From b86c7258e7efdb2f58a55dbf4c2777237419f95e Mon Sep 17 00:00:00 2001
From: Sean Morley <zipsm15@gmail.com>
Date: Fri, 29 Nov 2024 17:51:32 -0500
Subject: [PATCH] Enhance admin security by integrating secure_admin_login from
 AllAuth and updating settings for new dependencies

---
 backend/server/adventures/admin.py  | 5 +++++
 backend/server/main/settings.py     | 6 ++++++
 backend/server/requirements.txt     | 5 ++++-
 backend/server/users/admin.py       | 5 ++++-
 backend/server/worldtravel/admin.py | 4 +++-
 5 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/backend/server/adventures/admin.py b/backend/server/adventures/admin.py
index 6160f60..1a8f7a8 100644
--- a/backend/server/adventures/admin.py
+++ b/backend/server/adventures/admin.py
@@ -3,6 +3,11 @@ from django.contrib import admin
 from django.utils.html import mark_safe
 from .models import Adventure, Checklist, ChecklistItem, Collection, Transportation, Note, AdventureImage, Visit, Category
 from worldtravel.models import Country, Region, VisitedRegion
+from allauth.account.decorators import secure_admin_login
+
+admin.autodiscover()
+admin.site.login = secure_admin_login(admin.site.login)
+
 
 
 class AdventureAdmin(admin.ModelAdmin):
diff --git a/backend/server/main/settings.py b/backend/server/main/settings.py
index d5f8e51..77c3067 100644
--- a/backend/server/main/settings.py
+++ b/backend/server/main/settings.py
@@ -47,10 +47,13 @@ INSTALLED_APPS = (
     'django.contrib.sites',
     'rest_framework',
     'rest_framework.authtoken',
+    "allauth_ui",
     'allauth',
     'allauth.account',
     'allauth.headless',
     'allauth.socialaccount',
+    "widget_tweaks",
+    "slippers",
     'drf_yasg',
     'corsheaders',
     'adventures',
@@ -119,6 +122,9 @@ USE_L10N = True
 
 USE_TZ = True
 
+ALLAUTH_UI_THEME = "dark"
+SILENCED_SYSTEM_CHECKS = ["slippers.E001"]
+
 # Static files (CSS, JavaScript, Images)
 # https://docs.djangoproject.com/en/1.7/howto/static-files/
 
diff --git a/backend/server/requirements.txt b/backend/server/requirements.txt
index 0458487..73b6e9a 100644
--- a/backend/server/requirements.txt
+++ b/backend/server/requirements.txt
@@ -13,4 +13,7 @@ whitenoise
 django-resized
 django-geojson
 setuptools
-gunicorn==23.0.0
\ No newline at end of file
+gunicorn==23.0.0
+slippers==0.6.2
+django-allauth-ui==1.5.1
+django-widget-tweaks==1.5.0
\ No newline at end of file
diff --git a/backend/server/users/admin.py b/backend/server/users/admin.py
index db75154..4418947 100644
--- a/backend/server/users/admin.py
+++ b/backend/server/users/admin.py
@@ -1,7 +1,10 @@
 from django.contrib import admin
-
+from allauth.account.decorators import secure_admin_login
 from django.contrib.sessions.models import Session
 
+admin.autodiscover()
+admin.site.login = secure_admin_login(admin.site.login)
+
 class SessionAdmin(admin.ModelAdmin):
     def _session_data(self, obj):
         return obj.get_decoded()
diff --git a/backend/server/worldtravel/admin.py b/backend/server/worldtravel/admin.py
index 8c38f3f..f0d74d6 100644
--- a/backend/server/worldtravel/admin.py
+++ b/backend/server/worldtravel/admin.py
@@ -1,3 +1,5 @@
 from django.contrib import admin
+from allauth.account.decorators import secure_admin_login
 
-# Register your models here.
+admin.autodiscover()
+admin.site.login = secure_admin_login(admin.site.login)
\ No newline at end of file