Switched ALLOW_ANONYMOUS_POST to True by default.

- Also added warnings for potentially insecure configuration
ocaml-bench · Mar 1, 2017 · d0483f4 · d0483f4
1 parent 8b12ff8
commit d0483f4
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 1 deletion.
diff --git a/codespeed/__init__.py b/codespeed/__init__.py
@@ -0,0 +1 @@
+default_app_config = 'codespeed.apps.CodespeedConfig'
diff --git a/codespeed/apps.py b/codespeed/apps.py
@@ -0,0 +1,18 @@
+from django.apps import AppConfig
+from django.conf import settings
+
+
+class CodespeedConfig(AppConfig):
+    name = 'codespeed'
+
+    def ready(self):
+        import warnings
+        if settings.ALLOW_ANONYMOUS_POST:
+            warnings.warn("Results can be posted by unregistered users")
+            warnings.warn(
+                "In the future anonymous posting will be disabled by default",
+                category=FutureWarning)
+        elif not settings.REQUIRE_SECURE_AUTH:
+            warnings.warn(
+                "REQUIRE_SECURE_AUTH is not True. This server may prompt for"
+                " user credentials to be submitted in plaintext")
diff --git a/codespeed/settings.py b/codespeed/settings.py
@@ -70,5 +70,5 @@
 USE_MEDIAN_BANDS = True # True to enable median bands on Timeline view
 
 
-ALLOW_ANONYMOUS_POST = False  # Whether anonymous users can post results
+ALLOW_ANONYMOUS_POST = True  # Whether anonymous users can post results
 REQUIRE_SECURE_AUTH = True  # Whether auth needs to be over a secure channel
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		default_app_config = 'codespeed.apps.CodespeedConfig'