inventree/InvenTree
2
0
Fork 0
mirror of https://github.com/inventree/InvenTree.git synced 2025-06-12 10:05:39 +00:00
Code Activity

Site access updates (#6731)

Browse Source 
* Throw error on invalid site access policy

- If ALLOWED_HOSTS is empty, exit
- If CSRF_TRUSTED_ORIGINS is empty, exit
- Closes https://github.com/inventree/InvenTree/issues/6730

* Set parameters for devcontainer

* Update documentation

* Ignore server exit in testing mode

* Add INVENTREE_SITE_URL to CI

* Further CI updates

* Update settings.py

* Unit test updates

* More unit test updates

* Bump API version

* Re-introduce checks in settings.py

- Allow more lenient behaviour in TESTING mode
This commit is contained in:
Oliver
2024-03-18 12:53:48 +11:00
committed by GitHub
parent 0c661f4f83
commit 23f0950a76
9 changed files with 32 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
docs/docs/start/config.md
View File

@ -59,9 +59,12 @@ The following basic options are available:
| INVENTREE_BASE_URL | base_url | Server base URL | *Not specified* |
| INVENTREE_AUTO_UPDATE | auto_update | Database migrations will be run automatically | False |
!!! tip "INVENTREE_SITE_URL"
The *INVENTREE_SITE_URL* option defines the base URL for the InvenTree server. This is a critical setting, and it is required for correct operation of the server. If not specified, the server will attempt to determine the site URL automatically - but this may not always be correct!
## Server Access
Depending on how your InvenTree installation is configured, you will need to pay careful attention to the following settings. If you are running your server behind a proxy, or want to adjust support for CORS requests, one or more of the following settings may need to be adjusted.
Depending on how your InvenTree installation is configured, you will need to pay careful attention to the following settings. If you are running your server behind a proxy, or want to adjust support for [CORS requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS), one or more of the following settings may need to be adjusted.
!!! warning "Advanced Users"
The following settings require a certain assumed level of knowledge. You should also refer to the [django documentation]({% include "django.html" %}/ref/settings/) for more information.
@ -86,6 +89,10 @@ Depending on how your InvenTree installation is configured, you will need to pay
| INVENTREE_USE_X_FORWARDED_PORT | use_x_forwarded_port | Use forwarded port header | False |
| INVENTREE_CORS_ALLOW_CREDENTIALS | cors.allow_credentials | Allow cookies in cross-site requests | True |
### Proxy Settings
If you are running InvenTree behind another proxy, you will need to ensure that the InvenTree server is configured to listen on the correct host and port. You will likely have to adjust the `INVENTREE_ALLOWED_HOSTS` setting to ensure that the server will accept requests from the proxy.
## Admin Site
Django provides a powerful [administrator interface]({% include "django.html" %}/ref/contrib/admin/) which can be used to manage the InvenTree database. This interface is enabled by default, and available at the `/admin/` URL.