Merge branch 'master' into add-python311

README.rst

@@ -64,7 +64,7 @@ Requirements
 
 - Python 2.7 or 3.5+
 - jQuery 1.7+
-- Django 1.8 to 4.0
+- Django 3.2 to 4.0
 - django.contrib.staticfiles or #YoYo
 
 Resources

docs/source/quick.rst

@@ -7,32 +7,66 @@ because your time matters and you probably have other things to worry about.
 Install the package::
 
     pip install django-session-security
-    # or the development version
-    pip install -e git+git://github.com/yourlabs/django-session-security.git#egg=django-session-security
 
-For static file service, add to ``settings.INSTALLED_APPS``::
+For static file service, add ``session_security`` to your ``INSTALLED_APPS`` settings:
 
-    'session_security',
+.. code-block:: python
 
-Add to ``settings.MIDDLEWARE_CLASSES``, **after** django's AuthenticationMiddleware::
+    INSTALLED_APPS = [
+        # ...
+        'session_security',
+        # ...
+    ]
 
-    'session_security.middleware.SessionSecurityMiddleware',
+Add ``session_security.middleware.SessionSecurityMiddleware`` to your ``MIDDLEWARE`` settings:
 
-Ensure settings.TEMPLATE_CONTEXT_PROCESSORS has::
+.. code-block:: python
 
-    'django.core.context_processors.request'
+    MIDDLEWARE = [
+        # ...
+        'session_security.middleware.SessionSecurityMiddleware',
+        # ...
+    ]
 
-Add to urls::
+.. warning::
 
-    url(r'session_security/', include('session_security.urls')),
+    The order of ``MIDDLEWARE`` is important. You should include the ``django-session-security`` middleware
+    after the authentication middleware, such as :class:`~django.contrib.auth.middleware.AuthenticationMiddleware`.
+
+Ensure ``django.template.context_processors.request`` is added to the template context processors:
+
+.. code-block:: python
+
+    TEMPLATES = [
+        {
+            "OPTIONS": {
+                "context_processors": [
+                    "django.template.context_processors.request",
+                    # ...
+                ]
+            }
+            # ...
+        }
+    ]
+
+Add ``session_security`` URLs to your project’s URLconf:
+
+.. code-block:: python
+
+    from django.urls import include, path
+
+    urlpatterns = [
+        # ...
+        path('session_security/', include('session_security.urls')),
+    ]
 
 At this point, we're going to assume that you have `django.contrib.staticfiles
 <https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/>`_ working.
 This means that `static files are automatically served with runserver
 <https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#runserver>`_,
 and that you have to run `collectstatic when using another server
 <https://docs.djangoproject.com/en/dev/ref/contrib/staticfiles/#collectstatic>`_
-(fastcgi, uwsgi, and whatnot). If you don't use django.contrib.staticfiles,
+(fastcgi, uwsgi, and whatnot). If you don't use `django.contrib.staticfiles`,
 then you're on your own to manage staticfiles.
 
 After jQuery, add to your base template::

session_security/locale/de/LC_MESSAGES/django.po

@@ -0,0 +1,29 @@
+# Copyright (C) 2013 James Pic
+# This file is distributed under the same license as the
+# django-session-security package.
+# James Pic <jamespic@gmail.com> 2013
+msgid ""
+msgstr ""
+"Project-Id-Version: 2.0.3\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2024-03-18 11:41-0400\n"
+"PO-Revision-Date: 2024-03-18 16:26+0100\n"
+"Last-Translator: Daniel Zielinski <daniel@loctimize.com>\n"
+"Language: German\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"Plural-Forms: nplurals=2; plural=(n > 1);\n"
+
+#: templates/session_security/all.html:32
+msgid "You have unsaved changes in a form of this page."
+msgstr ""
+"Sie haben nicht gespeicherte Änderungen in einem Formular auf dieser Seite."
+
+#: templates/session_security/dialog.html:6
+msgid "Your session is about to expire"
+msgstr "Ihre Sitzung läuft in Kürze ab."
+
+#: templates/session_security/dialog.html:7
+msgid "Click or type to extend your session."
+msgstr "Klicken oder tippen Sie, um nicht automatisch ausgeloggt zu werden."

session_security/static/session_security/style.css

@@ -24,3 +24,7 @@
     overflow: auto;
     text-align: center;
 }
+
+.session_security {
+    display: none;
+}

session_security/templates/session_security/all.html

@@ -24,7 +24,7 @@
 
     {# Bootstrap a SessionSecurity instance as the sessionSecurity global variable #}
     {% localize off %}
-        <script type="text/javascript">
+        <script type="text/javascript"{% if request.csp_nonce %} nonce="{{ request.csp_nonce }}"{% endif %}>
             var sessionSecurity = new yourlabs.SessionSecurity({
                 pingUrl: '{% url 'session_security_ping' %}',
                 warnAfter: {{ request|warn_after|unlocalize }},

session_security/templates/session_security/dialog.html

@@ -1,6 +1,6 @@
 {% load i18n %}
 
-<div id="session_security_warning" class="session_security" style="display:none" aria-hidden="true" role="dialog">
+<div id="session_security_warning" class="session_security" aria-hidden="true" role="dialog">
     <div class="session_security_overlay"></div>
     <div class="session_security_modal" role="document" tabindex="-1">
         <h3>{% trans 'Your session is about to expire' %}</h3>

tox.ini

@@ -1,9 +1,6 @@
 [tox]
 envlist =
-    py{27,35,36}-django{18,19,110,111}
-    py{35,36,37,38}-django{111,22}
-    py{36,37,38,39,310,311}-django{30,31,32}
-    py{38,39,310,311}-django{40,41}
+    py{38,39,310,311}-django{32,40,41}
 [testenv]
 usedevelop = true
 commands =
@@ -12,13 +9,6 @@ deps =
     coverage
     unittest-data-provider
     selenium<4.3.0
-    django18: Django>=1.8,<1.9
-    django19: Django>=1.9,<1.10
-    django110: Django>=1.10,<1.11
-    django111: Django>=1.11,<1.12
-    django22: Django>=2.2,<2.3
-    django30: Django>=3.0,<3.1
-    django31: Django>=3.1,<3.2
     django32: Django>=3.2,<3.3
     django40: Django>=4.0,<4.1
     django41: Django>=4.1,<4.2