRF_COOKIE_SAMESITE``: The value of the SameSite flag on the CSRF cookie. This flag prevents the cookie from being sent in cross-site requests. Defaults to: ``Strict``. * ``ENVIRONMENT``: An identifier for the environment, displayed in the admin depending on the settings module used and included in the error monitoring (see ``SENTRY_DSN``). The default is set according to ``DJANGO_SETTINGS_MODULE``. * ``SUBPATH``: If hosted on a subpath, provide the value here. If you provide ``/gateway``, the component assumes its running at the base URL: ``https://somedomain/gateway/``. Defaults to an empty string. Defaults to: ``None``. diff --git a/requirements/base.txt b/requirements/base.txt index 51bca76..e6866c9 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -100,6 +100,7 @@ django==4.2.15 # djangorestframework-inclusions # drf-nested-routers # drf-spectacular + # drf-spectacular-sidecar # drf-yasg # maykin-2fa # mozilla-django-oidc @@ -182,8 +183,10 @@ djangorestframework-inclusions==1.2.0 # via open-api-framework drf-nested-routers==0.94.1 # via commonground-api-common -drf-spectacular==0.27.2 +drf-spectacular[sidecar]==0.27.2 # via open-api-framework +drf-spectacular-sidecar==2024.7.1 + # via drf-spectacular drf-yasg==1.21.7 # via commonground-api-common ecs-logging==2.2.0 @@ -238,7 +241,7 @@ mozilla-django-oidc-db==0.19.0 # via open-api-framework notifications-api-common==0.2.2 # via commonground-api-common -open-api-framework==0.8.0 +open-api-framework==0.8.1 # via -r requirements/base.in openpyxl==3.1.5 # via tablib diff --git a/requirements/ci.txt b/requirements/ci.txt index 0821849..9bc7e66 100644 --- a/requirements/ci.txt +++ b/requirements/ci.txt @@ -148,6 +148,7 @@ django==4.2.15 # djangorestframework-inclusions # drf-nested-routers # drf-spectacular + # drf-spectacular-sidecar # drf-yasg # maykin-2fa # mozilla-django-oidc @@ -281,10 +282,14 @@ drf-nested-routers==0.94.1 # via # -r requirements/base.txt # commonground-api-common -drf-spectacular==0.27.2 +drf-spectacular[sidecar]==0.27.2 # via # -r requirements/base.txt # open-api-framework +drf-spectacular-sidecar==2024.7.1 + # via + # -r requirements/base.txt + # drf-spectacular drf-yasg==1.21.7 # via # -r requirements/base.txt @@ -406,7 +411,7 @@ notifications-api-common==0.2.2 # via # -r requirements/base.txt # commonground-api-common -open-api-framework==0.8.0 +open-api-framework==0.8.1 # via -r requirements/base.txt openpyxl==3.1.5 # via diff --git a/requirements/dev.txt b/requirements/dev.txt index 54a0e42..5b880ed 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -194,6 +194,7 @@ django==4.2.15 # djangorestframework-inclusions # drf-nested-routers # drf-spectacular + # drf-spectacular-sidecar # drf-yasg # maykin-2fa # mozilla-django-oidc @@ -366,11 +367,16 @@ drf-nested-routers==0.94.1 # -c requirements/ci.txt # -r requirements/ci.txt # commonground-api-common -drf-spectacular==0.27.2 +drf-spectacular[sidecar]==0.27.2 # via # -c requirements/ci.txt # -r requirements/ci.txt # open-api-framework +drf-spectacular-sidecar==2024.7.1 + # via + # -c requirements/ci.txt + # -r requirements/ci.txt + # drf-spectacular drf-yasg==1.21.7 # via # -c requirements/ci.txt @@ -548,7 +554,7 @@ notifications-api-common==0.2.2 # -c requirements/ci.txt # -r requirements/ci.txt # commonground-api-common -open-api-framework==0.8.0 +open-api-framework==0.8.1 # via # -c requirements/ci.txt # -r requirements/ci.txt diff --git a/src/referentielijsten/conf/api.py b/src/referentielijsten/conf/api.py index 7dbb055..a3ebcb3 100644 --- a/src/referentielijsten/conf/api.py +++ b/src/referentielijsten/conf/api.py @@ -9,6 +9,7 @@ REST_FRAMEWORK["DEFAULT_SCHEMA_CLASS"] = "drf_spectacular.openapi.AutoSchema" SPECTACULAR_SETTINGS = { + "REDOC_DIST": "SIDECAR", "SERVE_INCLUDE_SCHEMA": False, "CAMELIZE_NAMES": True, "POSTPROCESSING_HOOKS": [