9 years ago · 1279f0d961
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -33,6 +33,8 @@ These are the path you see in the browser (AngularJS does client-side routing: n
 
				 - /#/person/:person_id - show information about an existing person (contains the list of events the person registered for)
			
 
				 - /#/person/:person_id/edit - edit form to modify an existing person
			
 
				 - /#/import/persons - form used to import persons in bulk
			
 
				+- /login - login form
			
 
				+- /logout - when visited, the user is logged out
			
 
				 
			
 
				 
			
 
				 Web server
			
@@ -53,6 +55,11 @@ The paths used to communicate with the Tornado web server:
 
				 - /events/:event_id/persons/:person_id PUT - update the information about a person related to a given event (e.g.: if the person attended)
			
 
				 - /persons/:person_id/events GET - the list of events the person registered for
			
 
				 - /ebcsvpersons POST - csv file upload to import persons
			
 
				+- /login - login form
			
 
				+- /logout - when visited, the user is logged out
			
 
				+
			
 
				+Notice that the above path are the ones used by the webapp. If you plan to use them from an external application (like the _eventman_ barcode/qrcode scanner) you better prepend all the path with /v1.0, where 1.0 is the current value of API\_VERSION.
			
 
				+The main advantage in doing so is that, for every call, a useful status code and a JSON value is returned (also for /v10/login that usually would show you the login page).
			
 
				 
			
 
				 
			
 
				 Triggers
			
@@ -76,6 +83,8 @@ update_person_in_event and attends will receive these information:
 
				   - PERSON_ID
			
 
				   - EVENT_ID
			
 
				   - EVENT_TITLE
			
 
				+  - SEQ
			
 
				+  - SEQ_HEX
			
 
				 - via stdin, a dictionary containing:
			
 
				   - dictionary **old** with the old data of the person
			
 
				   - dictionary **new** with the new data of the person
			
@@ -113,6 +122,8 @@ Main field:
 
				   - persons.$.company
			
 
				   - persons.$.job
			
 
				   - persons.$.ebqrcode
			
 
				+  - persons.$.seq
			
 
				+  - persons.$.seq_hex
			
 
				 
			
 
				 
			
 
				 persons collection
			
@@ -126,6 +137,16 @@ Basic information about a person:
 
				 - persons.job
			
 
				 
			
 
				 
			
 
				+users collection
			
 
				+----------------
			
 
				+
			
 
				+Contains a list of username and associated values, like the password used for authentication.
			
 
				+
			
 
				+To generate the hash, use:
			
 
				+    import utils
			
 
				+    print utils.hash_password('MyVerySecretPassword')
			
 
				+
			
 
				+
			
 
				 TODO
			
 
				 ====
			
 
				 
			
@@ -143,5 +164,6 @@ Nice to have
 
				 - notifications for form editing and other actions
			
 
				 - authentication for administrators
			
 
				 - i18n
			
 
				+- settings page
			
 
				 - logging and debugging code
			
 
				 
			
--- a/README.md
+++ b/README.md
@@ -15,10 +15,12 @@ Technological stack
 
				 
			
 
				 - [AngularJS](https://angularjs.org/) (plus some third-party modules) for the webApp
			
 
				 - [Bootstrap](http://getbootstrap.com/) (plus [Angular UI](https://angular-ui.github.io/bootstrap/)) for the eye-candy
			
 
				+- [Font Awesome](https://fortawesome.github.io/Font-Awesome/) for even more cuteness
			
 
				 - [Tornado web](http://www.tornadoweb.org/) as web server
			
 
				 - [MongoDB](https://www.mongodb.org/) to store the data
			
 
				 
			
 
				 The web part is incuded; you need to install Tornado, MongoDB and the pymongo module on your system (no configuration needed).
			
 
				+If you want to print labels using the _print\_label_ trigger, you may also need the pycups module.
			
 
				 
			
 
				 
			
 
				 Coding style and conventions
			
@@ -50,6 +52,11 @@ Open browser and navigate to: http://localhost:5242/
 
				 
			
 
				 If you store SSL key and certificate in the *ssl* directory (default names: eventman\_key.pem and eventman\_cert.pem), HTTPS will be used: https://localhost:5242/
			
 
				 
			
 
				+Authentication
			
 
				+==============
			
 
				+
			
 
				+By default, authentication is required; default username and password are *admin* and *eventman*.
			
 
				+
			
 
				 
			
 
				 License and copyright
			
 
				 =====================
			
--- a/data/triggers-available/print_label.py
+++ b/data/triggers-available/print_label.py
@@ -23,7 +23,7 @@ FONT_TEXT_ENCODING = 'latin-1'
 
				 FONT_BARCODE = 'free3of9.ttf'
			
 
				 
			
 
				 PRINTER_NAME = None
			
 
				-PRINTER_NAME = 'DYMO_LabelWriter_450'
			
 
				+#PRINTER_NAME = 'DYMO_LabelWriter_450'
			
 
				 
			
 
				 
			
 
				 def _get_resource(filename):
			
--- a/eventman_server.py
+++ b/eventman_server.py
@@ -665,6 +665,16 @@ def run():
 
				         db_connector.add('users',
			
 
				                 {'username': 'admin', 'password': utils.hash_password('eventman')})
			
 
				 
			
 
				+    # If present, use the cookie_secret stored into the database.
			
 
				+    cookie_secret = db_connector.query('settings', {'setting': 'server_cookie_secret'})
			
 
				+    if cookie_secret:
			
 
				+        cookie_secret = cookie_secret[0]['cookie_secret']
			
 
				+    else:
			
 
				+        # the salt guarantees its uniqueness
			
 
				+        cookie_secret = utils.hash_password('__COOKIE_SECRET__')
			
 
				+        db_connector.add('settings',
			
 
				+                {'setting': 'server_cookie_secret', 'cookie_secret': cookie_secret})
			
 
				+
			
 
				     _ws_handler = (r"/ws/+event/+(?P<event_id>\w+)/+updates/?", WebSocketEventUpdatesHandler)
			
 
				     _persons_path = r"/persons/?(?P<id_>\w+)?/?(?P<resource>\w+)?/?(?P<resource_id>\w+)?"
			
 
				     _events_path = r"/events/?(?P<id_>\w+)?/?(?P<resource>\w+)?/?(?P<resource_id>\w+)?"