MUSR is a Django web application where users can share songs they care about, and see what others are sharing.
- Miles Grant 2386227
- Scott Isaac 2419523
- Callum Hunter 2247415
The source code is available at https://github.com/mlsgrnt/musr and is deployed at https://musr.pythonanywhere.com.
This project runs on Python 3.
To clone the repository, run
git clone https://github.com/mlsgrnt/musr
Once the repository is locally cloned, enter the installation directory:
cd musr
Next, install the dependencies with
pip install -r requirements.txt
If the database is empty, some errors will appear. To fix this, run database migrations, and run the population script:
python musr_project/manage.py makemigrations musr
python musr_project/manage.py migrate
python musr_project/populate_musr.py
Start a test server by running
python musr_project/manage.py runserver
Please note that while debug mode is active on the settings.py shipped in this repository, it has been turned off on the PythonAnywhere instance.
Some features will not be functional when running the application on localhost, namely
The reason for both of these is rooted in security. Storing secret client keys in plaintext is very bad practice, and so these keys are stored in the Django database. The population script inserts dummy keys which will not work in practice. We can provide working keys, as well as instructions on how to insert them into the database, through a secure channel. Otherwise, the login works on the deployed version of the application. The add post functionality, too, is disabled on local instances out of security concerns. The server which returns the search results is CORS enabled, as is standard in modern web applications. To prevent malicious misuse of the proxy server, the Access-Control-Allow-Origin header has been set to https://musr.pythonanywhere.com
. Requests coming from any other host will not be accepted. To gain add-post functionality when running from localhost, a new proxy server has to be set up. See the source code of the proxy server for details. Then, either modify add-post.js
to point to the new server, or redirect locally in your system’s hosts file.
Python auto-formatter to ensure code consistency.
Prevents any contributor from committing code that hasn’t been formatted by black.
Monitors the test coverage of every pull request.
Prevents the merging of a pull request which does not pass all test cases.
Used to implement OAuth authentication, forgot password mechanism, email confirmation mechanism.
Used to customize the django-allauth forms.
This “minimal set of CSS variables and utilities” provides a set of base variables and classes which allow for writing clean CSS.
This “framework” contains a few extra css rules for common components such as buttons and input fields which build upon poco.css.
Only the debounce method of lodash is imported. It is used to fire requests in a reasonable manner in the add post interface.
Default profile picture sourced from the excellent Avataaars collection.
Used to provide song search, info, and song previews.
The Deezer API can not be called directly from the browser due to CORS restrictions. To overcome this, a CORS proxy has been set up which restricts API calls to coming from the MUSR website. This enables the client-side Ajax-enabled song search. The source code for this server is available here:
This server makes use of ZEIT’s micro framework, as well as the micro-cors package from NPM. These are used to create an extremely simple CORS-enabled proxy server.