Widelands Website

Django v 1.8 is EOL

Bug #1760400 reported by kaputtnik on 2018-04-01

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Widelands Website	Fix Released	High	Unassigned

Bug Description

Django version 1.8 has reached EOL.

Consider updating to Version 1.11, which is supported until April 01 2020. It will be the last version that supports Python 2.7.

See: https://www.djangoproject.com/download/

Related branches

lp:~widelands-dev/widelands-website/django1_11

Merged into lp:widelands-website at revision 491

kaputtnik (community): Needs Fixing on 2018-04-18

GunChleoc: Approve on 2018-04-18

SirVer: Approve on 2018-04-15

Diff: 5509 lines (+472/-3558)

113 files modified

check_input/__init__.py (+0/-1)
django_messages_wl/apps.py (+9/-0)
django_messages_wl/management.py (+18/-0)
django_messages_wl/urls.py (+9/-0)
django_messages_wl/views.py (+27/-0)
djangoratings/fields.py (+2/-2)
djangoratings/management/commands/update_recommendations.py (+3/-3)
djangoratings/templatetags/ratings.py (+4/-4)
local_settings.py.sample (+7/-0)
local_urls.py.sample (+3/-3)
mainpage/templatetags/online_users.py (+0/-32)
mainpage/templatetags/wl_extras.py (+1/-8)
mainpage/urls.py (+11/-7)
mainpage/views.py (+0/-1)
news/feeds.py (+1/-1)
news/models.py (+1/-1)
notification/management/commands/emit_notices.py (+3/-3)
notification/models.py (+22/-24)
notification/views.py (+3/-4)
online_users_middleware.py (+56/-0)
pip_requirements.txt (+4/-4)
pybb/apps.py (+12/-0)
pybb/feeds.py (+1/-1)
pybb/forms.py (+0/-7)
pybb/management/commands/pybb_resave_post.py (+0/-1)
pybb/management/pybb_notifications.py (+2/-7)
pybb/models.py (+1/-1)
pybb/templatetags/pybb_extras.py (+1/-3)
pybb/unread.py (+1/-1)
pybb/urls.py (+1/-1)
pybb/urls.py.orig (+0/-21)
pybb/util.py (+3/-4)
pybb/views.py (+4/-4)
settings.py (+37/-29)
sphinxdoc/models.py (+2/-2)
sphinxdoc/views.py (+3/-4)
static_sitemap.py (+1/-1)
templates/django_messages/compose.html (+1/-1)
templates/django_messages/inbox.html (+1/-1)
templates/django_messages/outbox.html (+1/-1)
templates/django_messages/trash.html (+2/-2)
templates/mainpage/online_users.html (+0/-18)
templates/notification/email_subject.txt (+0/-4)
templates/notification/forum_new_post/full.txt (+2/-1)
templates/notification/forum_new_topic/full.txt (+2/-2)
templates/notification/maps_new_map/full.txt (+2/-1)
templates/notification/messages_received/full.txt (+2/-1)
templates/notification/messages_reply_received/full.txt (+2/-1)
templates/notification/short.txt (+1/-1)
templates/notification/wiki_observed_article_changed/full.txt (+2/-1)
templates/right_boxes.html (+12/-2)
templates/wiki/article_teaser.html (+0/-20)
templates/wlmaps/index.html (+1/-1)
templates/wlmaps/map_detail.html (+1/-1)
threadedcomments/templatetags/gravatar.py (+1/-1)
threadedcomments/templatetags/threadedcommentstags.py (+1/-1)
threadedcomments/tests/__init__.py (+0/-8)
threadedcomments/tests/moderator_tests.py (+0/-403)
threadedcomments/tests/templatetags_tests.py (+0/-561)
threadedcomments/tests/threadedcomments_urls.py (+0/-6)
threadedcomments/tests/views_tests.py (+0/-856)
threadedcomments/views.py (+17/-20)
tracking/AUTHORS (+0/-6)
tracking/CHANGES (+0/-44)
tracking/LICENSE (+0/-19)
tracking/__init__.py (+0/-8)
tracking/admin.py (+0/-5)
tracking/listeners.py (+0/-35)
tracking/locale/de/LC_MESSAGES/django.po (+0/-110)
tracking/media/tracking/js/jquery-1.4.4.min.js (+0/-167)
tracking/middleware.py (+0/-195)
tracking/migrations/0001_initial.py (+0/-65)
tracking/models.py (+0/-133)
tracking/templates/base.html (+0/-21)
tracking/templates/tracking/_active_users.html (+0/-21)
tracking/templates/tracking/_active_users.js (+0/-155)
tracking/templates/tracking/refresh_active_users.js (+0/-26)
tracking/templates/tracking/visitor_map.html (+0/-24)
tracking/templatetags/tracking_tags.py (+0/-53)
tracking/urls.py (+0/-16)
tracking/utils.py (+0/-74)
tracking/views.py (+0/-115)
urls.py (+6/-11)
wiki/__init__.py (+0/-3)
wiki/apps.py (+12/-0)
wiki/management.py (+2/-6)
wiki/models.py (+1/-1)
wiki/static_urls.py (+0/-10)
wiki/templatetags/switchcase.py (+4/-4)
wiki/templatetags/wiki_extras.py (+0/-15)
wiki/views.py (+18/-25)
wl_utils.py (+7/-15)
wlggz/views.py (+4/-6)
wlimages/tests.py (+1/-1)
wlimages/views.py (+4/-5)
wlmaps/apps.py (+13/-0)
wlmaps/management.py (+3/-8)
wlmaps/models.py (+2/-2)
wlmaps/tests/test_views.py (+1/-1)
wlmaps/views.py (+10/-15)
wlpoll/models.py (+2/-2)
wlpoll/views.py (+2/-2)
wlprofile/management/commands/profile_fetch_gravatars.py (+0/-1)
wlprofile/templatetags/custom_date.py (+2/-2)
wlprofile/templatetags/wlprofile_extras.py (+1/-1)
wlprofile/views.py (+6/-9)
wlscreens/migrations/0001_initial.py (+41/-0)
wlscreens/models.py (+17/-10)
wlscreens/tests/test_views.py (+1/-1)
wlscreens/views.py (+4/-5)
wlsearch/urls.py (+1/-1)
wlsearch/views.py (+1/-1)
wlwebchat/views.py (+2/-3)

kaputtnik (franku) on 2018-04-01

Changed in widelands-website:
status:	New → Confirmed
importance:	Undecided → High

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-04-02:

Fingers crossed that this will go easier than the last big Django update.

Revision history for this message

kaputtnik (franku) wrote on 2018-04-03:

Lets see what happens. The last update to 1.8 was a bit awkward because of the timezones. But in the end it worked.

I am always struggling with the tracking app: This is only used for showing the logged in users but it can show much more. So it is very big but most of it is useless... and it is always problematic on updates and unmaintained. I want to get rid of it! Maybe something like that would fit: https://stackoverflow.com/a/45787181

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-04-04:

That particular solution is importing something from django.utils.deprecation - do we have a case of nomen est omen here, where we will lose the functionality in the near future?

Having a big dependency for a small function is also not good though.

Revision history for this message

kaputtnik (franku) wrote on 2018-04-04:

See: https://docs.djangoproject.com/en/2.0/topics/http/middleware/#django.utils.deprecation.MiddlewareMixin

Of course there is a danger of deprecation, as with any third party and modified app we use (e.g. pybb, wiki or djangoratings). But self maintaining a small file is better than maintaining a complete app with models and views, like tracking, imho.

kaputtnik (franku) on 2018-04-05

Changed in widelands-website:
assignee:	nobody → kaputtnik (franku)

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-04-05:

Thanks for the link. I am wondering whether anything from the old MIDDLEWARE_CLASSES can be replaced by MIDDLEWARE stuff - only look into this if it's not more complicated than you want to deal with though!

Revision history for this message

kaputtnik (franku) wrote on 2018-04-05:

One step at a time. I have to go through all release notes from Django 1.8 until 1.11. The new MIDDLEWARE setting was introduced in 1.10, but i didn't reached the release notes for 1.10 yet ;)

We are mostly using middleware provided by django, the only exception is pagination (which i have updated and is compatible with the new MIDDLEWARE setting), and, tadaaa: tracking

But the release notes are very helpful and mostly point to paragraphs wich describe how to adjust old code. E.g. for the middleware: https://docs.djangoproject.com/en/1.11/releases/1.10/#new-style-middleware

Revision history for this message

kaputtnik (franku) wrote on 2018-04-08:

Django v1.10 has removed some password hashers. This will affect users who have registered with an old hasher: They can't log in anymore. Two solutions:

1. On demand: Django can automatically convert passwords when a user with old hasher logs in: https://docs.djangoproject.com/en/1.11/topics/auth/passwords/#password-upgrading
All needed for this is to add the old hasher to setting PASSWOR_HASHER

2. We can convert passwords without the need to login: https://docs.djangoproject.com/en/1.11/topics/auth/passwords/#password-upgrading-without-requiring-a-login

We have 3823 users using an old hasher.

I am unsure about which solution is the best for our needs. Most of the users who registered with an old hasher would likely never come back to our site.

Pros and cons:
Solution 1:
+ Not much work for us
- Needs a user to log out and login again

Solution 2:
+ Clean solution, imho
+ We can rely on the standard settings (no additional setting PASSWORD_HASHER)
- More work
- It may take a longer time to convert old passwords

Any suggestions?

Revision history for this message

kaputtnik (franku) wrote on 2018-04-08:

I have implemented solution 1 for now. This is ok for our needs, imho.

The switch to 1.11 is close to ready. What is missing is the 'Currently Online users' thing... I will try to update tracking according the needed changes (just for fun :-) ). If it is too much work, i will search for another solution.

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-04-09:

Less work sounds good :)

Revision history for this message

kaputtnik (franku) wrote on 2018-04-10:

#10

I got tracking to work again, but after some rethinking this morning i am convinced it is better to remove it. The main reason: It stores too many (useless) values. See https://bazaar.launchpad.net/~widelands-dev/widelands-website/trunk/view/head:/tracking/models.py#L36

Also the ip-address field is not IPv6 compatible (don't know if our server is IPv6 compatible yet, but i think it is).

There were also some errors in the logs which derived from tracking.

All in all it is better to remove it. The solution mentioned in #2 is much better imho: No Database transactions (using a cache) and it stores only the users id.

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-04-11:

#11

I'm always in favor of not collecting useless data, so +1 from me :)

Revision history for this message

kaputtnik (franku) wrote on 2018-04-11:

#12

I have implemented the middleware suggested in #2 and modified it a bit: Added a signal receiver to remove the users id when one definitely hits the logout button. Otherwise he will be shown as long as setting ONLINE_THRESHOLD is defined.

I think this ready now. I will merge it on the alpha site for testing in production maybe next weekend. I will announce it here if it is ready.

Revision history for this message

GunChleoc (gunchleoc) wrote on 2018-04-12:

#13

OK, thanks!

Revision history for this message

kaputtnik (franku) wrote on 2018-04-15:

#14

After solving some problems:

- updating pip and setuptools in the virtualenv
- deleted remaining *. pyc files

the alpha site is running now.

Revision history for this message

kaputtnik (franku) wrote on 2018-04-15:

#15

Reminder: If one is testing e-mailing on the alpha site remember that some are only send after running the management command './manage.py emit_notices' by hand. I will do that from time to time.

kaputtnik (franku) on 2018-05-03

Changed in widelands-website:
status:	Confirmed → Fix Released
assignee:	kaputtnik (franku) → nobody

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.