Closed yarwelp closed 9 years ago
Such a sandbox, if created, should probably, if possible, be implemented as a Django middleware. Can Django middleware set the database to be used?
While I didn't like docker when I tried it on my ARM SBC, I think it seems the easier option here.
Initial testing shows that instead of Django middleware, Docker should be a good way to solve this.
Leaving the ticket open until I actually have a live demo up and running. It may take a while.
If a token is shared, how to distinguish the person who shared the token and the person who retrieved it? By IP, set cookie? More importantly, how to cleanly integrate that into demoed app?
Consider reverting URL from README since otherwise it'll block us from merging other features into master. See also issue #34.
More importantly, how to cleanly integrate that into demoed app?
Separate most parts of user handling to outside of container. Authentication would happen outside and the containerized app will just be told and have to accept that there is such a user. Could then for production installs integrate with e.g. user auth system on host and have external say that any unix user member of group timelog is authorized (authenticate first, then check authorization).
Sandboxed per visitor? On one hand, this would prevent vandalism, on the other hand, if two people want to try it out on each of their computers, they would not be able to see changes made by each other. Could enable sharing of a sandbox by giving them a share link with a token.