Commit Graph

64 Commits

Author SHA1 Message Date
Zev Benjamin 4788443e60 Switch staging to use postgres
(imported from commit fde5bf54a42c6be95fe2436094d7ac1626c29683)
2012-12-12 18:24:22 -05:00
Tim Abbott c09f2d534e Fix using DEBUG=False on development machines.
This is useful for debugging our error Humbug code, for example.

(imported from commit ea244b03eaf74349ade53d15ee20312732b4e083)
2012-12-11 17:15:59 -05:00
Luke Faraone 6ff666b9d7 Filter out "content" and "secret" from exceptions.
(imported from commit 31206f528fc93746133ebe2d9234b6ce0b88cf3b)
2012-12-07 17:32:16 -05:00
Luke Faraone a604183c5b Log errors to Humbug, too.
(imported from commit 2547625135568f3ea004bf4287471a82bc0a4f38)
2012-12-07 17:32:15 -05:00
Luke Faraone adf289c9df Implement basic email error reporting.
Here we send an email for each unique error every ten minutes.

(imported from commit adf5ee4bf52c9aef253a94b1c3647515d9b3e495)
2012-12-07 17:32:15 -05:00
Keegan McAllister 545c1494f0 Configure the app to use memcached
Fixes #54.

(imported from commit c94f5b133143510289d410252340b9a4ab26709c)
2012-11-26 11:59:48 -05:00
Keegan McAllister a2750943e3 Use a custom Django test suite runner
This allows us to define new command-line arguments for 'manage.py test'.

(imported from commit 11cf24694a54a3b717256903b7582ddec9a85587)
2012-11-16 15:33:38 -05:00
Tim Abbott 7ae73fabd4 Log how long requests take to process.
(imported from commit 89915f859e4493ff04a34d198ac6df5541b743cc)
2012-11-14 15:52:57 -05:00
Keegan McAllister ed490c672f Allow running the dev server with the test database, on different ports
For use by frontend tests.

(imported from commit c8f81b862963f00e5b5517ba05b2d1adcab6d78a)
2012-11-13 10:59:02 -05:00
Keegan McAllister 31496e9189 Generalize Tornado-related settings
(imported from commit 76a1338a87e1a6663aa7602a499e2d769814bf08)
2012-11-13 10:59:02 -05:00
Tim Abbott a6cd21a1b8 Log events to a file named after the current server.
Merging these log files together is future work.

(imported from commit 54abf1ed41c2d8ba220fd3af0d997256c2718db0)
2012-11-06 14:12:19 -05:00
Jessica McKellar 204f3b35db settings: give a real ADMIN address.
(imported from commit f6171d5d3a702ae180cd27895ed76bef8890f6fa)
2012-11-02 15:45:51 -04:00
Keegan McAllister 3acc407512 settings: Remove commented-out template loader
(imported from commit 79273487532746f99bdbfac62bb9f34e844639a8)
2012-11-02 14:57:38 -04:00
Keegan McAllister 87bbbd6484 settings: Add a comment about SITE_ID
(imported from commit 2bc8964c32ac8b54a701d52bf64dd7c738d9a5a2)
2012-11-02 14:57:38 -04:00
Keegan McAllister 50e40d3f47 Remove comment about XFrameOptionsMiddleware
We already set X-Frame-Options in nginx.

(imported from commit db2b51340e974f6775001f317dcbdda84be88e38)
2012-10-29 16:14:40 -04:00
Keegan McAllister 0e03a7acc8 views.home: Use @login_required
We can't use reverse() due to what amounts to a module import cycle.

(imported from commit 8a2904648173bc3e4ff2079d33320417b28518d3)
2012-10-29 15:41:28 -04:00
Keegan McAllister 5353f5b3b0 Rename NOT_LOGGED_IN_REDIRECT -> HOME_NOT_LOGGED_IN
If we have other pages that require login, we might want them to redirect to
the login form.  But the root of the site should take you to /accounts/home --
but only after we launch the product.

(imported from commit b5d10e1c908f1ffe1ee68c2689691ca66c896786)
2012-10-29 15:41:28 -04:00
Keegan McAllister 5ed13e9079 Remove inactive Django admin code
These can only cause trouble.

(imported from commit 1def3234675c12461e9fc8b71c6b9e1b107edd1d)
2012-10-29 13:56:09 -04:00
Keegan McAllister 92b10e3bc2 settings.py: Change deployed check
This is security-critical so we have two checks.

(imported from commit adaa1cefe2d08526cdaac2fb0d8cc02773390224)
2012-10-27 11:18:51 -04:00
Keegan McAllister 3e86da67f9 Set the CSRF token cookie as HttpOnly
(imported from commit 0bf4239db085edcfc311efeb61da3ef409cc6206)
2012-10-26 16:08:18 -04:00
Zev Benjamin 732ca19729 Synchronize the pointer across sessions
The client may now optionally send its current pointer during
get_updates and the server will return the latest pointer if it
differs and was updated more recently by a different session.

(imported from commit e43b377d7dfb52f83cefb0b1003863d5407caf80)
2012-10-22 16:44:57 -04:00
Tim Abbott afd141a03e Use fast password hashing when replying old messages locally.
Without this change, one can only create a few users per second(!),
which really puts a damper on quickly importing old messages.

(imported from commit 26daf61b57154daa067db3daf8254c12d23da353)
2012-10-20 17:46:12 -04:00
Keegan McAllister 94f107e281 Log all requests
runserver already prints them to the console, but runfcgi doesn't.

(imported from commit 3450e3fd65ef3990729c94e80dad4fc3c89f0e64)
2012-10-17 18:23:02 -04:00
Keegan McAllister 122edf6a8c Tweak logging config
(imported from commit 686a843c6ccbc2f514669bb7901daacbe639697c)
2012-10-17 18:23:02 -04:00
Keegan McAllister ea916951f4 Disable notify_new_message calls in testing and populate_db
(imported from commit 07a0fea4173e2e27a90ac5f111927f0000377764)
2012-10-17 18:23:01 -04:00
Keegan McAllister a545876d56 Rename notify_waiting_clients -> notify_new_message
We might have other URLs for other notifications.

(imported from commit 4c1c5fe2f039816fef4c268f34692ca4f19d81e8)
2012-10-17 18:23:01 -04:00
Keegan McAllister c851bc4632 Generate initial API keys in the same manner as passwords
(imported from commit 754fa391b441c520082650a0cf3bacf050bf81b3)
2012-10-17 18:23:01 -04:00
Keegan McAllister cc8a14fcf8 Create accounts with passwords which are deterministic but hard to guess (from the outside)
(imported from commit 964610fec6c4690c1e881f2bab252296663c819a)
2012-10-17 18:23:01 -04:00
Keegan McAllister 1fded25025 Make redirects work properly behind a reverse proxy
(imported from commit 7ffb0b10e796ab27a8a4d028195637c9dca74aa7)
2012-10-17 18:23:01 -04:00
Keegan McAllister 5e70b5a291 Split off the Tornado code into a separate process
(imported from commit 95dbd0f438cdba06d6e6c6c539a2a3d49c577cfd)
2012-10-17 18:23:01 -04:00
Keegan McAllister 8070680184 Set the 'secure' flag on Django cookies
(imported from commit b563f62e2b185a8195daf212574c30f6e252900e)
2012-10-17 16:53:26 -04:00
Keegan McAllister 62fad52ad6 Remove unused Django staticfiles app
(imported from commit 275db1a8a752fe307d2b94aa83937ea96fab8a28)
2012-10-17 15:27:29 -04:00
Keegan McAllister 8d4fefbe95 Remove Django staticfiles config
We're not really using it, and it's misleading.

(imported from commit 4244934cdcc957b4e12184b935953830ac443280)
2012-10-17 15:04:33 -04:00
Keegan McAllister 8819bdc0fc Hide most of the navbar on the deployed app
(imported from commit 3b055588f7de805bf1b038f1bc6c03837eda010a)
2012-10-15 18:44:36 -04:00
Keegan McAllister 489fd58e43 Hide register, confirm, etc. on the deployed app
(imported from commit 8bcf84383d4ea4c24dfadaee330517bfc9801bbd)
2012-10-15 18:44:36 -04:00
Keegan McAllister 1876995abb Redirect home to login on deployed server
(imported from commit 9642a3c6b7b0b55cf5731cc2e241aed51431c8ae)
2012-10-15 18:44:36 -04:00
Keegan McAllister 5141cd7ab9 Make a setting for where we redirect home for not logged in users
(imported from commit 95bae4e52d8a8a34c001975e8d3547db5ba256a2)
2012-10-15 18:44:36 -04:00
Keegan McAllister db0cf88cc0 Log additionally to a file server.log
(imported from commit eabf9473ae04d4ff95652d4f8c8ab76f70157519)
2012-10-12 18:01:51 -04:00
Keegan McAllister 1fc80f40ff Log to console even when DEBUG = False
(imported from commit e9812f295ad4e861901092ad1e9f3f14b22371fa)
2012-10-09 11:41:28 -04:00
Tim Abbott e59d7cae48 Rename the Zephyr log to the Message log.
(imported from commit 7dedfb76b6b78ea90a2bfd20788e251c9c29ef47)
2012-10-03 18:14:15 -04:00
Waseem Daher 2873e45b3f Tweak signup email text slightly.
(imported from commit 4f8427a731376d7e9d5eb387673324bb25141743)
2012-10-01 18:05:01 -04:00
Luke Faraone 036d25b6bd Configure email through Gmail
(imported from commit 45fdfa4310f94c9e04dc1710dcb291003c1cc0f5)
2012-10-01 15:03:59 -04:00
Luke Faraone 50dfbf7a1b Implement confirmation for new user signups.
We add a few templates for django-confirmation. We define a
"PreregistrationForm" which is validated by accounts_home, which then
generates a confirmation object and emails the user. This required creating
a new table for a PreregistrationUser with an email and status (confirmed)
field.

The register function now no longer accepts a "email" field in the form
and deals only with confirmation IDs to determine the email used to sign
up a user.

(imported from commit 4fcde04530aa7ad4de84579668daee7290b424ac)
2012-10-01 10:45:58 -04:00
Tim Abbott 699e05383f Log messages and restore them with populate_db.
(imported from commit 959f038a736e48d32819bc04bd054632a2e911c6)
2012-09-27 15:01:30 -04:00
Keegan McAllister 3cbc56a866 Rename MD5_SALT to HASH_SALT
(imported from commit 3112cd805614c3057a9eb8f1b251381f48ab3173)
2012-09-21 13:44:09 -04:00
Tim Abbott 135c82717d Authenticate by email.
Approach from http://www.micahcarrick.com/django-email-authentication.html.

(imported from commit 796b8e08d8e1f9769cd3cf8ee61d3724ac3847b7)
2012-09-21 10:34:48 -04:00
Keegan McAllister af5282abd4 Add client-side debugging tools
(imported from commit faa87e85f366e91fe33e0f24e00ae1197403605d)
2012-09-19 16:25:23 -04:00
Luke Faraone eb1740e1e7 Use emails in the gravatar seed, don't display a static gravatar for the current user.
(imported from commit 64d1fd4f1cd33796bc907fef9778e088d80b8c5a)
2012-09-19 13:39:34 -04:00
Keegan McAllister 3b9fcb6404 Configure Django for in-memory caching
(imported from commit ad9e5b1712eef77631ea4d8de5a018cdb04742d8)
2012-09-19 12:58:38 -04:00
Keegan McAllister 57ede6bd29 Configure Django for INFO logging even with DEBUG = False
(imported from commit e7d61d10ebb548c0d902c7e2ae947129884e8145)
2012-09-18 17:00:04 -04:00