If SODAR is set up with docker-compose and an extra reverse proxy is put in front of it (e.g. as part of a firewall), the login will fail due to CSRF checks inside Django.
Solution
To make such setup work, SODAR should expose some more Django settings, related to the CSRF checks:
CSRF_TRUSTED_ORIGINS
CSRF_COOKIE_DOMAIN
USE_X_FORWARDED_HOST
Additional Context
The precise meanings of the above settings depend on the Django version. That is especially true for CSRF_TRUSTED_ORIGINS. Currently SODAR uses version, which requires this parameter to hold a list of DNS names and DNS name suffixes as documented here:
Problem
If SODAR is set up with docker-compose and an extra reverse proxy is put in front of it (e.g. as part of a firewall), the login will fail due to CSRF checks inside Django.
Solution
To make such setup work, SODAR should expose some more Django settings, related to the CSRF checks:
Additional Context
The precise meanings of the above settings depend on the Django version. That is especially true for CSRF_TRUSTED_ORIGINS. Currently SODAR uses version, which requires this parameter to hold a list of DNS names and DNS name suffixes as documented here:
Future versions will most likely require URL patterns instead, as documented in the most recent Django documentation.
Will file a pull request soon.