Commit d0483f4e authored by Mark Watts's avatar Mark Watts
Browse files

Switched ALLOW_ANONYMOUS_POST to True by default.

- Also added warnings for potentially insecure configuration
parent 8b12ff81
default_app_config = 'codespeed.apps.CodespeedConfig'
from django.apps import AppConfig
from django.conf import settings
class CodespeedConfig(AppConfig):
name = 'codespeed'
def ready(self):
import warnings
if settings.ALLOW_ANONYMOUS_POST:
warnings.warn("Results can be posted by unregistered users")
warnings.warn(
"In the future anonymous posting will be disabled by default",
category=FutureWarning)
elif not settings.REQUIRE_SECURE_AUTH:
warnings.warn(
"REQUIRE_SECURE_AUTH is not True. This server may prompt for"
" user credentials to be submitted in plaintext")
......@@ -70,5 +70,5 @@ COMP_EXECUTABLES = None # Which executable + revision should be checked as defa
USE_MEDIAN_BANDS = True # True to enable median bands on Timeline view
ALLOW_ANONYMOUS_POST = False # Whether anonymous users can post results
ALLOW_ANONYMOUS_POST = True # Whether anonymous users can post results
REQUIRE_SECURE_AUTH = True # Whether auth needs to be over a secure channel
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment