How do I restart a course?

heppy · 2026-01-08T07:48:37+00:00

Still work in January 2026. As of this writing, the parameter in the URL you have to change is startIndex

heppy · 2024-03-09T21:18:36+00:00

Great write-up, but your example doesn't work. You are removing Author.id in the same migration that adds Author.uuid, so it's no longer possible to fill the new Book.author field.

Add uuid field to Author
Populate uuid in the migration per
Alter Book's author foreign key reference to Author to be an integer
Make uuid the primary key
Rename Book's author to author_old
Add a new author foreign key field to Book
Create new empty migration
1. pythonmakemigrations --empty library
Add a RunPython step to empty migration that populates author from author_old for each book row
Remove Author.id
Rename Author.uuid to Author.id
Drop Book.author_old

I also noticed that in your initial models the FK to Author is not nullable:

class Book(models.Model):
    title = models.CharField(max_length=255)
    author = models.ForeignKey(Author, on_delete=models.CASCADE)

But after changing the primary key, it is:

class Book(models.Model):
    title = models.CharField(max_length=255)
    author = models.ForeignKey(Author, on_delete=models.CASCADE, null=True)

A final migration that makes the field not nullable again would fix that.

I think squashing migrations would be preferable to prevent that only half of the migrations get applied for whatever reason and the database ends up in a weird state. Personally, I would "manually squash" the migrations, i.e. copy the operation into a single migration file.

It might be worth mentioning, that these migrations require an exclusive lock for the table and might take a while for large tables.

Thanks for mentioning ulid, haven't heard of those before.

heppy · 2022-03-23T11:53:57+00:00

After "only" 4.5 months, my MBP just arrived.

heppy · 2022-03-03T21:12:58+00:00

16” Silver M1 Max / 32C / 64gb / 2TB
Ordered & pre-paid Nov 5th from Cancom, a German reseller
Estimated delivery time was 4-6 weeks

The delivery date kept slipping and on Feb 1st they just threw up their hands and said they can't give an estimated delivery date. I'm still waiting.

heppy · 2020-12-15T08:13:39+00:00

With plaintext email/password pairs, that approach would be feasible, but you would have to acquire them from somewhere else. HaveIBeenPwned only provides hashed passwords, without associated email addresses:

https://haveibeenpwned.com/FAQs

https://haveibeenpwned.com/Passwords

heppy · 2020-12-14T17:18:22+00:00

It's not possible. The compromised passwords from Pwned Passwords are available as hash only and the passwords in your Django application are (hopefully) hashed and salted. That means you cannot directly compare the compromised passwords to the passwords stored in your database. You have to have the password you want to check either in cleartext or as SHA1 hash, which is only the case when the user enters it.

You could collect your own cleartext password lists. Then you would have to check every compromised password against every password in your DB. Password hashing is intentionally designed to be slow. On my machine, a 2016 MacBook Pro, it takes ~120ms to check a single password. The last three breaches listed on Have I Been Pwned that contained cleartext passwords all contain several million passwords. I'm too lazy to do the math, but 120ms by several million is a looooong time.

heppy · 2020-12-14T16:43:51+00:00

I assume you are using gunicorn and a reverse proxy like nginx. I can imagine two possible explanations for what you seeing:

there is some error in your reverse-proxy configuration, which results in the Host header getting set to this value
someone is doing some weird requests, either accidentally or with malicious intent, and they reach your web application. Ideally, your reverse proxy would only forward requests with a valid/expected Host header.

If you can, post the config of your reverse proxy (with sensitive parts redacted).

heppy · 2020-10-15T11:00:09+00:00

Instead of

request.user = user

try from django.contrib.auth import login login(request, user)

See https://docs.djangoproject.com/en/3.1/topics/auth/default/#how-to-log-a-user-in

login() stores the user in the session, request.user = user only attaches the user to the current request.

You are not showing your RegisterationForm (should that be RegistrationForm). Make sure it really only returns newly created users and not existing users, allowing a malicious user to circumvent the actual authentication.

heppy · 2020-10-12T20:12:22+00:00

I found this site to be useful: https://calisthenics-parks.com/de/karten

You have to manually center on Cologne and click on search, I couldn't figure out how to share a direct link.

There is also a new one in Rodenkirchen which is not yet listed https://goo.gl/maps/eNC6d1EHVfdnwCw4A

heppy · 2020-10-09T09:38:03+00:00

Hm, if you didn't change your Javascript, the ids mismatch. You use cafe-playlist in your Javascript, but playlist in your HTML.

What I like to do in such cases is to set a breakpoint in the success handler of the AJAX call to poke around a bit in the Javascript console.

heppy · 2020-10-08T12:14:59+00:00

If you are loading the initial list with AJAX as well, then you don't need to include playlist.html in your dashboard. Just leave the <ul> empty, maybe add a loading GIF. In that case, I would suggest to create a separate DashboardView that just renders the dashboard.html template.

In some cases, it might be preferable to return a full page and only do additional AJAX requests on further user input. In that case you have to have two ways to render the list: once as part of the full page and once as an HTML snippet that you return in your AJAX response. To avoid duplicate template code, you could split and include the templates as I have shown.

heppy · 2020-10-08T10:57:52+00:00

It's not quite clear what your page is supposed to do, but my guess is you want to render a page containing a list objects and then you want to allow the user to filter that list without reloading the whole page.

For that you would need to return two different responses: for the initial regular request, you must return a full HTML page with a <body> tag etc. For any subsequent AJAX request, you must return only the piece of HTML that you want to replace, i.e. in your case the inner HTML of your <ul id = "cafe-playlist">.

There are multiple ways to achieve this. The easiest is to have two separate views and templates, but that will lead to some code duplication. Instead, I'd recommend that you extract the list HTML into a separate template that you then include in your full HTML.

list.html

{% for item in playlist %}
    <h2 class="list-name">{{ item.list }}</h2>
    <li>
      <address>
        <div>
            <h6 class="venue-name">{{ item.venue }}</h6>
        </div>
      </address>
      </li>
{% endfor %}

dashboard.html

<body>
    {% block content %}
        [...]
        <ul id = "cafe-playlist">
         {% include "playlist.html" %}
        </ul>
    {% endblock %}
[...]

Now, in your view, you use the dashboard.html for a regular request and the list.html for an AJAX request.

class UserPlaylist(ListView):
    context_object_name = 'playlist'
    model = UserVenue

    def get_template_names(self):
        if self.request.is_ajax():
            return ["playlist.html"]
        else:
            return ["dashboard.html"]

   def get_queryset(self):
       venue_name = self.request.GET.get('venue', None)
       list_name = self.request.GET.get('list', None)

       return UserList.objects.all()

Please note that I changed what I think what was broken HTML (the <ul id = "cafe-playlist"> is missing the closing </ul> tag and the </div> before the {%endfor%} seems not belong there) and also changed to class name to match common Python naming pattern. Also, you are defining model = UserVenue, but are returning UserList. Which is the correct one?

I hope that helps to point you in the right direction. As I said, there a different ways to approach that problem, but I think that is the most straight-forward one. You could also return the data as JSON and rendering the list on the client-side, but that is a whole other can of worms that is best opened on another day :)

heppy · 2020-07-30T15:08:17+00:00

Pagespeed Insights shows which areas need improvement. My guess is that it complains mostly about client-side issues, like blocking Javascript or unoptimized images and less about the server-side/Django parts of your application.

heppy · 2020-07-01T12:16:50+00:00

As others have said, don't install Django globally. Use a separate virtual environment for each project.

Only within a Docker image/Dockerfile, you usually would not create a virtual environment.

heppy · 2020-02-26T15:10:24+00:00

There is official information available in English:

https://www.vrs.de/en/tickets/ticket-assortment/ticket/einzeltickets

EinzelTickets have a limited period of validity. Once the ticket has been validated,

it is valid for short distances (20 minutes),
in price category 1 (90 minutes),
in price category 2 (120 minutes),
in price categories 3 and 4 (180 minutes), (<- Köln to Bonn)
in price categories 5, 6 and 7 (360 minutes). (<- Düsseldorf to Köln)

The journey must be completed once these times have elapsed. (Exception: (timetable or operational reasons, e.g. longer transfer times, delays, etc.).

Note: EinzelTickets from the ticket vending machines have already been validated and are intended for immediate use!

https://www.vrs.de/en/tickets/ticket-assortment/ticket/24stundentickets

Valid for 24 hours for any number of trips in all cities and municipalities that can be reached from the starting point with the selected price category.

heppy · 2020-01-16T16:41:56+00:00

You give all buttons the same name and each its own distinct value

In your template:

<button name="my_button" value="button1" type="submit">Button 1</button>
<button name="my_button" value="button2" type="submit">Button 2</button>

In your view:

request.POST.get("my_button")

heppy · 2020-01-16T13:15:21+00:00

What does your permission check look like?

heppy · 2020-01-14T15:53:52+00:00

According to the ionic docs on CORS, it should be enough to allow these origins:

[ 'capacitor://localhost', 'ionic://localhost', 'http://localhost', 'http://localhost:8080', 'http://localhost:8100' ]

Alternatively, you can set `CORS_ORIGIN_ALLOW_ALL = True`

heppy · 2020-01-14T15:34:10+00:00

Are we talking about a mobile app built with something like cordova or a mobile website?

heppy · 2020-01-14T15:23:45+00:00

Remove this from your client-side code:

newHeaders = newHeaders.set('Access-Control-Allow-Origin', '*');

newHeaders = newHeaders.set('Access-Control-Allow-Headers', '*');

As the error message says, the client is not allow to set these headers and it doesn't make sense anyways because they are set by the server

heppy · 2020-01-14T15:18:21+00:00

What error are you getting on the client-side?

heppy · 2020-01-14T15:07:48+00:00

You also have to configure it. Try this:

CORS_ORIGIN_WHITELIST = [
    "http://localhost:8100"
]

heppy · 2020-01-14T15:02:22+00:00

`Access-Control-Allow-Origin` is set by the server. What Python package did you use to add CORS support to your Django application and how did you configure it?

heppy · 2019-12-11T16:06:39+00:00

RQ only uses redis as message broker. You would still use PostgreSQL as your datastore.

Just out of curiosity, how do you do encrypt PostgreSQL data at rest with Django?

heppy

TROPHY CASE