From fb67e4207849bec21a7bfc70dd494d20d66fdb5a Mon Sep 17 00:00:00 2001
From: mpeltriaux <michel.peltriaux@sgdnord.rlp.de>
Date: Tue, 28 Nov 2023 12:59:40 +0100
Subject: [PATCH 1/2] # CSRF_TRUSTED_ORIGINS

* new in Django4: setting CSRF_TRUSTED_ORIGINS needs to be set to schema+host for new CSRF security handling
---
 konova/sub_settings/django_settings.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/konova/sub_settings/django_settings.py b/konova/sub_settings/django_settings.py
index 746df289..906cafee 100644
--- a/konova/sub_settings/django_settings.py
+++ b/konova/sub_settings/django_settings.py
@@ -42,6 +42,10 @@ ALLOWED_HOSTS = [
     "localhost",
 ]
 
+CSRF_TRUSTED_ORIGINS = [
+    "http://localhost",  # not only host but schema (http/s) as well!
+]
+
 # Authentication settings
 LOGIN_URL = "/login/"
 

From a0823814c59d46c268bd9a9ee34d4e19c175d5c6 Mon Sep 17 00:00:00 2001
From: mpeltriaux <michel.peltriaux@sgdnord.rlp.de>
Date: Wed, 29 Nov 2023 12:21:37 +0100
Subject: [PATCH 2/2] Hotfix: EcoAccount serializable

* fixes bug where EcoAccount model was not serializable due to changes in newer DAL version due to Django4
---
 compensation/autocomplete/eco_account.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/compensation/autocomplete/eco_account.py b/compensation/autocomplete/eco_account.py
index d1ea90f4..4e506815 100644
--- a/compensation/autocomplete/eco_account.py
+++ b/compensation/autocomplete/eco_account.py
@@ -32,3 +32,9 @@ class EcoAccountAutocomplete(Select2QuerySetView):
                 Q(title__icontains=self.q)
             ).distinct()
         return qs
+
+    def get_result_label(self, result):
+        return str(result)
+
+    def get_selected_result_label(self, result):
+        return str(result)