Merge branch 'release/1.3.4'

Kwpolska · Kwpolska · commit 6dcea4dd6ae7 · 2015-08-08T10:50:14.000+02:00
diff --git a/.pypt/README.rst b/.pypt/README.rst
@@ -4,9 +4,8 @@ Python Project Template.  INSERT TAGLINE HERE.™
 :Info: This is the README file for the Python Project Template.
 :Author: Chris Warrick <chris@chriswarrick.com>
 :Copyright: © 2013-2015, Chris Warrick.
-:License: BSD (see /LICENSE or :doc:`Appendix B <LICENSE>`.)
 :Date: 2015-07-03
-:Version: 1.3.0
+:Version: 1.3.1
 
 .. index: README
 .. image:: https://travis-ci.org/Kwpolska/python-project-template.png?branch=master
diff --git a/.pypt/localegen b/.pypt/localegen
@@ -45,18 +45,18 @@ case "$LOCALETYPE" in
         sed '1,+17d' ./messages.pot > ./messages.pot.tmp
 
         pot='# '$PROJECT' pot file.
-        # Copyright © 2015, Chris Warrick.
+        # Copyright © {{ cookiecutter.year }}, {{ cookiecutter.full_name }}.
         # This file is distributed under the same license as the '$PROJECT' package.
-        # Chris Warrick <chris@chriswarrick.com>, 2015.
+        # {{ cookiecutter.real_name }} <{{ cookiecutter.email }}>, {{ cookiecutter.year }}.
         #
         msgid ""
         msgstr ""
         "Project-Id-Version: #version\\n"
-        "Report-Msgid-Bugs-To: Chris Warrick <chris@chriswarrick.com>\\n"
+        "Report-Msgid-Bugs-To: {{ cookiecutter.real_name }} <{{ cookiecutter.email }}>\\n"
         "POT-Creation-Date: #datel\\n"
         "PO-Revision-Date: #datel\\n"
-        "Last-Translator: Chris Warrick <chris@chriswarrick.com>\\n"
-        "Language-Team: Chris Warrick <chris@chriswarrick.com>\\n"
+        "Last-Translator: {{ cookiecutter.real_name }} <{{ cookiecutter.email }}>\\n"
+        "Language-Team: {{ cookiecutter.real_name }} <{{ cookiecutter.email }}>\\n"
         "Language: en\\n"
         "MIME-Version: 1.0\\n"
         "Content-Type: text/plain; charset=UTF-8\\n"
diff --git a/.venv b/.venv
@@ -1 +1 @@
-nikola-py2
+nikola-py3
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -2,7 +2,12 @@
 Appendix A. Changelog
 =====================
 
-:Version: 1.3.3
+:Version: 1.3.4
+
+1.3.4
+    * Link to demo site in documentation
+    * Support reCAPTCHA for logins (for demo site)
+    * Support preventing some users from editing the site (for demo site)
 
 1.3.3
     Remove yesterday’s new options.  Please do not use v1.3.2.
diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst
@@ -5,8 +5,8 @@ Appendix A. Contribution rules
 :Author: Chris Warrick <chris@chriswarrick.com>
 :Copyright: © 2015, Chris Warrick.
 :License: BSD (see /LICENSE or :doc:`Appendix B <LICENSE>`.)
-:Date: 2015-07-03
-:Version: 1.3.3
+:Date: 2015-08-08
+:Version: 1.3.4
 
 .. index:: contributing
 
diff --git a/coil/__init__.py b/coil/__init__.py
@@ -29,4 +29,4 @@
 
 __all__ = ['__version__']
 
-__version__ = '1.3.3'
+__version__ = '1.3.4'
diff --git a/coil/data/templates/jinja/coil_login.tmpl b/coil/data/templates/jinja/coil_login.tmpl
@@ -1,5 +1,11 @@
 {#  -*- coding: utf-8 -*- #}
 {% extends 'base.tmpl' %}
+{% block extra_head %}
+    {{ super() }}
+    {% if captcha['enabled'] %}
+        <script src='https://www.google.com/recaptcha/api.js'></script>
+    {% endif %}
+{% endblock %}
 {% block content %}
 {% if alert %}
 <div class="alert alert-{{ alert_status }}" role="alert">{{ alert }}</div>
@@ -11,6 +17,9 @@
         <input name="username" type="text" id="inputUsername" class="form-control" placeholder="Username" required autofocus>
         <label for="inputPassword" class="sr-only">Password</label>
         <input name="password" type="password" id="inputPassword" class="form-control" placeholder="Password" required>
+        {% if captcha['enabled'] %}
+            <div class="g-recaptcha" data-sitekey="{{ captcha['site_key'] }}"></div>
+        {% endif %}
         <div class="checkbox">
           <label>
             <input type="checkbox" name="remember" value="remember"> Remember me
diff --git a/coil/data/templates/mako/coil_login.tmpl b/coil/data/templates/mako/coil_login.tmpl
@@ -1,5 +1,11 @@
 ## -*- coding: utf-8 -*-
 <%inherit file="base.tmpl"/>
+<%block name="extra_head">
+    ${parent.extra_head()}
+    % if captcha['enabled']:
+        <script src='https://www.google.com/recaptcha/api.js'></script>
+    % endif
+</%block>
 <%block name="content">
 % if alert:
 <div class="alert alert-${alert_status}" role="alert">${alert}</div>
@@ -11,6 +17,9 @@
         <input name="username" type="text" id="inputUsername" class="form-control" placeholder="Username" required autofocus>
         <label for="inputPassword" class="sr-only">Password</label>
         <input name="password" type="password" id="inputPassword" class="form-control" placeholder="Password" required>
+        % if captcha['enabled']:
+            <div class="g-recaptcha" data-sitekey="${captcha['site_key']}"></div>
+        % endif
         <div class="checkbox">
           <label>
             <input type="checkbox" name="remember" value="remember"> Remember me
diff --git a/coil/web.py b/coil/web.py
@@ -36,6 +36,7 @@
 import redis
 import rq
 import operator
+import requests
 import coil.tasks
 from nikola.utils import (unicode_str, get_logger, ColorfulStderrHandler,
                           write_metadata, TranslatableSetting)
@@ -119,6 +120,10 @@ def configure_site():
 
     app.secret_key = _site.config.get('COIL_SECRET_KEY')
     app.config['COIL_URL'] = _site.config.get('COIL_URL')
+    app.config['COIL_LOGIN_CAPTCHA'] = _site.config.get(
+        'COIL_LOGIN_CAPTCHA',
+        {'enabled': False, 'site_key': '', 'secret_key': ''})
+    app.config['COIL_USERS_PREVENT_EDITING'] = _site.config.get('COIL_USERS_PREVENT_EDITING', [])
     app.config['COIL_LIMITED'] = _site.config.get('COIL_LIMITED', False)
     app.config['REDIS_URL'] = _site.config.get('COIL_REDIS_URL',
                                                'redis://localhost:6379/0')
@@ -543,14 +548,28 @@ def login():
     alert = None
     alert_status = 'danger'
     code = 200
+    captcha = app.config['COIL_LOGIN_CAPTCHA']
     form = LoginForm()
     if request.method == 'POST':
         if form.validate():
             user = find_user_by_name(request.form['username'])
             if not user:
                 alert = 'Invalid credentials.'
                 code = 401
-            else:
+            if captcha['enabled']:
+                r = requests.post('https://www.google.com/recaptcha/api/siteverify',
+                                  data={'secret': captcha['secret_key'],
+                                        'response': request.form['g-recaptcha-response'],
+                                        'remoteip': request.remote_addr})
+                if r.status_code != 200:
+                    alert = 'Cannot check CAPTCHA response.'
+                    code = 500
+                else:
+                    rj = r.json()
+                    if not rj['success']:
+                        alert = 'Invalid CAPTCHA response. Please try again.'
+                        code = 401
+            if code == 200:
                 try:
                     pwd_ok = check_password(user.password,
                                             request.form['password'])
@@ -584,7 +603,8 @@ def login():
             alert_status = 'success'
     return render('coil_login.tmpl', {'title': 'Login', 'alert': alert, 'form':
                                       form, 'alert_status': alert_status,
-                                      'pwdchange_skip': True},
+                                      'pwdchange_skip': True,
+                                      'captcha': captcha},
                   code)
 
 
@@ -936,6 +956,8 @@ def acp_account():
     action = 'edit'
     form = AccountForm()
     if request.method == 'POST':
+        if int(current_user.uid) in app.config['COIL_USERS_PREVENT_EDITING']:
+            return error("Cannot edit data for this user.", 403)
         if not form.validate():
             return error("Bad Request", 400)
         action = 'save'
diff --git a/docs/CHANGELOG.rst b/docs/CHANGELOG.rst
@@ -2,7 +2,12 @@
 Appendix A. Changelog
 =====================
 
-:Version: 1.3.3
+:Version: 1.3.4
+
+1.3.4
+    * Link to demo site in documentation
+    * Support reCAPTCHA for logins (for demo site)
+    * Support preventing some users from editing the site (for demo site)
 
 1.3.3
     Remove yesterday’s new options.  Please do not use v1.3.2.
diff --git a/docs/CONTRIBUTING.rst b/docs/CONTRIBUTING.rst
@@ -5,8 +5,8 @@ Appendix A. Contribution rules
 :Author: Chris Warrick <chris@chriswarrick.com>
 :Copyright: © 2015, Chris Warrick.
 :License: BSD (see /LICENSE or :doc:`Appendix B <LICENSE>`.)
-:Date: 2015-07-03
-:Version: 1.3.3
+:Date: 2015-08-08
+:Version: 1.3.4
 
 .. index:: contributing
 
diff --git a/docs/admin/setup.rst b/docs/admin/setup.rst
@@ -66,6 +66,18 @@ is by downloading the raw ``.css`` file and saving it as ``files/assets/css/cust
 
 __ https://github.com/Voog/wysihtml/blob/master/examples/css/stylesheet.css
 
+Special config for demo sites
+-----------------------------
+
+The `demo site <https://coildemo-admin.getnikola.com/>`_ uses the following two
+settings, which might also be useful for some environments:
+
+* ``COIL_LOGIN_CAPTCHA`` — if you want reCAPTCHA to appear on the login page
+   (aimed at plugic environments, eg. the demo site), set this to a dict of
+   ``{'enabled': True, 'site_key': '', 'secret_key': ''}`` and fill in your data.
+   If you don’t want a CAPTCHA, don’t set this setting.
+* ``COIL_USERS_PREVENT_EDITING`` — list of user IDs (integers) that cannot edit their
+  profiles.
 
 Limited Mode vs. Full Mode
 ==========================
@@ -238,7 +250,7 @@ Sample uWSGI configuration:
     virtualenv = /srv/coil
     module = coil.web
     callable = app
-    plugins = python2
+    plugins = python2,logfile
     uid = nobody
     gid = nobody
     processes = 3
diff --git a/docs/conf.py b/docs/conf.py
@@ -55,9 +55,9 @@
 # built documents.
 #
 # The short X.Y version.
-version = '1.3.3'
+version = '1.3.4'
 # The full version, including alpha/beta/rc tags.
-release = '1.3.3'
+release = '1.3.4'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
diff --git a/docs/index.rst b/docs/index.rst
@@ -3,6 +3,11 @@
    You can adapt this file completely to your liking, but it should at least
    contain the root `toctree` directive.
 
+Coil demo site
+==============
+
+The Coil demo site is available at https://coilcms-site.getnikola.com/ and https://coilcms-site.getnikola.com/.
+
 Coil CMS
 ========
 
diff --git a/release b/release
@@ -201,7 +201,7 @@ git flow release finish $version
 git push
 git push --tags
 
-.pypt/ghrel $cmfn $PWD $GITUSER/$GTIREPO v$version
+.pypt/ghrel $cmfn $PWD $GITUSER/$GITREPO v$version
 
 cleanup_cmfn
 
diff --git a/requirements.txt b/requirements.txt
@@ -13,6 +13,7 @@ pyinotify==0.9.5
 python-bcrypt==0.3.1
 pytz==2015.2
 redis==2.10.3
+requests==2.7.0
 rq==0.5.3
 six==1.9.0
 webassets==0.10.1
diff --git a/setup.py b/setup.py
@@ -7,7 +7,7 @@
     dependencies = [l.strip() for l in fh]
 
 setup(name='coil',
-      version='1.3.3',
+      version='1.3.4',
       description='A user-friendly CMS frontend for Nikola.',
       keywords='coil,nikola,cms',
       author='Chris Warrick, Roberto Alsina, Henry Hirsch et al.',

Original file line number	Diff line number	Diff line change
`@@ -29,4 +29,4 @@`
`29`	`29`
`30`	`30`	`__all__ = ['__version__']`
`31`	`31`
`32`		`-__version__ = '1.3.3'`
	`32`	`+__version__ = '1.3.4'`