mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-03-18 17:22:30 -04:00
0c704c246d
We see over and over in research that people are tripped up by the 10 character requirement because it’s longer than they are used to. Most sites require 6 or 8 characters for a password. It goes against the CESG advice which is to not try increasing password strength by increasing the burden on the user: > Traditionally, organisations impose rules on the length and complexity > of passwords. However, people then tend to use predictable strategies > to generate passwords, so the security benefit is marginal while the > user burden is high. https://www.cesg.gov.uk/guidance/password-guidance-simplifying-your-approach Instead we should be relying on: - [x] two factor authentication - [x] blacklisting common passwords - [ ] locking out users after a number of failed logins (not sure this is working)
notifications-admin
GOV.UK Notify admin application.
Features of this application
- Register and manage users
- Create and manage services
- Send batch emails and SMS by uploading a CSV
- Show history of notifications
First-time setup
Brew is a package manager for OSX. The following command installs brew:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Languages needed
- Python 3.4
- Node 5.0.0 or greater
brew install node
NPM is Node's package management tool. n is a tool for managing
different versions of Node. The following installs n and uses the latest
version of Node.
npm install -g n
n latest
npm rebuild node-sass
The app runs within a virtual environment. We use mkvirtualenv for easier working with venvs
pip install virtualenvwrapper
mkvirtualenv -p /usr/local/bin/python3 notifications-admin
Install dependencies and build the frontend assets:
workon notifications-admin
./scripts/bootstrap.sh
Rebuilding the frontend assets
If you want the front end assets to re-compile on changes, leave this running in a separate terminal from the app
npm run watch
Create a local environment.sh file containing the following:
echo "
export NOTIFY_ENVIRONMENT='development'
export ADMIN_CLIENT_SECRET='notify-secret-key'
export API_HOST_NAME='http://localhost:6011'
export DANGEROUS_SALT='dev-notify-salt'
export SECRET_KEY='notify-secret-key'
export DESKPRO_API_HOST="some-host"
export DESKPRO_API_KEY="some-key"
"> environment.sh
AWS credentials
Your aws credentials should be stored in a folder located at ~/.aws. Follow Amazon's instructions for storing them correctly
Generate the application version file
make generate-version-file
Running the application
workon notifications-admin
./scripts/run_app.sh
Then visit localhost:6012