Version: | 0.4.0 |
---|---|
Source: | https://github.com/open-formulieren/open-forms-client-django |
Keywords: | Open Forms, Client, Django |
PythonVersion: | 3.9 - 3.11 |
DjangoVersion: | 3.2 - 4.0 |
Easily integrate Open Forms in your Django application. There are 3 main features:
- Configuration to connect to Open Forms is added to your Django admin.
- By adding an
OpenFormsField
in any Django model, you get a list of forms in Open Forms to choose from in the Django admin or other Django forms. - You get templatetags to render an Open Forms form in your webpage.
If you have Sentry installed and you enable Sentry in the Django admin configuration page, it will use your existing configuration to connect to Sentry.
- Python 3.9 or newer
- Django 3.2 or newer
You can install Open Forms Client either via the Python Package Index (PyPI) or from source.
To install using pip
:
pip install django-open-forms-client
To use this with your project you need to follow these steps:
Add
open_forms_client
toINSTALLED_APPS
in your Django project'ssettings.py
:INSTALLED_APPS = ( # ..., "openformsclient", )
Add an
OpenFormsField
to your relevant models (like aPage
model):from openformsclient.models import OpenFormsField class Page(models.Model): # ... form = OpenFormsSlugField(blank=True)
There is also a
OpenFormsUUIDField
that stores the UUID of the form instead of the "slug". This is more precise but if someone replaces a form in Open Forms, the UUID will change but the slug might remain the same.Add the templatetags
{% openforms_sdk_media %}
and{% openforms_form page.form %}
to your templates, to render an Open Forms form:{% load openforms %} <!-- Optional to render Open Forms in the proper language --> <html lang="nl"> <head> <!-- Required for icons used by Open Forms --> <meta charset="utf-8"> {% openforms_sdk_media %} </head> <body> {% if page.form %} {% openforms_form page.form %} {% else %} <p>This page has no form</p> {% endif %} </body> </html>
Configure your Open Forms connection and settings in the admin, under Open Forms client configuration. Once the status field shows a green icon, your configuration is working.
Done.
There are 4 templatetags available with several parameters. All parameters translate to Open Forms SDK parameters.
{% load openforms %}
{% openforms_form form_id csp_nonce base_path lang html_id %}
{% openforms_sdk_media %}
{% openforms_sdk_js %}
{% openforms_sdk_css %}
Note that these are not settings in your own webapplication but they should be set correctly in the Open Forms installation.
ALLOWED_HOSTS
contains your domain name.CSRF_TRUSTED_ORIGINS
contains your domain name.CSRF_COOKIE_SAMESITE
should be"none"
.
When your webapplication uses CSP headers you need to pass the csp_nonce
to the openforms_form
templatetag as well. If you use Django-CSP you can
do this:
{% load openforms %}
{% openforms_form page.form csp_nonce=request.csp_nonce %}
Additionally, you need to allow your webapplication to load styles and scripts
from the Open Forms SDK and connect to the Open Forms API. When using
Django-CSP some options need to be changed in your settings.py
:
# The Open Forms SDK files might differ from the API domain. Note that this
# the same domain as configured in the Open Forms configuration model. You
# might do something smart to use that value here.
OPEN_FORMS_API_DOMAIN = "forms.example.com"
OPEN_FORMS_SDK_DOMAIN = OPEN_FORMS_API_DOMAIN
# Allow your webapp to load styles from Open Forms SDK.
CSP_STYLE_SRC = ("'self'", OPEN_FORMS_SDK_DOMAIN)
# Allow your webapp to load script from Open Forms SDK.
CSP_SCRIPT_SRC = ("'self'", OPEN_FORMS_SDK_DOMAIN)
# Allow your webapp to load images from Open Forms SDK.
CSP_IMG_SRC = ("'self'", OPEN_FORMS_SDK_DOMAIN)
# Allow your webapp to load fonts from Open Forms SDK.
CSP_FONT_SRC = ("'self'", OPEN_FORMS_SDK_DOMAIN)
# Allow your webapp to connect to the Open Forms API.
CSP_CONNECT_SRC = ("'self'", OPEN_FORMS_API_DOMAIN)
The URL changes when you start a form, indicating the step you are currently on. Refreshing the page will result in a HTTP 404 because this URL does not actually exist. You need to catch these URL-patterns and redirect the user back to the form. You can so like this:
# urls.py
# The view thats starts the form
path("page/<slug:slug>", PageView.as_view(), name="page"),
# Whenever you refresh the page that has the form, the URL might be changed
# and needs to redirect the user to the start of the form.
path("page/<slug:slug>/<path:rest>", PageView.as_view()),
This can have many reasons because by default, you typically don't want cross-site requests. The whole point of this client however, is to allow cross-site requests from your website to Open Forms.
Make sure your (not Open Forms) SECURE_REFERER_POLICY
Django setting is set
to origin-when-cross-origin
or less strict. In Django 3.1 this was made
more strict by default.
If this is set correctly and you still get this error, see above settings if your Open Forms installation was correctly configured.
If you can see the form startpage but when you click "start" it doesn't do anything (or you see a CSRF error in your browser log), you are most likely logged in to Open Forms as admin user. Log out of Open Forms or use incognito mode to start the form.
This is a known issue.
Copyright © Maykin Media B.V., 2022
Licensed under the MIT.