Commit Graph

14 Commits

Author SHA1 Message Date
Leo Hemsted
9391181b2c Add cloudfoundry config values
also added tests
2017-04-10 19:25:08 +01:00
Leo Hemsted
64d162d96e Generate letter previews in the new notifications-template-preview service
by calling through to this, we no longer require admin app to ship
with binary dependencies (imagemagick/cairo/etc)
2017-04-10 16:06:34 +01:00
Chris Hill-Scott
3f3d3930e0 Don’t use https for localhost
We set a URL for the app to use to access itself. On PaaS this is
configurable, locally we default to `localhost`. `localhost` doesn’t
(easily?) support HTTPS, so this default wasn’t working.
2017-04-03 13:47:39 +01:00
Leo Hemsted
85404f20db bump utils to 13.10.0
pass in the base URL - if not set in the environment this is set to
localhost, but on paas we can pull this out of vcap_services so that
letters render properly on paas
2017-03-27 17:59:06 +01:00
bandesz
af576378a2 Add 'production' alias for live environment 2017-03-21 14:44:25 +00:00
Chris Hill-Scott
5ab5a8a57f Make CSRF tokens last as long as the session
If you’re filling out a form then it should be possible to submit it for
as long as you’re logged in. We keep you logged in for quite a long time
now. This is partly for people using assistive tech, who might be slower
to fill in forms, and partly for people who get distracted in the middle
of a task and come back to it later.

The expiry on our CSRF tokens was more aggressive (3600 seconds – 1
hour) than our sessions. This commit sets the CSRF tokens to not expire,
so in effect they last as long as the session.

Also tweaks the config to have CSRF on locally (to replicate production
more closely) and only disable it for tests (because it’s a pain to
grab the tokens in tests).
2017-03-15 11:16:58 +00:00
Leo Hemsted
deb959e835 welsh assembly emails - foo@assembly.wales 2017-03-08 14:08:57 +00:00
Leo Hemsted
1cacd92411 Merge pull request #1153 from alphagov/forget-me
Remove remember me cookie
2017-03-06 09:39:52 +00:00
Chris Hill-Scott
54a666e8e9 Add Scottish Enterprise to list of gov domains
> Scottish Enterprise is Scotland's main economic development agency
> and a non-departmental public body of the Scottish Government.

– https://www.scottish-enterprise.com/about-us

For some reason their email domain is `scotent.co.uk` (but it redirects
to www.scottish-enterprise.com on the web for the some reason
¯\_(ツ)_/¯)
2017-03-02 10:18:19 +00:00
Leo Hemsted
9fda5d1847 remove remember_me cookie and related code 2017-02-27 15:18:18 +00:00
Leo Hemsted
9818a95785 set session timeout to 20 hours
this way if someone does some work in the evening, when they come in next morning
they'll still be logged in. but if someone does stuff in the morning and then leaves
notify, they'll be kicked out by the next day

unless they have an auto-refreshing page like the dashboard open
2017-02-20 11:31:41 +00:00
Chris Hill-Scott
65be12fa87 Remove pentesters from list of domains
Reverts https://github.com/alphagov/notifications-admin/pull/1071
2017-01-31 14:34:02 +00:00
Leo Hemsted
88b848a4a3 bump utils to 13.1.0
brings in changes to allow logging json to sdout on cloudfoundry boxes
2017-01-17 11:44:42 +00:00
bandesz
10950bb8a6 Run on Paas 2017-01-17 11:44:42 +00:00