Comments (16)
So this is a bigger issue.
We currently only invite Mozilla staff (people with @mozilla.com or @mozillafoundation.org email addresses) or people are are vouched Mozillians on mozillians.org.
We could have made it so that anybody can sign in but if you're not in either of the categories mentioned in the paragraph above you'd get nothing. We made a decision a long time ago that this is how it'll work. It would possibly feel "wrong" to allow people to sign in for absolutely nothing and not tell them that. This way, especially for vouched Mozillians, it's good to be clear up front. Especially for human beings who are vouched Mozillians but accidentally logged in with the wrong email address.
Now, in recent months, we have commenting. And perhaps we want to make it so that anybody can post a comment as long as they sign in.
There are a couple of design issues to figure out to get this right. We need to think about things a bit. Let's keep the discussion going.
from airmozilla.
There are more immediate ways to get in. Namely to make yourself a superuser. E.g.
$ ./manage.py shell
>>> from django.contrib.auth.models import User
>>> u = User.objects.get(email='[email protected]')
>>> u.is_staff = True
>>> u.is_superuser = True
>>> u.save()
from airmozilla.
I tried the above command. I get a "DoesNotExist" error because there is no such email in the User table. I dont think I set up the superuser when I first pip installed django in my virtualenv
from airmozilla.
Try:
>>> from django.contrib.auth.models import User
>>> u = User.objects.create(username='doesntmatter', email='[email protected]')
>>> u.is_staff = True
>>> u.is_superuser = True
>>> u.save()
from airmozilla.
That above suggestion works to get a new user into the User table. However, I still get a csrf error:
from airmozilla.
Refresh and try again. If that doesn't work it's probably because you don't have cookies working.
You should have SESSION_COOKIE_SECURE = False
in settings/local.py
from airmozilla.
😧 I've tried on different browsers, with cookies cleared every time. This issue is a big blocker if I cannot sign in and access special admin features. I'm getting the same 403 error after the email address gets verified. If this helps, I have a pastebin of the local.py file: http://pastebin.com/FRjpUK1y
from airmozilla.
Don't worry. It's a very common problem to get into.
Your pastbin is now gone :(
But what did it say about SESSION_COOKIE_SECURE
?
Another common problem is that caching doesn't work. This is most commonly the problem when you have django.core.cache.backends.memcached.MemcachedCache
in your settings/local.py for the CACHES
setting. ...but don't have a working memcache server running on your laptop. If that's the case, there are two options:
- install and run memcache on port
:11211
(which is the default port) - change the
CACHES
setting to look like this:
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
'LOCATION': 'crashstats'
}
}
One very good way to testing if caching works is to do this:
$ ./manage.py shell
>>> from django.core.cache import cache
>>> cache.set('foo', 'bar', 60)
exit and immediately start the shell again:
$ ./manage.py shell
>>> from django.core.cache import cache
>>> assert cache.get('foo') == 'bar'
Again, sorry this is so troubling. I'm so used to these settings and stuff that I now struggle to see what's no longer obvious about them.
The right course of action would be to somehow add these notes to some sort of "Troubleshooting" section of the readme.
from airmozilla.
I have a new pastebin, which is updated here: http://pastebin.com/FRjpUK1y
I'll spend some time troubleshooting this issue and keep you updated on progress. This is a learning experience.
What do you mean by 1) install and run memcache on port :11211 (which is the default port)
? Im not quite familiar with that step.
from airmozilla.
I changed the cache setting to the setting you recommended. SESSION_COOKIE_SECURE
is false. Now I get a different error message! This is exciting! Here's a screenshot and it's also the same message I get from the prod and stage servers:
I realize this is an in-built feature to keep non-Mozilla employees out of the admin tools. I've made a new ticket: https://bugzilla.mozilla.org/show_bug.cgi?id=990956
from airmozilla.
I changed the cache setting to the setting you recommended. SESSION_COOKIE_SECURE
is false. Now I get a different error message! This is exciting! Here's a screenshot:
from airmozilla.
Excellent! But now we're up against a "flaw" in Air Mozilla's design. Basically, the auth works such that you're only allowed in if you can Persona sign-in with a @mozilla.com or @mozillafoundation.org address. Or, you can sign in with the email address you use on a vouched Mozillians.org account. Do you have such an account? If you set that up, I'll vouch you in.
Obviously, we had never thought about how this would work for people who aren't in those two categories.
Which brings us to the next big question; should we instead let anybody sign in but only if you have a certain email address do you get to see company private videos. And only if you're a vouched Mozillian do you get to see contributor-only videos.
What do you think?
from airmozilla.
I'm also concerned about something in your screenshot. Why is the search input field in plain HTML?! Do you have any idea?
from airmozilla.
- I don't have a mozillian.org account to sign in on prod site. That shouldn't be a problem. I can still login on local dev and access admin tools. The other big development problem is that I don't have sample videos on local dev to work with; the local dev site is empty.
- Why should anybody be allowed to sign in to Air Mozilla prod site if they are not employees of Air Mozilla? What is the use case to allow public anonymous users to sign in to Air Mozilla prod site? Is it to allow any user to access special features such as bookmarking new videos or comment on videos?
- I'm not sure why that input field is in plain html. Sometimes, it's plain html and sometimes it's not.
from airmozilla.
- Once you have a Mozillians account, let me know what your URL is and I'll vouch for you. Then you can test logging in as a contributor.
- Events have one of three privacy statuses. You can see it here Does that explain your question?
- I've never seen that! How odd indeed!
from airmozilla.
- https://mozillians.org/en-US/u/onceuponatimeforever/ is my current mozillian account. The email is [email protected]. I am unable to get an email account on either the mozilla site or on bugzilla that ends with
@mozilla
. - Yes, that makes sense now why there are settings for loggedin vs anon users.
- This search bar html issue is now fixed; it was related to my previous virtualenv being messed up and you helped me get a brand-new correct virtualenv up and runnng yesterday.
from airmozilla.
Related Issues (17)
- Update the README HOT 1
- Repo description has typo HOT 1
- URL in Calendar is missing a slash between air.mozilla.org and the page slug HOT 1
- iCal feed url incorrect, missing a / HOT 2
- Include missing python dependencies requirements.txt HOT 1
- Error when running ./manage.py syncdb HOT 1
- Error when starting local dev app on http://127.0.0.1:8000 HOT 1
- Create seed database data for local development HOT 1
- the about page produces an error in local dev
- "Want to embed this video link?" url redirects to same page HOT 3
- Can't not sign in in the local dev HOT 3
- Can not see the log in the local dev HOT 1
- Attempting to visit air.mozilla.org causes redirection loop related to auth0 HOT 19
- the url is wrong
- I broke my local dev environment :( HOT 2
- Airmozilla test fails. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from airmozilla.