. Adds new contact form view
. Adds in new contact post route which creates GitHub issue for contact request
. Adds a rate_limit decorator function to limit calls to the for that can be used in other sections
Other notable things:
. There is some new config associated with this, in deployment it will be configured with the wellcomedatalabs-cd uiser credentials to populate the issue.
. There is rate-limiting for the GitHub API, so we've rate-limited the POST endpoint.
. There is probably a fair bit more effort that should be done around XSRF
. We should add a recaptcha at some point potentially or some alternative, we have XSRF and a honeypot hidden field, but should make additional effort to protect against bots
Type of change
Please delete options that are not relevant.
[ ] :bug: Bug fix (Add Fix #(issue) to your PR)
[x] :sparkles: New feature
[ ] :fire: Breaking change
[ ] :memo: Documentation update
How Has This Been Tested?
Manually tested in local development env.
Checklist:
[x] My code follows the style guidelines of this project (pep8 AND pyflakes)
[x] I have commented my code, particularly in hard-to-understand areas
[ ] If needed, I changed related parts of the documentation
[ ] I included tests in my PR
[ ] New and existing unit tests pass locally with my changes
[ ] Any dependent changes have been merged and published in downstream modules
[ ] If my PR aims to fix an issue, I referenced it using #(issue)
Description
. Adds new contact form view . Adds in new contact post route which creates GitHub issue for contact request . Adds a rate_limit decorator function to limit calls to the for that can be used in other sections
Other notable things:
. There is some new config associated with this, in deployment it will be configured with the wellcomedatalabs-cd uiser credentials to populate the issue. . There is rate-limiting for the GitHub API, so we've rate-limited the POST endpoint. . There is probably a fair bit more effort that should be done around XSRF . We should add a recaptcha at some point potentially or some alternative, we have XSRF and a honeypot hidden field, but should make additional effort to protect against bots
Type of change
Please delete options that are not relevant.
Fix #(issue)to your PR)How Has This Been Tested?
Manually tested in local development env.
Checklist:
#(issue)