Six Feet Up deployed a custom digital signage application using an agile development process, with rapid prototyping and an ongoing back-and-forth feedback loop with ReTrans.
The new system presents a variety of information in a multi-panel template with several rotating screens. Content includes both internal and external data, such as fuel price from the Department of Energy, weather maps from the Weather Channel, news feeds from CNN, ReTrans' internal shipment information, etc.
The application is based on Dashing, an open source technology developed by Shopify. It uses a REST API, which makes it easy to pull data from any Python applications developed by ReTrans, including the company's Django-based transportation management system.
Eventually the digital signage system will be able to present specific data using different layouts depending on the geographic location of the displays.
A Pyramid-based OpenID solution
Six Feet Up architected and implemented an OpenID solution based off of the Python Web framework Pyramid, using solid open-source tools such as PostgreSQL, Twitter Bootstrap and PassLib.
Six Feet Up's Open ID solution helps defeat brute force attacks by artificially increasing the time it takes to authenticate users and passwords.
The new system also boasts a brand new UI aimed at providing both admin and end-users with a faster, more intuitive and more modern experience. For instance, admin users can manage users and user access more easily with the new implementation.
Usability and Features
The OpenID solution allows users to:
- Use a search bar that uses full-text search (previously had to search specific fields) to look up information
- Disable users right from the user list (vs. from the profile page)
- Prompt password reset from the user list
- Review stats on last login, account creation, etc.
- Review and manage the domains included in the OpenID implementation via a Domain management interface
- Use various reporting tools and send the data to Excel
- Leverage an admin control panel to create variables (e.g. who can receive email sent to the "contact us" form, set the maximum number of login attempts before access is disabled, set how long is the password reset link is valid for, etc.)
In addition end-users now can:
- Enjoy the same password strength security as in Dropbox, thanks to a widget that measures the entropy of the characters in the password and rates it in a toolbar in real-time
- Get redirected to the main Plone site immediately after registering an account.
- Get their previously-stored password hashes automatically updated to current best practices thanks to "PassLib"
- Check a "remember me" box on the sign in page
"Working with Six Feet Up has been a pleasure. They replaced our OpenID system with a modern implementation and seamlessly integrated it with our other websites. This allowed us to improve the security of the application with little to no impact on the users and provided us with a solid foundation for us to build on in the future." - Chris Fleisch, Programmer/Analyst at Simons Foundation
From a performance standpoint, the new OpenID implementation offers record stats, with performance log under 20 milliseconds. The only view that takes longer than this is the actual login form, which is by design. The login form takes longer to hash users' passwords to mitigate automated brute-force attacks.
Security was also greatly improved in this new OpenID implementation: when new accounts are created, admins get automatically notified by email. And when users makes changes to their profiles, they also receive an automated confirmation email which can be highly customized.