Keegan McAllister
3e86da67f9
Set the CSRF token cookie as HttpOnly
...
(imported from commit 0bf4239db085edcfc311efeb61da3ef409cc6206)
2012-10-26 16:08:18 -04:00
Keegan McAllister
6f3b9ef00d
Enable /terms and /privacy on the live site
...
At Jeff's request.
(imported from commit 2cc25252e3183f858fcd63dddcc97573a5ac6082)
2012-10-26 13:00:01 -04:00
Zev Benjamin
8a66d52228
Expose get_old_messages to API
...
(imported from commit d3b86a049440c54b52d96c27f8925a73496eaffe)
2012-10-26 10:42:11 -04:00
Keegan McAllister
2afa9894ce
Add a draft privacy policy
...
(imported from commit 4095e3bb72a5975b4353bf0eace9da48c0eec200)
2012-10-25 19:11:28 -04:00
Jeff Arnold
5316fc9863
Rename tos -> terms in urls.py
...
(imported from commit 5cb47202f62b500b2fdaa49b093830df279828b3)
2012-10-25 16:07:18 -04:00
Keegan McAllister
eef027560a
Remove unused imports
...
(imported from commit eb576627ff72e57fee0e3a4c357f51ad74cd6c86)
2012-10-25 15:22:18 -04:00
Keegan McAllister
f8540dcdae
Wrap some other extremely long lines
...
(imported from commit e7d55f318c8865ca953bf4520d1b07f7e84a4aeb)
2012-10-25 15:22:18 -04:00
Zev Benjamin
c4189d1029
Add get_old_messages json call
...
This new call only allows fetching of existing messages. The idea is
to remove this functionality from get_updates to simplify the backend
code.
(imported from commit 1345db2f1707e208e7c0bd08b7d444932c68b6a2)
2012-10-25 12:10:44 -04:00
Keegan McAllister
6172f42b6b
Add terms of service at /tos
...
Based on Jeff's "Terms of Service.rtf"
(imported from commit 0ac24148cd963c65252c349556cb04aa4a1d79b2)
2012-10-24 19:31:56 -04:00
Zev Benjamin
732ca19729
Synchronize the pointer across sessions
...
The client may now optionally send its current pointer during
get_updates and the server will return the latest pointer if it
differs and was updated more recently by a different session.
(imported from commit e43b377d7dfb52f83cefb0b1003863d5407caf80)
2012-10-22 16:44:57 -04:00
Jessica McKellar
f5f3ffc6a9
Expose an API method for updating the pointer.
...
(imported from commit 66d49c149e0bbc60e82a5967b77aff69629b09e7)
2012-10-21 13:33:14 -04:00
Jessica McKellar
0fb836538d
Add an API request for getting profile (specifically pointer) data.
...
Mobile clients need it.
We are going to need to sit down and think about how much power we
want to give our API users, though. For example, should they even get
to know about your absolute pointer value (maybe they should only be
able to make requests relative to your pointer), or be able to request
very old ranges of messages?
(imported from commit 1680655f0d9a670bc0da0ddb92fbbd5cf851d3dd)
2012-10-20 21:59:59 -04:00
Tim Abbott
afd141a03e
Use fast password hashing when replying old messages locally.
...
Without this change, one can only create a few users per second(!),
which really puts a damper on quickly importing old messages.
(imported from commit 26daf61b57154daa067db3daf8254c12d23da353)
2012-10-20 17:46:12 -04:00
Keegan McAllister
f5d4471993
Only serve static files from Django if DEBUG = True
...
(imported from commit 5028f9caf637e95aa83a0736bf11930357fc725e)
2012-10-17 18:24:15 -04:00
Keegan McAllister
94f107e281
Log all requests
...
runserver already prints them to the console, but runfcgi doesn't.
(imported from commit 3450e3fd65ef3990729c94e80dad4fc3c89f0e64)
2012-10-17 18:23:02 -04:00
Keegan McAllister
122edf6a8c
Tweak logging config
...
(imported from commit 686a843c6ccbc2f514669bb7901daacbe639697c)
2012-10-17 18:23:02 -04:00
Keegan McAllister
ea916951f4
Disable notify_new_message calls in testing and populate_db
...
(imported from commit 07a0fea4173e2e27a90ac5f111927f0000377764)
2012-10-17 18:23:01 -04:00
Keegan McAllister
a545876d56
Rename notify_waiting_clients -> notify_new_message
...
We might have other URLs for other notifications.
(imported from commit 4c1c5fe2f039816fef4c268f34692ca4f19d81e8)
2012-10-17 18:23:01 -04:00
Keegan McAllister
c851bc4632
Generate initial API keys in the same manner as passwords
...
(imported from commit 754fa391b441c520082650a0cf3bacf050bf81b3)
2012-10-17 18:23:01 -04:00
Keegan McAllister
cc8a14fcf8
Create accounts with passwords which are deterministic but hard to guess (from the outside)
...
(imported from commit 964610fec6c4690c1e881f2bab252296663c819a)
2012-10-17 18:23:01 -04:00
Keegan McAllister
1fded25025
Make redirects work properly behind a reverse proxy
...
(imported from commit 7ffb0b10e796ab27a8a4d028195637c9dca74aa7)
2012-10-17 18:23:01 -04:00
Keegan McAllister
5e70b5a291
Split off the Tornado code into a separate process
...
(imported from commit 95dbd0f438cdba06d6e6c6c539a2a3d49c577cfd)
2012-10-17 18:23:01 -04:00
Tim Abbott
758bbe6fc9
Rename api_fetch_key to api_fetch_api_key to match json methods.
...
(imported from commit ed1c33f5017426dd38882c06ac38343451edb94b)
2012-10-17 17:13:33 -04:00
Tim Abbott
ae3e24458c
Add a UI for requesting your API key.
...
(imported from commit 07c40caf73f3b6c1c502a6c8e18109532dd28cc3)
2012-10-17 17:09:46 -04:00
Keegan McAllister
8070680184
Set the 'secure' flag on Django cookies
...
(imported from commit b563f62e2b185a8195daf212574c30f6e252900e)
2012-10-17 16:53:26 -04:00
Luke Faraone
12bad46740
Introduce API method to return a user's API key by logging in.
...
This makes it easier for mobile clients to use the API by enabling them to
present the user with a familiar username / password prompt, rather than
by asking them for their API key.
(imported from commit 6ed06cfe86f87e7aef54a4be7835fb7bf8d7f209)
2012-10-17 15:33:05 -04:00
Keegan McAllister
62fad52ad6
Remove unused Django staticfiles app
...
(imported from commit 275db1a8a752fe307d2b94aa83937ea96fab8a28)
2012-10-17 15:27:29 -04:00
Keegan McAllister
8d4fefbe95
Remove Django staticfiles config
...
We're not really using it, and it's misleading.
(imported from commit 4244934cdcc957b4e12184b935953830ac443280)
2012-10-17 15:04:33 -04:00
Keegan McAllister
235ce960b8
Use the obfuscated URLs
...
The key property is that we never reveal the non-public directory name
4nrjx8cwce2bka8r to a not-logged-in user. This makes it less likely that
random people from the Internet will download all our client code while we're
still in private beta.
(imported from commit 7428e847e0a1a34152cb6dc2b677c1b47290c202)
2012-10-17 15:04:33 -04:00
Keegan McAllister
cfb72a7337
Add robots.txt
...
For now, disallow everything.
(imported from commit fad7ba7ec28c86342a5c11bc721cdf45507c7c4f)
2012-10-17 15:04:33 -04:00
Keegan McAllister
b59e895bbf
Remove favicon
...
Browsers tend to cache these forever, and it's not our final logo.
(imported from commit 48e607c9e7ff95ee523dd339b3fcc9a1b189fa7f)
2012-10-17 15:04:33 -04:00
Tim Abbott
7237b4a73e
Fix sending to a stream with a space in its name.
...
Previously if you tried to send to "a b", we actually ended up trying
to send to "a%20b", since we were url-encoding the stream name and
then not properly decoding it.
(imported from commit 307d2999bd309e47fc654ae4422ab4372edde064)
2012-10-17 14:06:00 -04:00
Tim Abbott
3e994c16b7
Rename/reorganize our urls to be more consistent.
...
(imported from commit ca3cc7ccd5d7da83a9c60968527378ee1118648e)
2012-10-16 15:56:06 -04:00
Keegan McAllister
8819bdc0fc
Hide most of the navbar on the deployed app
...
(imported from commit 3b055588f7de805bf1b038f1bc6c03837eda010a)
2012-10-15 18:44:36 -04:00
Keegan McAllister
489fd58e43
Hide register, confirm, etc. on the deployed app
...
(imported from commit 8bcf84383d4ea4c24dfadaee330517bfc9801bbd)
2012-10-15 18:44:36 -04:00
Keegan McAllister
1876995abb
Redirect home to login on deployed server
...
(imported from commit 9642a3c6b7b0b55cf5731cc2e241aed51431c8ae)
2012-10-15 18:44:36 -04:00
Keegan McAllister
5141cd7ab9
Make a setting for where we redirect home for not logged in users
...
(imported from commit 95bae4e52d8a8a34c001975e8d3547db5ba256a2)
2012-10-15 18:44:36 -04:00
Keegan McAllister
db0cf88cc0
Log additionally to a file server.log
...
(imported from commit eabf9473ae04d4ff95652d4f8c8ab76f70157519)
2012-10-12 18:01:51 -04:00
Tim Abbott
fc99d2983a
Add an API call to subscribe to a list of streams.
...
(imported from commit 0a5d46d5f54fb4c8ebfad8c9adb777c0b4938dfa)
2012-10-11 16:20:45 -04:00
Tim Abbott
83f494b1a4
Add API queries to show public streams and the user's subscriptions.
...
(imported from commit 5f24e35a9bdd1e40406e2acb0c3713a6517d139b)
2012-10-11 14:43:23 -04:00
Keegan McAllister
5a7ff70c11
Remove obsolete views
...
This functionality is part of the home view now.
(imported from commit 5f0327eb62840bf98af49566e6f3c0b86ca43b8d)
2012-10-11 11:23:22 -04:00
Tim Abbott
b5bb6b9921
Rename test-settings.py to test_settings.py
...
(imported from commit c9ad55821bc66a7c11668ac0b40ca13c2e05986e)
2012-10-10 18:13:45 -04:00
Tim Abbott
4006e4b1ea
Rename class_exists to stream_exists.
...
(imported from commit 416bd1f4c513216d45913e306f6c8eaa542f3539)
2012-10-10 17:47:13 -04:00
Tim Abbott
8daff2e05e
Rename ZephyrClass to Stream.
...
(imported from commit ae51b7a9e03f322dfe2dfccd250cbfc23adfe32e)
2012-10-10 17:47:12 -04:00
Keegan McAllister
1fc80f40ff
Log to console even when DEBUG = False
...
(imported from commit e9812f295ad4e861901092ad1e9f3f14b22371fa)
2012-10-09 11:41:28 -04:00
Keegan McAllister
70482d032d
Put the 'import *' back into test-settings.py
...
This broke the test suite, which expects all settings to exist in this file. Whoops.
This reverts commit e4108333c53afb0caf55348837b739cb7e5510dd.
(imported from commit e6b58004059e834d4e30ea9c63463eb84179cc1e)
2012-10-04 16:49:26 -04:00
Keegan McAllister
b9153b4f80
Remove an 'import *'
...
(imported from commit e4108333c53afb0caf55348837b739cb7e5510dd)
2012-10-04 15:43:41 -04:00
Tim Abbott
e59d7cae48
Rename the Zephyr log to the Message log.
...
(imported from commit 7dedfb76b6b78ea90a2bfd20788e251c9c29ef47)
2012-10-03 18:14:15 -04:00
Tim Abbott
83ceba0a2d
Remove old /api/get_updates view.
...
(imported from commit 5a33a61bfb4b3aa40e28c356f5b4048db775b901)
2012-10-03 16:58:31 -04:00
Tim Abbott
9223f7932c
Convert zephyr_mirror humbug sending to use the API.
...
(imported from commit 948a12a1dca903c47b7427248688f2079c7eecdb)
2012-10-03 16:50:29 -04:00
Tim Abbott
7acfb5c71c
Rename /zephyr/ to /send_message/.
...
(imported from commit 41c2ff67cfc514e53aff8648c36f545526e324ed)
2012-10-03 12:30:37 -04:00
Tim Abbott
828e0d4afb
Rename forge_zephyr to forge_message.
...
(imported from commit aa2dc6e24a9c1bd6be09bfa26241663ae143cef9)
2012-10-03 12:27:34 -04:00
Tim Abbott
5a5b5de650
Rename /api/v1/get_updates to /api/v1/get_messages.
...
(imported from commit f856637158cf9fda64ba333b532a5941de8fcbab)
2012-10-02 16:29:34 -04:00
Tim Abbott
18a3888373
[schema] Add an API for sending/receiving messages.
...
(imported from commit 209d525dc5892fc4c392a8ced1588c838cbb17c4)
2012-10-02 15:49:25 -04:00
Tim Abbott
339489a81e
Add missing test-settings.py.
...
(imported from commit 85aeb41471dfe63cd6d6093b3388f949e30d72a3)
2012-10-02 11:58:31 -04:00
Waseem Daher
2873e45b3f
Tweak signup email text slightly.
...
(imported from commit 4f8427a731376d7e9d5eb387673324bb25141743)
2012-10-01 18:05:01 -04:00
Luke Faraone
036d25b6bd
Configure email through Gmail
...
(imported from commit 45fdfa4310f94c9e04dc1710dcb291003c1cc0f5)
2012-10-01 15:03:59 -04:00
Luke Faraone
aca5cef3eb
Redirect to login when attempting to resignup with a used email address.
...
(imported from commit d58a5dda9a0af409a6ee57cfcd30be45020352d2)
2012-10-01 10:45:58 -04:00
Luke Faraone
50dfbf7a1b
Implement confirmation for new user signups.
...
We add a few templates for django-confirmation. We define a
"PreregistrationForm" which is validated by accounts_home, which then
generates a confirmation object and emails the user. This required creating
a new table for a PreregistrationUser with an email and status (confirmed)
field.
The register function now no longer accepts a "email" field in the form
and deals only with confirmation IDs to determine the email used to sign
up a user.
(imported from commit 4fcde04530aa7ad4de84579668daee7290b424ac)
2012-10-01 10:45:58 -04:00
Luke Faraone
1467901f1a
Include a favicon for the Humbug app.
...
(imported from commit 3481d7f3c06ec0c656e15d147f46faf9cd99837a)
2012-09-29 21:31:57 -04:00
Tim Abbott
ccee128d61
New prototype zephyr mirroring system with bidirectional support.
...
(imported from commit cfb95ae8d0a241e7c068106e561dc18e16461596)
2012-09-27 17:33:21 -04:00
Keegan McAllister
20240d869c
Rename get_updates_longpoll to get_updates
...
(imported from commit 15635904584b324bdfa1414caea12c3bc4ce54c8)
2012-09-27 15:46:36 -04:00
Tim Abbott
699e05383f
Log messages and restore them with populate_db.
...
(imported from commit 959f038a736e48d32819bc04bd054632a2e911c6)
2012-09-27 15:01:30 -04:00
Waseem Daher
f1aa17cf1d
Change some URLs associated with subscriptions.
...
Put all the 'API'-ish URLs in the /json/ namespace so that
/subscriptions and /subscriptions/add, etc. can be real
user-facing URLs if we want them to be.
(imported from commit 1455a32d27e44547ab1874b6289243cb40c85dde)
2012-09-21 17:36:29 -04:00
Waseem Daher
5a164f19c2
Clean up subscription functions.
...
Now that 'manage_subscriptions' only removes subscriptions,
let's name it that. Also, since both functions now only
act on one subscription at a time, use them in the singular.
(imported from commit 52cfc7b36eb1533da7aec1bc3a6e460151a56da8)
2012-09-21 16:30:29 -04:00
Tim Abbott
ed46a453ba
Add (mostly unstyled) settings page.
...
(imported from commit 492c5f498c2fec452e6c724555bc4a5a2c4c151a)
2012-09-21 14:47:26 -04:00
Keegan McAllister
3cbc56a866
Rename MD5_SALT to HASH_SALT
...
(imported from commit 3112cd805614c3057a9eb8f1b251381f48ab3173)
2012-09-21 13:44:09 -04:00
Tim Abbott
135c82717d
Authenticate by email.
...
Approach from http://www.micahcarrick.com/django-email-authentication.html .
(imported from commit 796b8e08d8e1f9769cd3cf8ee61d3724ac3847b7)
2012-09-21 10:34:48 -04:00
Keegan McAllister
af5282abd4
Add client-side debugging tools
...
(imported from commit faa87e85f366e91fe33e0f24e00ae1197403605d)
2012-09-19 16:25:23 -04:00
Luke Faraone
eb1740e1e7
Use emails in the gravatar seed, don't display a static gravatar for the current user.
...
(imported from commit 64d1fd4f1cd33796bc907fef9778e088d80b8c5a)
2012-09-19 13:39:34 -04:00
Keegan McAllister
3b9fcb6404
Configure Django for in-memory caching
...
(imported from commit ad9e5b1712eef77631ea4d8de5a018cdb04742d8)
2012-09-19 12:58:38 -04:00
Keegan McAllister
57ede6bd29
Configure Django for INFO logging even with DEBUG = False
...
(imported from commit e7d61d10ebb548c0d902c7e2ae947129884e8145)
2012-09-18 17:00:04 -04:00
Keegan McAllister
cf8cc277ff
Restore DEBUG = False on deployed app
...
This reverts commit c3f0a8f7a388596113613c9ab18bdbccbf415226.
(imported from commit 24147588b3c31831116c364adeaea50caa8af198)
2012-09-18 13:45:52 -04:00
Keegan McAllister
af941e7779
settings.py: Disable error email to admins
...
Sending email was hanging Tornado's event loop.
(imported from commit ab0ec21fa886e68a6acb21b6ee8e036265ce6f08)
2012-09-18 13:44:25 -04:00
Jessica McKellar
2126e38ae2
Get and display new subscriptions with an AJAX request.
...
(imported from commit c9efa7596898ac4b74ec9184ae773566eda65ec3)
2012-09-18 12:32:52 -04:00
Keegan McAllister
2e3e44b5bb
App hangs with DEBUG = False (??)
...
Will debug this problem tomorrow.
(imported from commit c3f0a8f7a388596113613c9ab18bdbccbf415226)
2012-09-17 19:17:53 -04:00
Keegan McAllister
a8a8be2d8d
Distinguish deploy server by hostname
...
(imported from commit 685001e49f8add7540ae807acb8d3a604a969d4f)
2012-09-17 18:15:42 -04:00
Tim Abbott
1822a997ed
Use MySQL by default if available.
...
(imported from commit d899c8ef922a07e7387688e5770cdfb4d2c472a6)
2012-09-17 13:20:18 -04:00
Jessica McKellar
6ccbab9bf5
Conditionally configure MySQL as a database backend.
...
Even though SQLite is the default, Django tries to import MySQLdb,
which on OS X is challenging to install.
(imported from commit 0947c86e5e9a1fbf2ff8d74b78f297ff939ff712)
2012-09-14 16:34:23 -04:00
Tim Abbott
2793ec15fd
Use longer timeouts for sqlite lock contention.
...
(imported from commit 34fcc295b032d93ec58435ad18baa790ee8d0cfe)
2012-09-14 13:32:26 -04:00
Tim Abbott
634dd59833
settings: Add mysql definitions.
...
(imported from commit 4419c072e99da3e13f07efe58cadcc76822e99e5)
2012-09-14 13:32:25 -04:00
Keegan McAllister
d6d4bcd192
Use Eastern Time as the server default timezone
...
This isn't actually important for our current timestamp handling.
(imported from commit d16f3d9004c5f3cdb8a9bcb26d2e17a10c197f50)
2012-09-12 17:00:18 -04:00
Keegan McAllister
80c6d09197
Remove unused imports
...
(imported from commit 9f5c226708e44935e8d32c18ea7dd1ad2615d8d5)
2012-09-07 13:57:32 -04:00
Tim Abbott
1775ffe80a
Improve forge_zephyr code.
...
(imported from commit c95c4392b09c932d8de11d30b730ab5d7bcb9e83)
2012-09-06 16:00:39 -04:00
Tim Abbott
d9f348a348
Add zephyr_backend RPC call.
...
(imported from commit e815580e201772e81e94b820174e2410e3069960)
2012-09-06 15:52:48 -04:00
Keegan McAllister
474f08198b
Send zephyr template inline with index.html using django-jstemplate
...
(imported from commit 58cc8a50d463548aa283658dbe0aae366ecab39f)
2012-09-06 15:48:15 -04:00
Tim Abbott
742d8a40a0
Set the homepage as LOGIN_REDIRECT_URL
...
(imported from commit a65eec79d7c64e02969699a7288313227f85b99f)
2012-09-06 15:35:01 -04:00
Luke Faraone
f6b481546f
Offer to subscribe / create classes if user zwrites to a non-subbed class
...
Here we check if a class exists. If not, we prompt the user to create, sub,
and send his message to the class. If the class exists but we're not subbed
we prompt the user to sub.
This commit also added a decorator to views.py and refactored out some
redundant code.
(imported from commit 7234ef6c080f2a6de6ff0922635dddd90032f7fe)
2012-09-06 14:33:55 -04:00
Tim Abbott
84ece4b3fe
Combine the zephyr() and personal_zephyr() functions.
...
(imported from commit a39b70f019901d0dd6994d4c440002111e4c29e1)
2012-09-04 19:14:46 -04:00
Keegan McAllister
ac2553cdff
Replace get_state with a variable embedded into index.html
...
(imported from commit 3ef4a0163107248618a25e242ab30fdff5da17e0)
2012-09-04 13:01:00 -04:00
Jessica McKellar
e51ab0cdfa
Get pointer state from the server on page load, and scroll to that zephyr.
...
(imported from commit a1387d89378494a55f084f56ed9eb33c4f719dcb)
2012-09-04 11:36:36 -04:00
Jessica McKellar
99925f4aaf
Add the ability to add new subscriptions.
...
(imported from commit 0a7fdc17087240b13631627a053c580c2e4b5319)
2012-08-30 17:17:59 -04:00
Jessica McKellar
7e56e7a0f4
Add a navigation link for managing subscriptions (for starters, just unsubbing).
...
(imported from commit 23274a8790bf1f017e9c33db52bf746e291f23ba)
2012-08-30 17:17:47 -04:00
Tim Abbott
9afd63692f
Implement long polling using Tornado.
...
(imported from commit 4385304b27d7fe55a57a23133cd214fe8fc33482)
2012-08-30 14:29:34 -04:00
Keegan McAllister
d8e29c3ffe
Serve static files
...
(imported from commit 143e6273d660ccc54fd1d5170e9d180e82fed5f0)
2012-08-28 18:36:55 -04:00
Jessica McKellar
f6819d09d5
Add basic personals functionality.
...
(imported from commit a4fecbe40672f34295b1e908526b6c45056bcb7f)
2012-08-28 16:35:04 -04:00
Jessica McKellar
2b9a3205be
Switch zephyrs to the notion of a "Recipient", which is either a class or user.
...
(imported from commit edc46267dab9cc972358b6020ca28b009e15d8c5)
2012-08-28 16:34:23 -04:00
Jessica McKellar
39f5bb609a
Don't hardcode a full path to TEMPLATE_DIRS, so it can be deployed anywhere.
...
(imported from commit 35deb40218d1626d38e00924a787234ec13732e3)
2012-08-28 12:45:32 -04:00
Jessica McKellar
d90e8f6ec5
Initial Django commit: basic account, zephyr stream, narrowing, etc.
...
(imported from commit 3cd40521171a4020c19021eda0d20ee9f802af41)
2012-08-28 12:44:51 -04:00