Commit graph

47 commits

Author SHA1 Message Date
Aurélien Delobelle
05eeb6a25c core -- Install django-allauth-ens
Refer to allauth doc for an accurate features list:
  http://django-allauth.readthedocs.io/en/latest/

Users can now change their password, ask for a password reset, or set
one if they don't have one.

In particular, it allows users whose account has been created via a
clipper authentication to configure a password before losing their
clipper. Even if they have already lost it, they are able to get one
using the "Reset password" functionality.

Allauth multiple emails management is deactivated. Requests to the
related url redirect to the home page.

All the login and logout views are replaced by the allauth' ones. It
also concerns the Django and Wagtail admin sites.

Note that users are no longer logged out of the clipper CAS server when
they authenticated via this server. Instead a message suggests the user
to disconnect.

Clipper connections and `login_clipper`
---------------------------------------

- Non-empty `login_clipper` are now unique among `CofProfile` instances.
- They are created once for users with a non-empty 'login_clipper' (with
the data migration 0014_create_clipper_connections).
- The `login_clipper` of CofProfile instances are sync with their
clipper connections:
    * `CofProfile.sync_clipper_connections` method updates the
connections based on `login_clipper`.
    * Signals receivers `sync_clipper…` update `login_clipper` based on
connections creations/updates/deletions.

Misc
----

- Add NullCharField (model field) which allows to use `unique=True` on
CharField (even with empty strings).
- Parts of kfet mixins for TestCase are now in shared.tests.testcase,
  as they are used elsewhere than in the kfet app.
2018-10-21 17:09:12 +02:00
Aurélien Delobelle
fdd2b35289 core -- Apply black + isort to all files 2018-10-06 13:15:33 +02:00
Aurélien Delobelle
ece9a54df3 Upgrade to reCAPTCHA v2
reCAPTCHA v1 has been shut down since March 2018.

We now uses reCAPTCHA v2:
- user must check a simple checkbox (No CAPTCHA),
- eventually he must validate a challenge.

Moving keys settings allows to use the captcha for development.

Fixes #192.
2018-05-14 13:22:59 +02:00
Martin Pépin
a73736bf41 Merge branch 'master' into Kerl/drop_py2_compat 2018-04-16 14:12:36 +02:00
Martin Pépin
a7cd1e04cd prefer CORS_ORIGIN_WHITELIST to CORS_ORIGIN_REGEX_WHITELIST 2018-04-08 22:33:19 +02:00
Martin Pépin
556c354f8a Merge branch 'master' into Roussille/bda 2018-04-08 22:30:48 +02:00
Martin Pepin
d88ce44989 Merge branch 'aureplop/fix-autocomplete-js' into 'master'
Fix autocomplete in registration views.

See merge request cof-geek/gestioCOF!288
2018-02-05 22:49:18 +01:00
Aurélien Delobelle
4084444dc3 Fix autocomplete in registration views.
django-autocomplete-light v3.x doesn't include anymore the
$('').yourlabsAutocomplete() function, leading to issues in cof
registration and kfet account creation views.

Adding jquery-autocomplete-light fixes these issues.

See:
- (dal) https://github.com/yourlabs/django-autocomplete-light
- (jal) https://github.com/yourlabs/jquery-autocomplete-light
2018-01-20 17:29:15 +01:00
Aurélien Delobelle
6059ca067b Speed up tests
~20% less using MD5 and force_login in kfet testcase.
~77% less by disabling the debug tollbar.
2018-01-15 05:41:51 +01:00
Martin Pépin
5a5b60ec4d Merge branch 'master' into Kerl/drop_py2_compat 2018-01-10 20:12:59 +01:00
Martin Pépin
475f1adec5 Remove "coding: utf8" line 2018-01-06 16:10:13 +01:00
Aurélien Delobelle
b0b0542407 Upgrade to Django 1.11
- Deprecation warnings using Django 1.8 are resolved.
- Deprecation warnings using Django 1.11 are resolved.

- Admin: grappelli is no longer used.
- Upgrade to django-autocomplete-light v3 (v2 is not 1.11 compatible).
  * autocomplete.modelform_factory being dropped, code uses dal Select2
    views and widgets.
2017-11-19 18:41:39 +01:00
Martin Pépin
1c90d067fa Make cof.settings a module 2017-10-26 18:13:09 +02:00
Martin Pépin
40abe27e81 EMAIL_HOST needs to be set but as a secret 2017-10-25 22:05:14 +02:00
Martin Pépin
b9aaea0f99 Merge branch 'master' into Production 2017-10-16 14:26:05 +02:00
Martin Pépin
b73faa3b84 Merge branch 'master' into Production 2017-09-25 18:40:00 +02:00
Aurélien Delobelle
b42452080f Mass cleaning of kfet' authentication machinery
AccountBackend
- Should now work if used in AUTHENTICATION_BACKENDS settings.
- It does not retieve itself the password, as it should not be used
this way.

GenericBackend
- Delete useless 'username' arg of its 'authenticate()' method.
- Now delete the token in DB.

TemporaryAuthMiddleware
- New name of the middleware is more meaningful.
- Is now responsible to retrieve the password from the request, instead
of the AccountBackend.

GenericTeamToken model
- Add a manager' method to create token, avoiding possible error due to
unicity constraint.

GenericLoginView (authentication with the kfet generic user)
- Replace obscure system with a 100% HTTP handling.
- See comments for more information.

Misc
- More docstrings!
- More tests!
- Add some i18n.
- Add kfet/confirm_form.html template:
    Ask user to confirm sth via a form (which will send a POST request).
    Context variables:
        * title: the page title
        * confirm_url: action attribute for <form>
        * text: displayed confirmation text
- kfet.js : Add functions allowing to emit POST request from <a> tag.
- Non-link nav items from kfet navbar also get a 'title'.
- A utility has been found for the 'sunglasses' glyphicon!
2017-09-25 17:57:47 +02:00
Martin Pépin
4091185a68 import LDAP_SERVER_URL in settings 2017-09-20 18:19:15 +02:00
Aurélien Delobelle
bf61e41b50 Move auth-related from 'kfet' app to 'kfet.auth'. 2017-09-19 17:05:51 +02:00
Hugo Roussille
a4eedbc1a6 Whitelist bda and cof apps for cross-domain 2017-09-13 18:21:34 +02:00
Hugo Roussille
4bd2562edf django-cors-headers for cross-domain AJAX 2017-09-13 15:57:57 +02:00
Martin Pépin
1921f05eba Move STATIC_ROOT in production 2017-09-12 09:22:54 +02:00
Martin Pépin
2a519bfedf Add SCRIPT_NAME to the production-like server 2017-08-13 14:36:45 +01:00
Martin Pépin
4c08962e09 Hide more stuff in secret.py 2017-08-13 13:39:13 +01:00
Martin Pépin
5923166196 Specify the full path of the sqlite database 2017-08-11 17:24:09 +01:00
Martin Pépin
ad15c45237 Switch to nginx + postgres in vagrant 2017-08-09 22:18:26 +01:00
Martin Pépin
cb1d253517 Local development settings
- Add a new settings file for local development
- Update README.md according to the new setup
2017-08-09 22:17:27 +01:00
Martin Pépin
a6b0c51d39 Add SERVER_EMAIL to the secrets 2017-08-08 00:25:13 +01:00
Martin Pépin
81f3d6ab81 Move STATIC_ROOT in production 2017-08-08 00:24:00 +01:00
Martin Pépin
88597e62f1 More verbose secret error reporting 2017-08-08 00:06:03 +01:00
Aurélien Delobelle
455b730cc3 Merge branch 'master' into aureplop/kfet_cms 2017-06-23 02:53:05 +02:00
Aurélien Delobelle
19847ac9d8 add token check to raw_open edit view 2017-06-22 15:48:45 +02:00
Aurélien Delobelle
b8110c11a4 kfet.open
kfet.open app
- Base data (raw_open, last_update...) is stored and shared through cache system.
- 2 websockets groups: one for team users, one for other users.
- UI is initialized and kept up-to-date with WS.
- raw_open and force_close can be updated with standard HTTP requests.
  At this time, there isn't any restriction on raw_open view. Common sense tell us
  to change this behavior.

Misc
- Clean channels routing.
- 'PermConsumerMixin': user who sent the message is available as argument in
connection_groups method, which returns groups to which the user should be
appended on websocket connection (and discarded on disconnection).
- New kfet.utils module: should be used for mixins, whatever is useful and not concerns
the kfet app.
- Clean JS dependencies.
2017-06-21 07:08:28 +02:00
Aurélien Delobelle
2381af92e3 Merge branch 'master' into aureplop/kfet_open 2017-06-21 05:47:53 +02:00
Martin Pepin
539c32dbbe Merge branch 'aureplop/fix_cache' into 'master'
Configure un système de cache

See merge request !221
2017-06-20 15:53:29 +02:00
Aurélien Delobelle
ec59bc2edc Merge branch 'master' into aureplop/kfet_open 2017-06-12 15:18:42 +02:00
Aurélien Delobelle
8c6d56b27c Add Wagtail CMS for kfet app.
K-Fêt
- Integrate wagtail to serve "static" pages of old K-Fêt website
- Fixture "kfetcms/kfet_wagtail_17_05" contains a copy of old website
(as in May 2017).
- Media files can be got until end of June 17 at
http://partage.eleves.ens.fr//files/604e6dea2ceebc66b1936c6b3f911744/kfet_media.tar.gz

Login/logout
- Update package django_cas_ng to last version.
- Clean COFCASBackend.
- Change CAS version to 3 (version used on eleves.ens). This enables
the logout redirection (for CAS ofc).
- Add messages and clean existing ones on login/logout (for both
outsider and cas users).

Misc
- Update settings to bypass an incompability between debug-toolbar and
wagtailmenus packages.
- Better management of dev/test-specific urls (if debug-toolbar wasn't in
INSTALLED_APPS, media files were not served).
- UI improvements.
2017-05-30 20:44:30 +02:00
Martin Pepin
5d8427e601 Merge branch 'aureplop/fewer_requests' into 'master'
Moins de requêtes

See merge request !217
2017-05-12 21:13:35 +02:00
Aurélien Delobelle
e7266e7a9d use new settings for redis 2017-04-26 11:28:18 +02:00
Aurélien Delobelle
673dc0295d Merge branch 'master' into aureplop/fix_cache 2017-04-26 11:22:29 +02:00
Martin Pépin
dbff7740c8 Add REDIS_PORT to the settings and secrets 2017-04-25 20:23:21 +01:00
Martin Pépin
2aee43e01a Add more configuration options for redis
- `REDIS_HOST` can be specified in the secrets
- Two new secrets: `REDIS_PASSWD` and `REDIS_DB`
2017-04-24 22:17:41 +01:00
Aurélien Delobelle
2eee8f58aa Merge branch 'master' into aureplop/fewer_requests 2017-04-17 20:45:01 +02:00
Aurélien Delobelle
dbf5844f6a Clean settings redis 2017-04-15 14:41:55 +02:00
Aurélien Delobelle
e772d12721 Merge branch 'master' into aureplop/fix_cache 2017-04-15 14:27:20 +02:00
Martin Pépin
ff73a635f8 Minor fixes in settings/
- Typo
- Removes old comments
- Moves the template debug context processor back to the common file: it
  won't be loaded anyway if `DEBUG=False`.
- Ddt's middleware should be loaded first
2017-04-15 11:09:16 +01:00
Martin Pépin
a5fb162aaf New organisation of settings files
We reproduce what has been done here:
https://github.com/dissemin/dissemin

The following files can be found under `cof/settings/`
- `common.py`: the settings that are shared by all the environments we
  have + the secrets (see below).
- `dev.py`: the settings used by the vagrant VM for local development.
- `prod.py`: the production settings (for both www.cof.ens.fr and
  dev.cof.ens.fr)

There is also a notion of "secrets". Some settings like the `SECRET_KEY`
or the database's credentials are loaded from an untracked files called
`secret.py` in the same directory. This secrets are loaded by the common
settings file.
2017-04-10 23:01:19 +01:00