(This might be a dupes, but I could not find it.)

To translate forms, we currently go the following route:

• Mark strings as translatable (only mark, do nothing else)
• wtforms keeps them for us
• Our field rendering tools render the complete field nearly completely ba hand to be able to translate it there. Using standard translation tools there.

This works, mostly. It does not work to translate elements of a select box, for example a title like "- Select Collection -". Because we only mark it, but we're not using our translation tools in the rendering. We could go for rendering that part by hand also.

BUT: wtforms recommends something else:

• Use lazy_pass_to_ugettext() to mark and create a autotranslating object. This feels like a string, but really becomes a translated string, when it is forced to a real string.
• wtforms keeps this thing as a normal object around.
• When rendering it, wtforms will force it to a string as late as possible, so that translations can take effect.

So the first idea is to mark strings using lazy_pass_to_ugettext() and just disable the translation in our rendering tools (just remove the _()!) and see, how it works out.

Old in any forms.py:

from mediagoblin.tools.translate import fake_ugettext_passthrough as _

New:

from mediagoblin.tools.translate import lazy_pass_to_ugettext as _

We want to switch from beaker sessions to itsdangerous based sessions. Why? We should come up with a better list of reaasons than "The core developers like this idea".

What's needed?

1. Remove beaker sessions from paste*.ini
2. Create a class that will be our new request.session
3. Create code to create such an instance from a received cookie.
4. Create code to send a (modified) session as a cookie to the client.

Some more Details

Create a class that will be our new request.session

Some pseudo code:

class MGSession(dict):

    def save(self):
        self.send_new_cookie = True

    def delete(self):
        self.clear()
        self.save()

Create Session Instance from cookie

Here's some pseudo code to do that. It includes code for future "revocation support". Because we do not store anything locally any more, one can only forcibly block sessions by blacklisting. In the first step, its okay to document the needed approach in the code.

class SessionManager(object):
    def load_session_from_cookie(request, cookie_name):
        cookie = request.get_cookie(cookie_name)
        if not cookie:
            request.session = MGSession()
            return
        m = BadCookie.query.filter_by(cookie = cookie)
        if m:
            _log.warn("Bad cookie received: %s", m.reason)
            raise BadRequest()
        parsed_dict = self.signer.loads(cookie, max_age=...)
        requestion.session = MGSession(parsed_dict)

Send cookie

• Only send a cookie, if an update is needed
• If the session is empty delete the cookie on the client (MGSession.delete() was called probably)
• Bonus points: Consider sending a new cookie, if the old one is going to expire soon

I've performed some cleanup on the Android client, and tested it with a local install of GMG 3.3.0. If you have problems with any of the commits, feel free to cherry-pick or ask me about it.

You can view the list of my commits on GitHub: ​https://github.com/dnet/mediagoblin-android/compare/cleanup

You can pull the changes from the cleanup branch from either

• GitHub: ​git://github.com/dnet/mediagoblin-android.git or
• Gitorious: ​git://gitorious.org/~dnet/mediagoblin/dnets-mediagoblin-android.git