Merge branch 'development' into common_dashboard

deployment/docker/nginx.conf

@@ -26,14 +26,15 @@ http {
 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;
 	add_header X-Content-Type-Options nosniff;
+	add_header Referrer-Policy same-origin;
+
 
 	access_log /var/log/nginx/access.log private;
 	error_log /var/log/nginx/error.log;
-	add_header Referrer-Policy same-origin;
 
 	gzip on;
 	gzip_disable "msie6";
-	gzip_types text/plain text/html text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml image/svg+xml;
+	gzip_types text/plain text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml image/svg+xml;
 	gzip_vary on;
 	gzip_proxied any;
 	gzip_comp_level 6;
@@ -68,11 +69,18 @@ http {
             add_header Cache-Control "public";
         }
         location / {
+			if ($request_method = 'OPTIONS') {
+        		add_header 'Access-Control-Allow-Origin' '*';
+        		add_header 'Access-Control-Allow-Credentials' 'true';
+        		add_header 'Access-Control-Allow-Headers' 'exhibitor, Authorization, Content-Type, DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Range';
+        		add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
+        		return 204;
+    		}   
+
             proxy_pass http://unix:/tmp/pretix.sock:/;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
         	proxy_set_header Host $http_host;
         }
     }
 }
 
-

doc/development/social_login.rst

@@ -0,0 +1,66 @@
+Social Login Setup
+--------------------------
+
+To enable social login for providers, you first need to create an OAuth application on the provider's website.
+
+
+I. Google OAuth Application
+----------------------------
+Create an OAuth application on https://console.developers.google.com/
+
+Instructions:
+
+- Follow the setup guide: https://medium.com/@tony.infisical/guide-to-using-oauth-2-0-to-access-google-apis-dead94d6866d
+
+- Set the callback URL to: `{domain}/accounts/google/login/callback/`
+
+- Add the client ID and client secret to admin settings
+
+
+II. Github OAuth Application
+-----------------------------
+Create an OAuth application on https://github.com/settings/applications/new
+
+Instructions:
+
+- Set the callback URL to: `{domain}/accounts/github/login/callback/`
+
+- Add the client ID and client secret to admin settings
+
+
+III. MediaWiki OAuth Application
+---------------------------------
+To enable MediaWiki social login for your Eventyay instance, you need to register an OAuth application with MediaWiki.
+
+Important Notes
+~~~~~~~~~~~~~~~~
+
+- The OAuth application must be approved by a MediaWiki administrator
+
+- Until approved, only the application owner can log in
+
+Registration Steps
+~~~~~~~~~~~~~~~~~~~
+
+1. Register your OAuth application at: 
+   https://meta.wikimedia.org/wiki/Special:OAuthConsumerRegistration/propose
+
+2. Callback URL Configuration
+
+   - Set the OAuth "callback" URL to: `{domain}/accounts/mediawiki/login/callback/`
+
+   - Example: `http://localhost:8000/accounts/mediawiki/login/callback/`
+
+3. Carefully read and follow the instructions on the registration page. Tick option: access private information.
+
+4. The registered application will return:
+
+   - One consumer key
+
+   - One consumer secret
+
+5. Add the consumer key and consumer secret to your Eventyay admin settings
+
+After Approval
+~~~~~~~~~~~~~~~
+Once approved, other users can log in to your Eventyay instance using their MediaWiki account.

pyproject.toml

@@ -32,8 +32,9 @@ dependencies = [
         'django-filter==24.3',
         'django-scopes==2.0.*',
         'django-localflavor==4.0',
+        'django-cors-headers',
         'reportlab==4.2.*',
-        'Pillow==10.4.*',
+        'Pillow==11.0.*',
         'pypdf==5.1.*',
         'django-libsass==0.9',
         'libsass==0.23.*',
@@ -52,7 +53,7 @@ dependencies = [
         'django-markup',
         'markdown==3.7',
         'bleach==5.0.*',
-        'sentry-sdk==1.15.*',
+        'sentry-sdk==2.19.*',
         'babel',
         'pycparser==2.22',
         'django-redis==5.4.*',
@@ -101,7 +102,9 @@ dependencies = [
         'eventyay-paypal @ git+https://[email protected]/fossasia/eventyay-tickets-paypal.git@master',
         'django_celery_beat==2.7.0',
         'cron-descriptor==1.4.5',
-        'django-allauth[socialaccount]==65.3.0'
+        'django-allauth[socialaccount]==65.3.0',
+        'eventyay-stripe @ git+https://github.com/fossasia/eventyay-tickets-stripe.git@master',
+        'pydantic==2.10.4'
 ]
 
 [project.optional-dependencies]

src/pretix/api/middleware.py

@@ -21,7 +21,7 @@ def __call__(self, request: HttpRequest):
         if request.method in ('GET', 'HEAD', 'OPTIONS'):
             return self.get_response(request)
 
-        if not request.path.startswith('/api/'):
+        if not request.path_info.startswith('/api/'):
             return self.get_response(request)
 
         if not request.headers.get('X-Idempotency-Key'):
@@ -99,7 +99,7 @@ def __init__(self, get_response):
         self.get_response = get_response
 
     def __call__(self, request: HttpRequest):
-        if not request.path.startswith('/api/'):
+        if not request.path_info.startswith('/api/'):
             return self.get_response(request)
 
         url = resolve(request.path_info)

src/pretix/api/serializers/checkin.py

@@ -5,7 +5,7 @@
 from pretix.api.serializers.event import SubEventSerializer
 from pretix.api.serializers.i18n import I18nAwareModelSerializer
 from pretix.base.channels import get_all_sales_channels
-from pretix.base.models import CheckinList
+from pretix.base.models import Checkin, CheckinList
 
 
 class CheckinListSerializer(I18nAwareModelSerializer):
@@ -14,9 +14,12 @@ class CheckinListSerializer(I18nAwareModelSerializer):
 
     class Meta:
         model = CheckinList
-        fields = ('id', 'name', 'all_products', 'limit_products', 'subevent', 'checkin_count', 'position_count',
-                  'include_pending', 'auto_checkin_sales_channels', 'allow_multiple_entries', 'allow_entry_after_exit',
-                  'rules', 'exit_all_at')
+        fields = (
+            'id', 'name', 'all_products', 'limit_products', 'subevent',
+            'checkin_count', 'position_count', 'include_pending',
+            'auto_checkin_sales_channels', 'allow_multiple_entries',
+            'allow_entry_after_exit', 'rules', 'exit_all_at'
+        )
 
     def __init__(self, *args, **kwargs):
         super().__init__(*args, **kwargs)
@@ -57,3 +60,34 @@ def validate(self, data):
         CheckinList.validate_rules(data.get('rules'))
 
         return data
+
+
+class CheckinRedeemInputSerializer(serializers.Serializer):
+    lists = serializers.PrimaryKeyRelatedField(required=True, many=True, queryset=CheckinList.objects.none())
+    secret = serializers.CharField(required=True, allow_null=False)
+    force = serializers.BooleanField(default=False, required=False)
+    source_type = serializers.ChoiceField(choices=['barcode'], default='barcode')
+    type = serializers.ChoiceField(choices=Checkin.CHECKIN_TYPES, default=Checkin.TYPE_ENTRY)
+    ignore_unpaid = serializers.BooleanField(default=False, required=False)
+    questions_supported = serializers.BooleanField(default=True, required=False)
+    nonce = serializers.CharField(required=False, allow_null=True)
+    datetime = serializers.DateTimeField(required=False, allow_null=True)
+    answers = serializers.JSONField(required=False, allow_null=True)
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.fields['lists'].child_relation.queryset = CheckinList.objects.filter(
+            event__in=self.context['events']
+        ).select_related('event')
+
+
+class MiniCheckinListSerializer(I18nAwareModelSerializer):
+    event = serializers.SlugRelatedField(slug_field='slug', read_only=True)
+    subevent = serializers.PrimaryKeyRelatedField(read_only=True)
+
+    class Meta:
+        model = CheckinList
+        fields = ('id', 'name', 'event', 'subevent', 'include_pending')
+
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)

src/pretix/api/urls.py

@@ -88,6 +88,8 @@
         include(question_router.urls)),
     url(r'^organizers/(?P<organizer>[^/]+)/events/(?P<event>[^/]+)/checkinlists/(?P<list>[^/]+)/',
         include(checkinlist_router.urls)),
+    url(r'^organizers/(?P<organizer>[^/]+)/checkin/redeem/$', checkin.CheckinRedeemView.as_view(),
+        name="checkin.redeem"),
     url(r'^organizers/(?P<organizer>[^/]+)/events/(?P<event>[^/]+)/orders/(?P<order>[^/]+)/', include(order_router.urls)),
     url(r"^oauth/authorize$", oauth.AuthorizationView.as_view(), name="authorize"),
     url(r"^oauth/token$", oauth.TokenView.as_view(), name="token"),