Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

turnstile improvements #1004

Merged
merged 9 commits into from
Mar 13, 2024
Merged

turnstile improvements #1004

merged 9 commits into from
Mar 13, 2024

Conversation

shapiromatron
Copy link
Owner

@shapiromatron shapiromatron commented Mar 1, 2024
edited
Loading

Two authentication related changes to hawc, these are only relevant to deployments where users can create an account and they're handled via django directly.

  1. Add a new option, EMAIL_VERIFICATION_REQUIRED, (default False), where a user must validate their email by clicking a link that is sent to their email before they can login. If enabled, a link is emailed when a user attempts to login and their email has not yet been verified. When the link is accessed, the date is logged and then a user can login.
  2. In addition to login, add turnstile to other pages to prevent bot access (register, password reset).

In addition fix a bug, where turnstile was misspelled turnstyle. This renames two settings, TURNSTYLE_SITE -> TURNSTILE_SITE and TURNSTYLE_KEY -> TURNSTILE_KEY.

I also reviewed the code coverage and wrote a few additional tests in unrelated code, as well as removed some code that is no longer used.

@shapiromatron shapiromatron requested review from caseyhans and removed request for rabstejnek March 10, 2024 18:28
caseyhans
caseyhans approved these changes Mar 12, 2024
View reviewed changes
Copy link
Collaborator

@caseyhans caseyhans left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
I changed the render response for the Turnstile object to be None instead of an empty string. The empty string was causing the django crispy fields renderer to look for a "" field, which raised a console error since the "" field doesn't exist on the form. 90da45f

@shapiromatron shapiromatron merged commit 81ee672 into main Mar 13, 2024
6 checks passed
@shapiromatron shapiromatron deleted the email-verification branch March 13, 2024 01:51
@shapiromatron shapiromatron mentioned this pull request Apr 18, 2024
Merged
@shapiromatron shapiromatron mentioned this pull request Jun 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@caseyhans caseyhans caseyhans approved these changes

@munnsmunns munnsmunns Awaiting requested review from munnsmunns

Assignees

@munnsmunns munnsmunns

@caseyhans caseyhans

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@shapiromatron @caseyhans @munnsmunns @rabstejnek