Incorporate conservancy_ssl middleware, etc. into main site, now that HTTPS fully supported.

Previously, SSL on sfconservancy.org was supported using a self-signed cert only to handle the /admin/ portion of the site. Now that SSL is supported site-wide, and perfectly mirrors the content available via HTTP, the conservancy_ssl middleware, URLs, and settings are wholly deprecated and herein removed. The main site's urls.py now need adjusting to support /admin/, but additional code is needed in middleware.py to avoid accidentally serving /admin/ via HTTP instead of HTTPS. The latter code is untested; hopefully it works "out of the box". :)
2013-04-26 13:09:24 -04:00 · 2013-04-26 13:09:24 -04:00 · 1e119efb7a
commit 1e119efb7a
parent 536789a8c0
6 changed files with 28 additions and 89 deletions
--- a/www/conservancy/middleware.py
+++ b/www/conservancy/middleware.py
@ -13,6 +13,11 @@ class ForceCanonicalHostnameMiddleware(object):
        * adds cache headers to provide hints to squid
        """

+        # Never allow connection to the /admin part of the site without SSL
+        if (not request.is_secure) and request.path.startswith('/admin'):
+            url = 'https://sfconservancy.org%s' % request.path
+            return http.HttpResponseRedirect(url)
+
        # Check for a redirect based on settings.APPEND_SLASH
        host = http.get_host(request)
        old_url = [host, request.path]
--- a/www/conservancy/urls.py
+++ b/www/conservancy/urls.py
@ -1,9 +1,32 @@
+# Copyright 2005-2008, James Garrison
+# Copyright 2010, 2012 Bradley M. Kuhn
+
+# This software's license gives you freedom; you can copy, convey,
+# propagate, redistribute, modify and/or redistribute modified versions of
+# this program under the terms of the GNU Affero General Public License
+# (AGPL) as published by the Free Software Foundation (FSF), either
+# version 3 of the License, or (at your option) any later version of the
+# AGPL published by the FSF.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero
+# General Public License for more details.
+#
+# You should have received a copy of the GNU Affero General Public License
+# along with this program in a file in the toplevel directory called
+# "AGPLv3".  If not, see <http://www.gnu.org/licenses/>.
+
 from django.conf.urls.defaults import *
 from conservancy.feeds import feed_dict

 handler404 = 'modpythoncustom.view404'

+admin.autodiscover()
+
 urlpatterns = patterns('',
+    (r'^admin/doc/', include('django.contrib.admindocs.urls')),
+    (r'^admin/(.*)', admin.site.root),
    (r'^$', 'conservancy.frontpage.view'),
    (r'^feeds/(?P<url>.*)/?$', 'django.contrib.syndication.views.feed',
     {'feed_dict': feed_dict}),
--- a/www/conservancy_ssl/init.py
+++ b/www/conservancy_ssl/init.py
--- a/www/conservancy_ssl/middleware.py
+++ b/www/conservancy_ssl/middleware.py
@ -1,32 +0,0 @@
-# Copyright 2005-2008, James Garrison
-# Copyright 2010, Bradley M. Kuhn
-
-# This software's license gives you freedom; you can copy, convey,
-# propagate, redistribute, modify and/or redistribute modified versions of
-# this program under the terms of the GNU Affero General Public License
-# (AGPL) as published by the Free Software Foundation (FSF), either
-# version 3 of the License, or (at your option) any later version of the
-# AGPL published by the FSF.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero
-# General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program in a file in the toplevel directory called
-# "AGPLv3".  If not, see <http://www.gnu.org/licenses/>.
-
-from django import http
-
-class RedirectToNonSslSite(object):
-
-    def process_request(self, request):
-        """Redirect to non-SSL site if not an admin request
-        """
-
-        if not request.path.startswith('/admin'):
-            url = 'http://www.sfconservancy.org%s' % request.path
-            return http.HttpResponseRedirect(url)
-
-        return None
--- a/www/conservancy_ssl/settings.py
+++ b/www/conservancy_ssl/settings.py
@ -1,24 +0,0 @@
-# Copyright 2005-2008, James Garrison
-# Copyright 2010, Bradley M. Kuhn
-
-# This software's license gives you freedom; you can copy, convey,
-# propagate, redistribute, modify and/or redistribute modified versions of
-# this program under the terms of the GNU Affero General Public License
-# (AGPL) as published by the Free Software Foundation (FSF), either
-# version 3 of the License, or (at your option) any later version of the
-# AGPL published by the FSF.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero
-# General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program in a file in the toplevel directory called
-# "AGPLv3".  If not, see <http://www.gnu.org/licenses/>.
-
-from conservancy.settings import *
-
-ROOT_URLCONF = 'conservancy_ssl.urls'
-
-MIDDLEWARE_CLASSES += ('conservancy_ssl.middleware.RedirectToNonSslSite',)
--- a/www/conservancy_ssl/urls.py
+++ b/www/conservancy_ssl/urls.py
@ -1,33 +0,0 @@
-# Copyright 2005-2008, James Garrison
-# Copyright 2010, Bradley M. Kuhn
-
-# This software's license gives you freedom; you can copy, convey,
-# propagate, redistribute, modify and/or redistribute modified versions of
-# this program under the terms of the GNU Affero General Public License
-# (AGPL) as published by the Free Software Foundation (FSF), either
-# version 3 of the License, or (at your option) any later version of the
-# AGPL published by the FSF.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero
-# General Public License for more details.
-#
-# You should have received a copy of the GNU Affero General Public License
-# along with this program in a file in the toplevel directory called
-# "AGPLv3".  If not, see <http://www.gnu.org/licenses/>.
-
-
-# Start with typical conservancy url scheme.  The middleware will
-# intercept non-admin requests, but having the main conservancy urlconf
-# repeated here allows us to browse the automatic documentation in the
-# admin interface.
-
-from conservancy.urls import *
-from django.contrib import admin
-
-admin.autodiscover()
-
-urlpatterns += patterns('',
-                        (r'^admin/doc/', include('django.contrib.admindocs.urls')),
-                        (r'^admin/(.*)', admin.site.root),)