Tim Abbott
cb0de0fc60
Fix logging in with email addresses long than 30 characters.
...
(imported from commit 81d0c329d0c7403986e2379accbe2f1be3c731e3)
2013-01-16 17:02:06 -05:00
Keegan McAllister
b5a0147e26
Log events to a file named after today's date
...
We need this so that we can safely expunge old events without interfering with
the running server. See #414 .
(imported from commit 4739e59e36ea69f877c158c13ee752bf6a2dacfe)
2013-01-15 14:37:36 -05:00
Tim Abbott
e592e71515
[manual] Use rabbitmq queue to process UserActivity.
...
Before this is deployed, we need to install rabbitmq and pika on the
target server (see the puppet part of this commit for how).
When this is deployed, we need to start the new user activity bot:
./manage.py process_user_activity
in the screen session on the relevant server, or user_activity logs
won't be processed (which will eventually result in all users getting
notifications about how their mirrors are out of date).
(imported from commit 44d605aca0290bef2c94fb99267e15e26b21673b)
2013-01-14 13:28:23 -05:00
Tim Abbott
3b7d61e45f
tornado: Get User and UserProfile objects from a memcached.
...
This commit has the effect of eliminating all of the non-UserActivity
database queries from the Tornado process -- at least in the uncached
case.
This is safe to do, if a bit fragile, since our Tornado code only
accesses these objects (as opposed to their IDs) in a few places that
are all fine with old data, and I don't expect us to add any new ones
soon:
* UserActivity logging, which I plan to move out of Tornado entirely
* Checking whether we're authenticated in our decorators (which could
be simplified -- the actual security check is just whether the
Django session object has a particular field)
* Checking the user realm for whether we should sync to the client
notices about their Zephyr mirror being up to date, which is quite
static and I think we can move out of this code path.
But implementation constraints around mapping the user_ids to
user_profile_ids mean that it makes sense to get the actual objects
for now.
This code is not what I want to do long-term. I expect we'll be able
to clean up the dual User/UserProfile nonsense once we integrate the
upcoming Django 1.5 release, with its support for pluggable User
models, and after that I change, I expect it'll be fairly easy to make
the Tornado code only work with the user ID, not the actual objects.
(imported from commit 82e25b62fd0e3af7c86040600c63a4deec7bec06)
2013-01-11 16:11:07 -05:00
Tim Abbott
e15c575977
Cache Django session objects using memcached.
...
(imported from commit 531ea34d5781b27401a7e2d90a0be99927d0bae5)
2013-01-10 16:59:36 -05:00
Jessica McKellar
2c6ac969ff
Temporarily increase get_updates polling timeout to deal with increased load.
...
(imported from commit 8477c829f1f69299ddb9c22dee722825dd673ee7)
2013-01-09 21:07:43 -05:00
Luke Faraone
0646cd7e21
[manual] Convert Humbug to use Django South.
...
This was done using instructions provided by the South authors:
<http://south.readthedocs.org/en/0.7.6/convertinganapp.html >
This adds a dependency on python-django-south >=0.7.5. Now when you are
reinitializing the database, you need to run "./manage.py migrate --all"
before running populate_db.
When deploying this commit onto existing servers, you need to run these
commands manually:
./manage.py syncdb
./manage.py migrate zephyr 0001 --fake
./manage.py migrate confirmation 0001 --fake
These do *not* need to be run on new databases, only on existing ones.
(imported from commit f24cff421a6be9ab9cf4c4342565c484ac336e2d)
2013-01-08 18:14:39 -05:00
Tim Abbott
86862a8c0a
Fix running Django against postgres on Tim's laptop.
...
I'm not sure why this wasn't set before, but it's needed for this to work.
(imported from commit fd77c975a234ccd6a972a6f2c9bfac21fcbb2d25)
2013-01-07 15:06:28 -05:00
Zev Benjamin
c6929bbc9f
Allow PBKDF2 password hashes in dev mode
...
This fixes a problem where if you were 1) running in development
mode, 2) had populated the database from production data, and 3)
tried to log in with an account that had changed its password, you
wouldn't be able to. The problem was that the password change
created a password change record with a PBKDF2 hash, not a SHA1 hash.
This change lets the dev server accept PBKDF2 hashed passwords, but
still use SHA1 password hashes for creating test users for speed.
(imported from commit 2840d266f93add1edbba7f93a7f1491372fc8cf1)
2013-01-03 16:03:55 -05:00
Jessica McKellar
c01a6ecb1e
Remove unused django.contrib.messages middleware.
...
(imported from commit 224ff811c5c8c8b1205822c65a6d23993ac68e5e)
2013-01-02 17:41:50 -05:00
Zev Benjamin
bf5ce4783d
Move @has_request_variables error responses to middleware
...
This will now allow us to use @has_request_variables on helper
functions.
(imported from commit 799d71477654eac7fd8192cfc5bb88b78053532d)
2012-12-20 14:26:36 -05:00
Tim Abbott
35226c352d
Enable postgres on prod server.
...
(imported from commit 4cf25c4ffe685dcfeb8d6c87ade3fcca7a92a807)
2012-12-15 08:42:12 -05:00
Tim Abbott
aa0924f36b
Switch Tim's laptop to use postgres.
...
(imported from commit e7f9d359843d23986ba25576531f0935f99f4c12)
2012-12-14 17:15:32 -05:00
Keegan McAllister
44b9925bfc
Configure get_updates timeout in settings.py
...
(imported from commit 2a647bdd73c43ca5fed704925808efafc70da044)
2012-12-14 16:22:42 -05:00
Zev Benjamin
103eb5130d
Authenticate to Postgres with client certificates and check the server's certificate
...
(imported from commit a3be2178d7675d409d81b9119815ac1f680d1388)
2012-12-14 11:38:18 -05:00
Zev Benjamin
4788443e60
Switch staging to use postgres
...
(imported from commit fde5bf54a42c6be95fe2436094d7ac1626c29683)
2012-12-12 18:24:22 -05:00
Tim Abbott
c09f2d534e
Fix using DEBUG=False on development machines.
...
This is useful for debugging our error Humbug code, for example.
(imported from commit ea244b03eaf74349ade53d15ee20312732b4e083)
2012-12-11 17:15:59 -05:00
Luke Faraone
6ff666b9d7
Filter out "content" and "secret" from exceptions.
...
(imported from commit 31206f528fc93746133ebe2d9234b6ce0b88cf3b)
2012-12-07 17:32:16 -05:00
Luke Faraone
a604183c5b
Log errors to Humbug, too.
...
(imported from commit 2547625135568f3ea004bf4287471a82bc0a4f38)
2012-12-07 17:32:15 -05:00
Luke Faraone
adf289c9df
Implement basic email error reporting.
...
Here we send an email for each unique error every ten minutes.
(imported from commit adf5ee4bf52c9aef253a94b1c3647515d9b3e495)
2012-12-07 17:32:15 -05:00
Keegan McAllister
545c1494f0
Configure the app to use memcached
...
Fixes #54 .
(imported from commit c94f5b133143510289d410252340b9a4ab26709c)
2012-11-26 11:59:48 -05:00
Keegan McAllister
a2750943e3
Use a custom Django test suite runner
...
This allows us to define new command-line arguments for 'manage.py test'.
(imported from commit 11cf24694a54a3b717256903b7582ddec9a85587)
2012-11-16 15:33:38 -05:00
Tim Abbott
7ae73fabd4
Log how long requests take to process.
...
(imported from commit 89915f859e4493ff04a34d198ac6df5541b743cc)
2012-11-14 15:52:57 -05:00
Keegan McAllister
ed490c672f
Allow running the dev server with the test database, on different ports
...
For use by frontend tests.
(imported from commit c8f81b862963f00e5b5517ba05b2d1adcab6d78a)
2012-11-13 10:59:02 -05:00
Keegan McAllister
31496e9189
Generalize Tornado-related settings
...
(imported from commit 76a1338a87e1a6663aa7602a499e2d769814bf08)
2012-11-13 10:59:02 -05:00
Tim Abbott
a6cd21a1b8
Log events to a file named after the current server.
...
Merging these log files together is future work.
(imported from commit 54abf1ed41c2d8ba220fd3af0d997256c2718db0)
2012-11-06 14:12:19 -05:00
Jessica McKellar
204f3b35db
settings: give a real ADMIN address.
...
(imported from commit f6171d5d3a702ae180cd27895ed76bef8890f6fa)
2012-11-02 15:45:51 -04:00
Keegan McAllister
3acc407512
settings: Remove commented-out template loader
...
(imported from commit 79273487532746f99bdbfac62bb9f34e844639a8)
2012-11-02 14:57:38 -04:00
Keegan McAllister
87bbbd6484
settings: Add a comment about SITE_ID
...
(imported from commit 2bc8964c32ac8b54a701d52bf64dd7c738d9a5a2)
2012-11-02 14:57:38 -04:00
Keegan McAllister
50e40d3f47
Remove comment about XFrameOptionsMiddleware
...
We already set X-Frame-Options in nginx.
(imported from commit db2b51340e974f6775001f317dcbdda84be88e38)
2012-10-29 16:14:40 -04:00
Keegan McAllister
0e03a7acc8
views.home: Use @login_required
...
We can't use reverse() due to what amounts to a module import cycle.
(imported from commit 8a2904648173bc3e4ff2079d33320417b28518d3)
2012-10-29 15:41:28 -04:00
Keegan McAllister
5353f5b3b0
Rename NOT_LOGGED_IN_REDIRECT -> HOME_NOT_LOGGED_IN
...
If we have other pages that require login, we might want them to redirect to
the login form. But the root of the site should take you to /accounts/home --
but only after we launch the product.
(imported from commit b5d10e1c908f1ffe1ee68c2689691ca66c896786)
2012-10-29 15:41:28 -04:00
Keegan McAllister
5ed13e9079
Remove inactive Django admin code
...
These can only cause trouble.
(imported from commit 1def3234675c12461e9fc8b71c6b9e1b107edd1d)
2012-10-29 13:56:09 -04:00
Keegan McAllister
92b10e3bc2
settings.py: Change deployed check
...
This is security-critical so we have two checks.
(imported from commit adaa1cefe2d08526cdaac2fb0d8cc02773390224)
2012-10-27 11:18:51 -04:00
Keegan McAllister
3e86da67f9
Set the CSRF token cookie as HttpOnly
...
(imported from commit 0bf4239db085edcfc311efeb61da3ef409cc6206)
2012-10-26 16:08:18 -04:00
Zev Benjamin
732ca19729
Synchronize the pointer across sessions
...
The client may now optionally send its current pointer during
get_updates and the server will return the latest pointer if it
differs and was updated more recently by a different session.
(imported from commit e43b377d7dfb52f83cefb0b1003863d5407caf80)
2012-10-22 16:44:57 -04:00
Tim Abbott
afd141a03e
Use fast password hashing when replying old messages locally.
...
Without this change, one can only create a few users per second(!),
which really puts a damper on quickly importing old messages.
(imported from commit 26daf61b57154daa067db3daf8254c12d23da353)
2012-10-20 17:46:12 -04:00
Keegan McAllister
94f107e281
Log all requests
...
runserver already prints them to the console, but runfcgi doesn't.
(imported from commit 3450e3fd65ef3990729c94e80dad4fc3c89f0e64)
2012-10-17 18:23:02 -04:00
Keegan McAllister
122edf6a8c
Tweak logging config
...
(imported from commit 686a843c6ccbc2f514669bb7901daacbe639697c)
2012-10-17 18:23:02 -04:00
Keegan McAllister
ea916951f4
Disable notify_new_message calls in testing and populate_db
...
(imported from commit 07a0fea4173e2e27a90ac5f111927f0000377764)
2012-10-17 18:23:01 -04:00
Keegan McAllister
a545876d56
Rename notify_waiting_clients -> notify_new_message
...
We might have other URLs for other notifications.
(imported from commit 4c1c5fe2f039816fef4c268f34692ca4f19d81e8)
2012-10-17 18:23:01 -04:00
Keegan McAllister
c851bc4632
Generate initial API keys in the same manner as passwords
...
(imported from commit 754fa391b441c520082650a0cf3bacf050bf81b3)
2012-10-17 18:23:01 -04:00
Keegan McAllister
cc8a14fcf8
Create accounts with passwords which are deterministic but hard to guess (from the outside)
...
(imported from commit 964610fec6c4690c1e881f2bab252296663c819a)
2012-10-17 18:23:01 -04:00
Keegan McAllister
1fded25025
Make redirects work properly behind a reverse proxy
...
(imported from commit 7ffb0b10e796ab27a8a4d028195637c9dca74aa7)
2012-10-17 18:23:01 -04:00
Keegan McAllister
5e70b5a291
Split off the Tornado code into a separate process
...
(imported from commit 95dbd0f438cdba06d6e6c6c539a2a3d49c577cfd)
2012-10-17 18:23:01 -04:00
Keegan McAllister
8070680184
Set the 'secure' flag on Django cookies
...
(imported from commit b563f62e2b185a8195daf212574c30f6e252900e)
2012-10-17 16:53:26 -04:00
Keegan McAllister
62fad52ad6
Remove unused Django staticfiles app
...
(imported from commit 275db1a8a752fe307d2b94aa83937ea96fab8a28)
2012-10-17 15:27:29 -04:00
Keegan McAllister
8d4fefbe95
Remove Django staticfiles config
...
We're not really using it, and it's misleading.
(imported from commit 4244934cdcc957b4e12184b935953830ac443280)
2012-10-17 15:04:33 -04:00
Keegan McAllister
8819bdc0fc
Hide most of the navbar on the deployed app
...
(imported from commit 3b055588f7de805bf1b038f1bc6c03837eda010a)
2012-10-15 18:44:36 -04:00
Keegan McAllister
489fd58e43
Hide register, confirm, etc. on the deployed app
...
(imported from commit 8bcf84383d4ea4c24dfadaee330517bfc9801bbd)
2012-10-15 18:44:36 -04:00
Keegan McAllister
1876995abb
Redirect home to login on deployed server
...
(imported from commit 9642a3c6b7b0b55cf5731cc2e241aed51431c8ae)
2012-10-15 18:44:36 -04:00
Keegan McAllister
5141cd7ab9
Make a setting for where we redirect home for not logged in users
...
(imported from commit 95bae4e52d8a8a34c001975e8d3547db5ba256a2)
2012-10-15 18:44:36 -04:00
Keegan McAllister
db0cf88cc0
Log additionally to a file server.log
...
(imported from commit eabf9473ae04d4ff95652d4f8c8ab76f70157519)
2012-10-12 18:01:51 -04:00
Keegan McAllister
1fc80f40ff
Log to console even when DEBUG = False
...
(imported from commit e9812f295ad4e861901092ad1e9f3f14b22371fa)
2012-10-09 11:41:28 -04:00
Tim Abbott
e59d7cae48
Rename the Zephyr log to the Message log.
...
(imported from commit 7dedfb76b6b78ea90a2bfd20788e251c9c29ef47)
2012-10-03 18:14:15 -04:00
Waseem Daher
2873e45b3f
Tweak signup email text slightly.
...
(imported from commit 4f8427a731376d7e9d5eb387673324bb25141743)
2012-10-01 18:05:01 -04:00
Luke Faraone
036d25b6bd
Configure email through Gmail
...
(imported from commit 45fdfa4310f94c9e04dc1710dcb291003c1cc0f5)
2012-10-01 15:03:59 -04:00
Luke Faraone
50dfbf7a1b
Implement confirmation for new user signups.
...
We add a few templates for django-confirmation. We define a
"PreregistrationForm" which is validated by accounts_home, which then
generates a confirmation object and emails the user. This required creating
a new table for a PreregistrationUser with an email and status (confirmed)
field.
The register function now no longer accepts a "email" field in the form
and deals only with confirmation IDs to determine the email used to sign
up a user.
(imported from commit 4fcde04530aa7ad4de84579668daee7290b424ac)
2012-10-01 10:45:58 -04:00
Tim Abbott
699e05383f
Log messages and restore them with populate_db.
...
(imported from commit 959f038a736e48d32819bc04bd054632a2e911c6)
2012-09-27 15:01:30 -04:00
Keegan McAllister
3cbc56a866
Rename MD5_SALT to HASH_SALT
...
(imported from commit 3112cd805614c3057a9eb8f1b251381f48ab3173)
2012-09-21 13:44:09 -04:00
Tim Abbott
135c82717d
Authenticate by email.
...
Approach from http://www.micahcarrick.com/django-email-authentication.html .
(imported from commit 796b8e08d8e1f9769cd3cf8ee61d3724ac3847b7)
2012-09-21 10:34:48 -04:00
Keegan McAllister
af5282abd4
Add client-side debugging tools
...
(imported from commit faa87e85f366e91fe33e0f24e00ae1197403605d)
2012-09-19 16:25:23 -04:00
Luke Faraone
eb1740e1e7
Use emails in the gravatar seed, don't display a static gravatar for the current user.
...
(imported from commit 64d1fd4f1cd33796bc907fef9778e088d80b8c5a)
2012-09-19 13:39:34 -04:00
Keegan McAllister
3b9fcb6404
Configure Django for in-memory caching
...
(imported from commit ad9e5b1712eef77631ea4d8de5a018cdb04742d8)
2012-09-19 12:58:38 -04:00
Keegan McAllister
57ede6bd29
Configure Django for INFO logging even with DEBUG = False
...
(imported from commit e7d61d10ebb548c0d902c7e2ae947129884e8145)
2012-09-18 17:00:04 -04:00
Keegan McAllister
cf8cc277ff
Restore DEBUG = False on deployed app
...
This reverts commit c3f0a8f7a388596113613c9ab18bdbccbf415226.
(imported from commit 24147588b3c31831116c364adeaea50caa8af198)
2012-09-18 13:45:52 -04:00
Keegan McAllister
af941e7779
settings.py: Disable error email to admins
...
Sending email was hanging Tornado's event loop.
(imported from commit ab0ec21fa886e68a6acb21b6ee8e036265ce6f08)
2012-09-18 13:44:25 -04:00
Keegan McAllister
2e3e44b5bb
App hangs with DEBUG = False (??)
...
Will debug this problem tomorrow.
(imported from commit c3f0a8f7a388596113613c9ab18bdbccbf415226)
2012-09-17 19:17:53 -04:00
Keegan McAllister
a8a8be2d8d
Distinguish deploy server by hostname
...
(imported from commit 685001e49f8add7540ae807acb8d3a604a969d4f)
2012-09-17 18:15:42 -04:00
Tim Abbott
1822a997ed
Use MySQL by default if available.
...
(imported from commit d899c8ef922a07e7387688e5770cdfb4d2c472a6)
2012-09-17 13:20:18 -04:00
Jessica McKellar
6ccbab9bf5
Conditionally configure MySQL as a database backend.
...
Even though SQLite is the default, Django tries to import MySQLdb,
which on OS X is challenging to install.
(imported from commit 0947c86e5e9a1fbf2ff8d74b78f297ff939ff712)
2012-09-14 16:34:23 -04:00
Tim Abbott
2793ec15fd
Use longer timeouts for sqlite lock contention.
...
(imported from commit 34fcc295b032d93ec58435ad18baa790ee8d0cfe)
2012-09-14 13:32:26 -04:00
Tim Abbott
634dd59833
settings: Add mysql definitions.
...
(imported from commit 4419c072e99da3e13f07efe58cadcc76822e99e5)
2012-09-14 13:32:25 -04:00
Keegan McAllister
d6d4bcd192
Use Eastern Time as the server default timezone
...
This isn't actually important for our current timestamp handling.
(imported from commit d16f3d9004c5f3cdb8a9bcb26d2e17a10c197f50)
2012-09-12 17:00:18 -04:00
Keegan McAllister
474f08198b
Send zephyr template inline with index.html using django-jstemplate
...
(imported from commit 58cc8a50d463548aa283658dbe0aae366ecab39f)
2012-09-06 15:48:15 -04:00
Tim Abbott
742d8a40a0
Set the homepage as LOGIN_REDIRECT_URL
...
(imported from commit a65eec79d7c64e02969699a7288313227f85b99f)
2012-09-06 15:35:01 -04:00
Jessica McKellar
2b9a3205be
Switch zephyrs to the notion of a "Recipient", which is either a class or user.
...
(imported from commit edc46267dab9cc972358b6020ca28b009e15d8c5)
2012-08-28 16:34:23 -04:00
Jessica McKellar
39f5bb609a
Don't hardcode a full path to TEMPLATE_DIRS, so it can be deployed anywhere.
...
(imported from commit 35deb40218d1626d38e00924a787234ec13732e3)
2012-08-28 12:45:32 -04:00
Jessica McKellar
d90e8f6ec5
Initial Django commit: basic account, zephyr stream, narrowing, etc.
...
(imported from commit 3cd40521171a4020c19021eda0d20ee9f802af41)
2012-08-28 12:44:51 -04:00