Showing posts from July, 2012

Django: Resetting Passwords (with internal tools)

I have had a task recently. It was about adding a forms/mechanism for resetting a password in our Django based project. We have had our own registration system ongoing... It's a corporate sector project. So you can not go and register yourself. Admins (probably via LDAP sync) will register your email/login in system. So you have to go there and only set yourself a password. For security reasons you can not register. One word.

First I've tried to find standart decision. From reviewed by me were: django-registration and django password-reset. These are nice tools to install and give it a go. But I've needed a more complex decision. And the idea was that own bicycle is always better. So I've thought of django admin and that it has all the things you need to do this yourself in no time. (Actually it's django.contrib.auth part of django, but used out of the box in Admin UI) You can find views you need for this in there. they are:
password_resetpassword_reset_done passwo…

Django: Unittest for HttpResponseRedirect method recipe

I like to invent bicycles in my code. They often come in handy and you basically do not rely on Django version... So upon updating your project's Django version in future times you will not have to refactor half of all the code. So...

How do you test http redirects? I usually restrict my time in thinking and write code like if redirect target is hardcoded. And it really is in most of the times. But imagine if you decide to redirect your view response in several places. Or imagine if you're not the only one who owns you'r project's code and there are many collaborators that can change things without warning... And you need to have a test for that view that will test redirects and complex code behavior.

I used to check redirects like so:
response = self.cliet.get('/myview') self.assertEqual(response.status_code,302)# View redirected... All ok... But  if you have some view that can redirect to things that you need to check. How would you test that?  E.g. your view…

Blocking iOS to acces Contacts freely

There are lots of occasions when you want to be private in the net. Now it's common to say "Anonymous". Many people do not even think it's important. I, personaly, dislike facebook, skype, twitter, any else third party... having my contacts list synched to their server without even telling me... I do not want to be truly anonymous, you know... Have nothing to hide really. But I want that really smal confirm that Skype, for e.g. would take my contacts and for what reason. 

Facebook was first, as usual... They've done it. I really deleted their app from my iOS devices first. But instead of taking lessons from their mistakes... All huge companies gone wild about this possibility to copy some new ammount of user data... Skype was second (for me)... Then LinkedIn... However they warned and I've agreed... So nothing really bad to say about them. But MS is such a Microsoft... They want me to "skype" instead of "calling" my friends through my App…