Gitlab Lobby issueshttps://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues2024-03-11T12:22:13Zhttps://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/30Maybe integrate anon_ticket into this application2024-03-11T12:22:13ZjugaMaybe integrate anon_ticket into this applicationAs commented at [Anonticket and gitlab lobby: plans and possibilities](https://gitlab.torproject.org/tpo/team/-/wikis/costa-rica-anonticket-discussion) it'd be great to integrate both applications as they are both programmed with Django....As commented at [Anonticket and gitlab lobby: plans and possibilities](https://gitlab.torproject.org/tpo/team/-/wikis/costa-rica-anonticket-discussion) it'd be great to integrate both applications as they are both programmed with Django.
Nice to have if it doesn't require much time.
Roadmapping for Q3.jugajugahttps://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/11Quiet down the new location mail from gitlab2020-08-24T22:24:18ZGhost UserQuiet down the new location mail from gitlabHey, I'm a new user and preferably login through tor, so on each successful attempt to do so, I'm greated with a mail.
A sign-in to your account has been made from the following IP address: XX.XX.XXX.XX
If you recently signed in and rec...Hey, I'm a new user and preferably login through tor, so on each successful attempt to do so, I'm greated with a mail.
A sign-in to your account has been made from the following IP address: XX.XX.XXX.XX
If you recently signed in and recognize the IP address, you may disregard this email.
If you did not recently sign in, you should immediately change your password: ..........
Is this more of a gitlab thing? Can I turn this off? For tor-project I think a mail shouldn't be sent just because of a new login location(or ip addr).https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/29Add championquizzer to the admin for the gitlab lobby2022-04-04T23:08:22ZGabagaba@torproject.orgAdd championquizzer to the admin for the gitlab lobbyAdd championquizzer so he can approve gitlab accounts.Add championquizzer so he can approve gitlab accounts.Gabagaba@torproject.orgGabagaba@torproject.orghttps://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/28Make some cosmetic tweaks to the form to foil spam accounts2024-03-11T12:23:38ZNick MathewsonMake some cosmetic tweaks to the form to foil spam accountsHere are a few things we could do to the main "create an account" form that might discourage automated spam:
* Rename the "reason" field to something that spambots will fill in some other way, like "address" or "zip" or ""
* Add a n...Here are a few things we could do to the main "create an account" form that might discourage automated spam:
* Rename the "reason" field to something that spambots will fill in some other way, like "address" or "zip" or ""
* Add a name field that gets hidden via CSS; if it gets filled in, the request should get rejected.
* Change the example 'reason' from "I wish to report an issue in Tor Browser" to something less likely, like "I wish to report an issue in the TorCtl library."https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/20Add an admin-only "notes" field to requests2024-02-14T09:43:28ZNick MathewsonAdd an admin-only "notes" field to requestsRight now if we want to make notes on a request we need to edit the request. That's error-prone and eventually will create problems.
Instead, each request should have a separate "notes" field. Only admins should be able to review and ...Right now if we want to make notes on a request we need to edit the request. That's error-prone and eventually will create problems.
Instead, each request should have a separate "notes" field. Only admins should be able to review and edit this field.jugajugahttps://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/16Automatically reject emails from known bad domains2024-03-11T12:25:04ZAlexander Færøyahf@torproject.orgAutomatically reject emails from known bad domainsWe should have a list of known *bad* domains, and automatically reject those.
The following list would be a good start: https://gist.github.com/michenriksen/8710649
This should just be a settings entry and doesn't have to be dynamicall...We should have a list of known *bad* domains, and automatically reject those.
The following list would be a good start: https://gist.github.com/michenriksen/8710649
This should just be a settings entry and doesn't have to be dynamically changable.https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/10Automatically accept accounts from some mail providers2020-07-28T15:59:12ZAlexander Færøyahf@torproject.orgAutomatically accept accounts from some mail providersWe should consider automatically accepting new account requests from some mail providers. Right now it seems like we do get spam account request from gmail.com and googlemail.com, but all of the Riseup ones have been legitimate it seems....We should consider automatically accepting new account requests from some mail providers. Right now it seems like we do get spam account request from gmail.com and googlemail.com, but all of the Riseup ones have been legitimate it seems.
Which providers should we accept by default:
- Riseup.https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/6README doesn't say how to connect to service2020-07-28T13:34:03ZNick MathewsonREADME doesn't say how to connect to serviceI'm trying to connect to the URL it gave me, and it's saying:
```
Invalid HTTP_HOST header: '127.0.0.1:8000'. You may need to add '127.0.0.1' to ALLOWED_HOSTS.
```
Maybe together with #4, this means that we should add an "edit your sett...I'm trying to connect to the URL it gave me, and it's saying:
```
Invalid HTTP_HOST header: '127.0.0.1:8000'. You may need to add '127.0.0.1' to ALLOWED_HOSTS.
```
Maybe together with #4, this means that we should add an "edit your settings.py" step to the instructions?https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/5secrets should not be in public version control2022-05-30T19:11:49ZNick Mathewsonsecrets should not be in public version controlInstead of having the secrets put in a settings.py file, they should be in some other file that settings.py references. This other file should not be under version control in our public repository.Instead of having the secrets put in a settings.py file, they should be in some other file that settings.py references. This other file should not be under version control in our public repository.https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/4README doesn't mention SECRET_KEY2020-07-28T13:34:03ZNick MathewsonREADME doesn't mention SECRET_KEYWhen I try to follow the instructions in the readme, I get told:
```
django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty.
```When I try to follow the instructions in the readme, I get told:
```
django.core.exceptions.ImproperlyConfigured: The SECRET_KEY setting must not be empty.
```https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/3Create an official repository for lobby once we're reasonably confident we're...2020-07-28T15:59:31ZNick MathewsonCreate an official repository for lobby once we're reasonably confident we're going to use itLet's have things like lobby in tpo/ somewhere, once we're happy doing so. :)Let's have things like lobby in tpo/ somewhere, once we're happy doing so. :)https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/-/issues/2Test test2020-06-16T21:47:44ZAlexander Færøyahf@torproject.orgTest testSummary
Test testSummary
Test testAlexander Færøyahf@torproject.orgAlexander Færøyahf@torproject.org