From 85a255ed1b1575de35f1d2c65ba4ece46b44631a Mon Sep 17 00:00:00 2001
From: root <root@rcamp2.rc.int.colorado.edu>
Date: Tue, 24 Feb 2026 15:37:32 -0700
Subject: [PATCH] Remove username being private key, it conflicts across OUs

---
 rcamp/accounts/models.py        | 2 +-
 rcamp/rcamp/settings/main.py    | 4 ++++
 rcamp/rcamp/templates/base.html | 7 ++++++-
 rcamp/rcamp/urls.py             | 2 +-
 4 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/rcamp/accounts/models.py b/rcamp/accounts/models.py
index 241d268..19d3b39 100644
--- a/rcamp/accounts/models.py
+++ b/rcamp/accounts/models.py
@@ -219,7 +219,7 @@ class Meta:
     full_name = ldap_fields.CharField(db_column='cn')
     email = ldap_fields.CharField(db_column='mail')
     # posixAccount
-    username = ldap_fields.CharField(db_column='uid', primary_key=True)
+    username = ldap_fields.CharField(db_column='uid')
     # ldap specific
     modified_date = ldap_fields.DateTimeField(db_column='modifytimestamp',blank=True)
 
diff --git a/rcamp/rcamp/settings/main.py b/rcamp/rcamp/settings/main.py
index 48f7061..8aba66c 100644
--- a/rcamp/rcamp/settings/main.py
+++ b/rcamp/rcamp/settings/main.py
@@ -11,6 +11,9 @@
 hosts = os.environ.get('RCAMP_ALLOWEDHOSTS')
 ALLOWED_HOSTS = hosts.split(',')
 
+CSRF_TRUSTED_ORIGINS = [
+    "https://rcamp.rc.colorado.edu",
+]
 
 INSTALLED_APPS = [
     'django.contrib.admin',
@@ -71,6 +74,7 @@
 
 
 LOGIN_REDIRECT_URL = '/'
+LOGOUT_REDIRECT_URL = "/login"
 
 # Internationalization
 # https://docs.djangoproject.com/en/1.8/topics/i18n/
diff --git a/rcamp/rcamp/templates/base.html b/rcamp/rcamp/templates/base.html
index b8ade10..01579fc 100644
--- a/rcamp/rcamp/templates/base.html
+++ b/rcamp/rcamp/templates/base.html
@@ -42,7 +42,12 @@
                             {% if request.user.is_authenticated %}
                             <li><a href="/admin">Admin</a></li>
                             {% endif %}
-                            <li><a href="/logout">Logout</a></li>
+                            <li>
+                                <form method="post" action="{% url 'logout' %}" style="display:inline;">
+                                {% csrf_token %}
+                                <button type="submit" class="btn btn-link p-0 align-baseline">Log out</button>
+                                </form>
+                            </li>
                         </ul>
                     </li>
                     {% else %}
diff --git a/rcamp/rcamp/urls.py b/rcamp/rcamp/urls.py
index 3fbc24d..5c66627 100644
--- a/rcamp/rcamp/urls.py
+++ b/rcamp/rcamp/urls.py
@@ -34,7 +34,7 @@
     re_path(r'^grappelli/', include('grappelli.urls')), # grappelli URLS
     re_path(r'^$', index_view, name='index'),
     re_path(r'^login', auth_views.LoginView.as_view(template_name='registration/login.html')),
-    re_path(r'^logout', auth_views.LogoutView.as_view(template_name='registration/logout.html')),
+    re_path(r'^logout', auth_views.LogoutView.as_view(template_name='registration/logout.html'), name='logout'),
     re_path(r'^admin/', admin.site.urls),
     re_path(r'^api/', include('endpoints.urls')),
     re_path(r'^accounts/', include(('accounts.urls', 'accounts'), namespace='accounts')),