72acc4ebdc
we have a hunch that some session related issues that we've seen over the last few weeks might be related to weird race conditions where cookies set by subresources (image previews of letters on the send flow) arrive just as the img request is cancelled because the user has clicked on a button to navigate to a new page, but still manage to set the cookie? We're not entirely sure what's going on, but we've got a hunch that not setting cookies on image fetches sounds sensible. Images are always loaded as a subresource (ie: through a `src` tag in an html element), so they should never need to change the cookies, so this seems sensible. We've done this by creating a new blueprint that doesn't set session.permanent, and doesn't call `save_serivce_or_org_after_request` either. cookies are sent back to the browser if: `sesion.modified or (session.permanent and 'REFRESH_EVERY_REQUEST')` (where the latter is a config setting). Turning off REFRESH_EVERY_REQUEST (which is True by default) means that we will only update the sesion if it's been modified. In practice, literally every request is modified in the after_request handler `save_service_or_org_after_request`. This is accidentally convenient, as it guarantees that we'll still send back the cookie normally even though refresh_every_request is disabled. Sending back the cookie updates the expiry time (20 hours), so we need to keep doing this to preserve existing session timeout behaviour.
notifications-admin
GOV.UK Notify admin application.
Features of this application
- Register and manage users
- Create and manage services
- Send batch emails and SMS by uploading a CSV
- Show history of notifications
First-time setup
Brew is a package manager for OSX. The following command installs brew:
/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
Languages needed
brew install node
NPM is Node's package management tool. n is a tool for managing
different versions of Node. The following installs n and uses the long term support (LTS)
version of Node.
npm install -g n
n lts
npm rebuild node-sass
The app runs within a virtual environment. We use mkvirtualenv for easier working with venvs
pip install virtualenvwrapper
mkvirtualenv -p /usr/local/bin/python3 notifications-admin
Install dependencies and build the frontend assets:
workon notifications-admin
./scripts/bootstrap.sh
Rebuilding the frontend assets
If you want the front end assets to re-compile on changes, leave this running in a separate terminal from the app
npm run watch
Create a local environment.sh file containing the following:
echo "
export NOTIFY_ENVIRONMENT='development'
export FLASK_APP=application.py
export FLASK_DEBUG=1
export WERKZEUG_DEBUG_PIN=off
"> environment.sh
AWS credentials
Your aws credentials should be stored in a folder located at ~/.aws. Follow Amazon's instructions for storing them correctly
Running the application
workon notifications-admin
./scripts/run_app.sh
Then visit localhost:6012
Updating application dependencies
requirements.txt file is generated from the requirements-app.txt in order to pin
versions of all nested dependencies. If requirements-app.txt has been changed (or
we want to update the unpinned nested dependencies) requirements.txt should be
regenerated with
make freeze-requirements
requirements.txt should be committed alongside requirements-app.txt changes.
Working with static assets
When running locally static assets are served by Flask at http://localhost:6012/static/…
When running on preview, staging and production there’s a bit more to it:
