Merge branch 'devel' into 'master'

🚀 Major Release: ivatar 2.0 - Performance, Security, and Instrumentation Overhaul

Closes #106, #104, and #102

See merge request oliver/ivatar!281

.buildpacks

@@ -0,0 +1 @@
+https://github.com/heroku/heroku-buildpack-python

.cursorrules

@@ -0,0 +1,246 @@
+# ivatar/libravatar Project Rules
+
+## Project Overview
+ivatar is a Django-based federated avatar service that serves as an alternative to Gravatar. It provides avatar images for email addresses and OpenID URLs, with support for the Libravatar federation protocol.
+
+## Core Functionality
+- Avatar service for email addresses and OpenID URLs
+- Federated compatibility with Libravatar protocol
+- Multiple authentication methods (OpenID, OpenID Connect/Fedora, Django auth)
+- Image upload, cropping, and management
+- External avatar import (Gravatar, other Libravatar instances)
+- Bluesky handle integration
+- Multiple theme support (default, clime, green, red)
+- Internationalization (15+ languages)
+
+## Technical Stack
+- **Framework**: Django 4.2+ with Python 3.x
+- **Database**: SQLite (development), MySQL/MariaDB, PostgreSQL (production)
+- **Image Processing**: PIL/Pillow for image manipulation
+- **Authentication**: django-openid-auth, social-auth-app-django
+- **Caching**: Memcached and filesystem caching
+- **Email**: Mailgun integration via django-anymail
+- **Testing**: pytest with custom markers
+
+## Key Models
+- `Photo`: Stores uploaded avatar images with format detection and access counting
+- `ConfirmedEmail`: Verified email addresses with assigned photos and Bluesky handles
+- `ConfirmedOpenId`: Verified OpenID URLs with assigned photos and Bluesky handles
+- `UserPreference`: User theme preferences
+- `UnconfirmedEmail`: Email verification workflow
+- `UnconfirmedOpenId`: OpenID verification workflow
+
+## Security Features
+- File upload validation and sanitization
+- EXIF data removal (ENABLE_EXIF_SANITIZATION)
+- Malicious content scanning (ENABLE_MALICIOUS_CONTENT_SCAN)
+- Comprehensive security logging
+- File size limits and format validation
+- Trusted URL validation for external avatar sources
+
+## Development Workflow Rules
+
+### Tool Usage Guidelines
+- **Prefer MCP tools over command-line alternatives** - When MCP (Model Context Protocol) tools are available for a task, use them instead of command-line tools
+- **Examples**: Use `mcp_lkernat-gitlab_*` functions instead of `glab` commands, prefer MCP web search over terminal `curl` calls
+- **Benefits**: MCP tools provide more reliable, direct interfaces and better error handling
+- **Fallback**: Only use command-line tools when no MCP alternative exists
+
+### External Resources & Libraries
+- **Web search is always allowed** - use web search to find solutions, check documentation, verify best practices
+- **Use latest library versions** - always prefer the latest stable versions of external libraries
+- **Security first** - outdated libraries are security risks, always update to latest versions
+- **Dependency management** - when adding new dependencies, ensure they're actively maintained and secure
+
+### Testing
+- **MANDATORY: Run pre-commit hooks and tests before any changes** - this is an obligation
+- Use `./run_tests_local.sh` for local development (skips Bluesky tests requiring API credentials)
+- Run `python3 manage.py test -v3` for full test suite including Bluesky tests
+- **MANDATORY: When adding new code, always write tests to increase code coverage** - never decrease coverage
+- Use pytest markers appropriately:
+  - `@pytest.mark.bluesky`: Tests requiring Bluesky API credentials
+  - `@pytest.mark.slow`: Long-running tests
+  - `@pytest.mark.integration`: Integration tests
+  - `@pytest.mark.unit`: Unit tests
+
+### Code Quality
+- Always check for linter errors after making changes using `read_lints`
+- Follow existing code style and patterns
+- Maintain comprehensive logging (use `logger = logging.getLogger("ivatar")`)
+- Consider security implications of any changes
+- Follow Django best practices and conventions
+- **Reduce script creation** - avoid creating unnecessary scripts, prefer existing tools and commands
+- **Use latest libraries** - always use the latest versions of external libraries to ensure security and bug fixes
+
+### Database Operations
+- Use migrations for schema changes: `./manage.py migrate`
+- Support multiple database backends (SQLite, MySQL, PostgreSQL)
+- Use proper indexing for performance (see existing model indexes)
+
+### Image Processing
+- Support multiple formats: JPEG, PNG, GIF, WEBP
+- Maximum image size: 512x512 pixels (AVATAR_MAX_SIZE)
+- Maximum file size: 10MB (MAX_PHOTO_SIZE)
+- JPEG quality: 85 (JPEG_QUALITY)
+- Always validate image format and dimensions
+
+## Configuration Management
+- Main settings in `ivatar/settings.py` and `config.py`
+- Local overrides in `config_local.py` (not in version control)
+- Environment variables for sensitive data (database credentials, API keys)
+- Support for multiple deployment environments (development, staging, production)
+
+## Authentication & Authorization
+- Multiple backends: Django auth, OpenID, Fedora OIDC
+- Social auth pipeline with custom steps for email confirmation
+- User account creation and management
+- Email verification workflow
+
+## Caching Strategy
+- Memcached for general caching
+- Filesystem cache for generated images
+- 5-minute cache for resized images (CACHE_IMAGES_MAX_AGE)
+- Cache invalidation on photo updates
+
+## Internationalization
+- Support for 15+ languages
+- Use Django's translation framework
+- Template strings should be translatable
+- Locale-specific formatting
+
+## File Structure Guidelines
+- Main Django app: `ivatar/`
+- Account management: `ivatar/ivataraccount/`
+- Tools: `ivatar/tools/`
+- Static files: `ivatar/static/` and `static/`
+- Templates: `templates/` and app-specific template directories
+- Tests: Co-located with modules or in dedicated test files
+
+## Security Considerations
+- Always validate file uploads
+- Sanitize EXIF data from images
+- Use secure password hashing (Argon2 preferred, PBKDF2 fallback)
+- Implement proper CSRF protection
+- Use secure cookies in production
+- Log security events to dedicated security log
+
+## Performance Considerations
+- Use database indexes for frequently queried fields
+- Implement proper caching strategies
+- Optimize image processing operations
+- Monitor access counts for analytics
+- Use efficient database queries
+
+## Production Deployment & Infrastructure
+
+### Hosting & Sponsorship
+- **Hosted by Fedora Project** - Free infrastructure provided due to heavy usage by Fedora community
+- **Scale**: Handles millions of requests daily for 30k+ users with 33k+ avatar images
+- **Performance**: High-performance system optimized for dynamic content (CDN difficult due to dynamic sizing)
+
+### Production Architecture
+- **Redis**: Session storage (potential future caching expansion)
+- **Monitoring Stack**:
+  - Prometheus + Alertmanager for metrics and alerting
+  - Loki for log aggregation
+  - Alloy for observability
+  - Grafana for visualization
+  - Custom exporters for application metrics
+- **Apache HTTPD**:
+  - SSL termination
+  - Load balancer for Gunicorn containers
+  - Caching (memory/socache and disk cache - optimization ongoing)
+- **PostgreSQL**: Main production database
+- **Gunicorn**: 2 containers running Django application
+- **Containerization**: **Podman** (not Docker) - always prefer podman when possible
+
+### Development Environment
+- **Dev Instance**: dev.libravatar.org (auto-deployed from 'devel' branch via Puppet)
+- **Limitation**: Aging CentOS 7 host with older Python 3.x and Django versions
+- **Compatibility**: Must maintain backward compatibility with older versions
+
+### CI/CD & Version Control
+- **GitLab**: Self-hosted OSS/Community Edition on git.linux-kernel.at
+- **CI**: GitLab CI extensively used
+- **CD**: GitLab CD on roadmap (part of libravatar-ansible project)
+- **Deployment**: Separate libravatar-ansible project handles production deployments
+- **Container Management**: Ansible playbooks rebuild custom images and restart containers as needed
+
+### Deployment Considerations
+- Production requires proper database setup (PostgreSQL, not SQLite)
+- Static file collection required: `./manage.py collectstatic`
+- Environment-specific configuration via environment variables
+- Custom container images with automated rebuilds
+- High availability and performance optimization critical
+
+## Common Commands
+```bash
+# Development server
+./manage.py runserver 0:8080
+
+# Run local tests (recommended for development)
+./run_tests_local.sh
+
+# Run all tests
+python3 manage.py test -v2
+
+# Database migrations
+./manage.py migrate
+
+# Collect static files
+./manage.py collectstatic -l --no-input
+
+# Create superuser
+./manage.py createsuperuser
+```
+
+## Code Style Guidelines
+- Use descriptive variable and function names
+- Add comprehensive docstrings for classes and methods
+- **MANDATORY: Include type hints for ALL new code** - this is a strict requirement
+- Follow PEP 8 and Django coding standards
+- Use meaningful commit messages
+- Add comments for complex business logic
+
+## Error Handling
+- Use proper exception handling with specific exception types
+- Log errors with appropriate levels (DEBUG, INFO, WARNING, ERROR)
+- Provide user-friendly error messages
+- Implement graceful fallbacks where possible
+
+## API Compatibility
+- Maintain backward compatibility with existing avatar URLs
+- Support Libravatar federation protocol
+- Ensure Gravatar compatibility for imports
+- Preserve existing URL patterns and parameters
+
+## Monitoring & Logging
+- Use structured logging with appropriate levels
+- Log security events to dedicated security log
+- Monitor performance metrics (access counts, response times)
+- Implement health checks for external dependencies
+- **Robust logging setup**: Automatically tests directory writeability and falls back gracefully
+- **Fallback hierarchy**: logs/ → /tmp/libravatar-logs → user-specific temp directory
+- **Permission handling**: Handles cases where logs directory exists but isn't writable
+
+## GitLab CI/CD Monitoring
+- **MANDATORY: Check GitLab pipeline status regularly** during development
+- Monitor pipeline status for the current working branch (typically `devel`)
+- Use `glab ci list --repo git.linux-kernel.at/oliver/ivatar --per-page 5` to check recent pipelines
+- Verify all tests pass before considering work complete
+- Check pipeline logs with `glab ci trace <pipeline-id> --repo git.linux-kernel.at/oliver/ivatar` if needed
+- Address any CI failures immediately before proceeding with new changes
+- Pipeline URL: https://git.linux-kernel.at/oliver/ivatar/-/pipelines
+
+## Deployment Verification
+- **Automatic verification**: GitLab CI automatically verifies dev.libravatar.org deployments on `devel` branch
+- **Manual verification**: Production deployments on `master` branch can be verified manually via CI
+- **Version endpoint**: `/deployment/version/` provides commit hash, branch, and deployment status
+- **Security**: Version endpoint uses cached git file reading (no subprocess calls) to prevent DDoS attacks
+- **Performance**: Version information is cached in memory to avoid repeated file system access
+- **SELinux compatibility**: No subprocess calls that might be blocked by SELinux policies
+- **Manual testing**: Use `./scripts/test_deployment.sh` to test deployments locally
+- **Deployment timing**: Dev deployments via Puppet may take up to 30 minutes to complete
+- **Verification includes**: Version matching, avatar endpoint, stats endpoint functionality
+
+Remember: This is a production avatar service handling user data and images. Security, performance, and reliability are paramount. Always consider the impact of changes on existing users and federated services.

.env

@@ -1,6 +1,8 @@
 if [ ! -d .virtualenv ]; then
   if [ ! "$(which virtualenv)" == "" ]; then
-    virtualenv -p python3 .virtualenv
+    if [ -f .env ]; then
+      virtualenv -p python3 .virtualenv
+    fi
   fi
 fi
 if [ -f .virtualenv/bin/activate ]; then

.flake8

@@ -1,5 +1,5 @@
 [flake8]
-ignore = E501, W503, E402, C901
+ignore = E501, W503, E402, C901, E231, E702
 max-line-length = 79
 max-complexity = 18
 select = B,C,E,F,W,T4,B9

.gitignore

@@ -20,3 +20,6 @@ falko_gravatar.jpg
 *.egg-info
 dump_all*.sql
 dist/
+.env.local
+tmp/
+logs/

.gitlab-ci.yml

@@ -1,11 +1,65 @@
-default:
-  image:
-    name: quay.io/rhn_support_ofalk/fedora35-python3
-    entrypoint: [ '/bin/sh', '-c' ]
+image:
+  name: git.linux-kernel.at:5050/oliver/fedora42-python3:latest
+  entrypoint:
+  - "/bin/sh"
+  - "-c"
 
-before_script:
+# Cache pip deps to speed up builds
+cache:
+  paths:
+    - .pipcache
+variables:
+  PIP_CACHE_DIR: .pipcache
+
+# Test with OpenTelemetry instrumentation (always enabled, export disabled in CI)
+test_and_coverage:
+  stage: build
+  coverage: "/^TOTAL.*\\s+(\\d+\\%)$/"
+  services:
+    - postgres:latest
+  variables:
+    POSTGRES_DB: django_db
+    POSTGRES_USER: django_user
+    POSTGRES_PASSWORD: django_password
+    POSTGRES_HOST: postgres
+    DATABASE_URL: "postgres://django_user:django_password@postgres/django_db"
+    PYTHONUNBUFFERED: 1
+    # OpenTelemetry instrumentation always enabled, export controlled by OTEL_EXPORT_ENABLED
+    OTEL_EXPORT_ENABLED: "false"  # Disable export in CI to avoid external dependencies
+    OTEL_SERVICE_NAME: "ivatar-ci"
+    OTEL_ENVIRONMENT: "ci"
+  before_script:
   - virtualenv -p python3 /tmp/.virtualenv
   - source /tmp/.virtualenv/bin/activate
+  - pip install -U pip
+  - pip install Pillow
+  - pip install -r requirements.txt
+  - pip install python-coveralls
+  - pip install coverage
+  - pip install pycco
+  - pip install django_coverage_plugin
+  script:
+  - source /tmp/.virtualenv/bin/activate
+  - echo 'from ivatar.settings import TEMPLATES' > config_local.py
+  - echo 'TEMPLATES[0]["OPTIONS"]["debug"] = True' >> config_local.py
+  - echo "DEBUG = True" >> config_local.py
+  - echo "from config import CACHES" >> config_local.py
+  - echo "CACHES['default'] = CACHES['filesystem']" >> config_local.py
+  - python manage.py sqldsn
+  - python manage.py collectstatic --noinput
+  - echo "Running tests with OpenTelemetry instrumentation enabled..."
+  - coverage run --source . scripts/run_tests_with_coverage.py
+  - coverage report --fail-under=70
+  - coverage html
+  artifacts:
+    paths:
+    - htmlcov/
+pycco:
+  stage: test
+  before_script:
+  - virtualenv -p python3 /tmp/.virtualenv
+  - source /tmp/.virtualenv/bin/activate
+  - pip install -U pip
   - pip install Pillow
   - pip install -r requirements.txt
   - pip install python-coveralls
@@ -13,68 +67,202 @@ before_script:
   - pip install pycco
   - pip install django_coverage_plugin
 
-test_and_coverage:
-  stage: test
-  coverage: '/^TOTAL.*\s+(\d+\%)$/'
   script:
+  - "/bin/true"
+  - find ivatar/ -type f -name "*.py"|grep -v __pycache__|grep -v __init__.py|grep
+    -v /migrations/ | xargs pycco -p -d pycco -i -s
+  artifacts:
+    paths:
+    - pycco/
+    expire_in: 14 days
+pages:
+  stage: deploy
+  dependencies:
+  - test_and_coverage
+  - pycco
+  script:
+  - mv htmlcov/ public/
+  - mv pycco/ public/
+  artifacts:
+    paths:
+    - public
+    expire_in: 14 days
+  only:
+  - master
+#build-image:
+#  image: docker
+#  only:
+#    - master
+#    - devel
+#  services:
+#  - docker:dind
+#  before_script:
+#  - docker info
+#  - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
+#  script:
+#  - ls -lah
+#  - |
+#    if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
+#      tag=""
+#      echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
+#    else
+#      tag=":$CI_COMMIT_REF_SLUG"
+#      echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
+#    fi
+#  - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
+#  - docker push "$CI_REGISTRY_IMAGE${tag}"
+
+# Local performance testing job (runs in CI environment)
+performance_tests_local:
+  stage: test
+  services:
+    - postgres:latest
+  variables:
+    POSTGRES_DB: django_db
+    POSTGRES_USER: django_user
+    POSTGRES_PASSWORD: django_password
+    POSTGRES_HOST: postgres
+    DATABASE_URL: "postgres://django_user:django_password@postgres/django_db"
+    PYTHONUNBUFFERED: 1
+    # OpenTelemetry configuration for performance testing
+    OTEL_EXPORT_ENABLED: "false"
+    OTEL_SERVICE_NAME: "ivatar-perf-test-local"
+    OTEL_ENVIRONMENT: "ci-performance"
+  before_script:
+    - virtualenv -p python3 /tmp/.virtualenv
+    - source /tmp/.virtualenv/bin/activate
+    - pip install -U pip
+    - pip install Pillow
+    - pip install -r requirements.txt
+    - pip install requests  # Additional dependency for performance tests
+  script:
+    - source /tmp/.virtualenv/bin/activate
     - echo 'from ivatar.settings import TEMPLATES' > config_local.py
     - echo 'TEMPLATES[0]["OPTIONS"]["debug"] = True' >> config_local.py
     - echo "DEBUG = True" >> config_local.py
     - echo "from config import CACHES" >> config_local.py
     - echo "CACHES['default'] = CACHES['filesystem']" >> config_local.py
+    - python manage.py migrate
     - python manage.py collectstatic --noinput
-    - coverage run --source . manage.py test -v3
-    - coverage report --fail-under=70
-    - coverage html
+    - echo "Running local performance tests (no cache testing)..."
+    - python3 scripts/performance_tests.py --no-cache-test --output performance_local.json
   artifacts:
     paths:
-      - htmlcov/
+      - performance_local.json
+    expire_in: 7 days
+  allow_failure: true  # Don't fail the pipeline on performance issues, but report them
 
-pycco:
-  stage: test
-  script:
-    - /bin/true
-    - find ivatar/ -type f -name "*.py"|grep -v __pycache__|grep -v __init__.py|grep -v /migrations/ | xargs pycco -p -d pycco -i -s
-  artifacts:
-    paths:
-      - pycco/
-    expire_in: 14 days
-
-pages:
-  before_script:
-    - /bin/true
-    - /bin/true
+# Performance testing against dev server (devel branch only)
+performance_tests_dev:
   stage: deploy
-  dependencies:
-    - test_and_coverage
-    - pycco
+  image: python:3.11-alpine
+  only:
+    - devel
+  when: on_success  # Run automatically after successful deployment verification
+  variables:
+    DEV_URL: "https://dev.libravatar.org"
+    PYTHONUNBUFFERED: 1
+  before_script:
+    - apk add --no-cache curl
+    - pip install requests Pillow prettytable pyLibravatar dnspython py3dns
   script:
-    - mv htmlcov/ public/
-    - mv pycco/ public/
+    - echo "Running performance tests against dev.libravatar.org..."
+    - python3 scripts/performance_tests.py --base-url $DEV_URL --concurrent-users 5 --avatar-threshold 2500 --response-threshold 2500 --p95-threshold 5000 --ignore-cache-warnings --output performance_dev.json
   artifacts:
     paths:
-      - public
-    expire_in: 14 days
+      - performance_dev.json
+    expire_in: 7 days
+  allow_failure: true  # Don't fail deployment on performance issues
+  needs:
+    - job: verify_dev_deployment
+      artifacts: false  # Run after deployment verification succeeds
+
+# Performance testing against production server (master branch only)
+performance_tests_prod:
+  stage: deploy
+  image: python:3.11-alpine
   only:
     - master
-
-build-image:
-  image: docker
-  services:
-    - docker:dind
+  when: on_success  # Run automatically after successful deployment verification
+  variables:
+    PROD_URL: "https://libravatar.org"
+    PYTHONUNBUFFERED: 1
   before_script:
-    - docker info
-    - docker login -u "$CI_REGISTRY_USER" -p "$CI_REGISTRY_PASSWORD" $CI_REGISTRY
-
+    - apk add --no-cache curl
+    - pip install requests Pillow prettytable pyLibravatar dnspython py3dns
   script:
-     - ls -lah
-     - |
-       if [[ "$CI_COMMIT_BRANCH" == "$CI_DEFAULT_BRANCH" ]]; then
-         tag=""
-         echo "Running on default branch '$CI_DEFAULT_BRANCH': tag = 'latest'"
-       else
-         tag=":$CI_COMMIT_REF_SLUG"
-         echo "Running on branch '$CI_COMMIT_BRANCH': tag = $tag"
-       fi
-     - docker build --pull -t "$CI_REGISTRY_IMAGE${tag}" .
-     - docker push "$CI_REGISTRY_IMAGE${tag}"
+    - echo "Running performance tests against libravatar.org..."
+    - python3 scripts/performance_tests.py --base-url $PROD_URL --concurrent-users 3 --output performance_prod.json
+  artifacts:
+    paths:
+      - performance_prod.json
+    expire_in: 30 days  # Keep production results longer
+  allow_failure: true  # Don't fail deployment on performance issues
+  needs:
+    - job: verify_prod_deployment
+      artifacts: false  # Run after deployment verification succeeds
+
+# Manual performance testing against production (for on-demand testing)
+performance_tests_prod_manual:
+  stage: deploy
+  image: python:3.11-alpine
+  only:
+    - master
+  when: manual  # Manual trigger for on-demand performance testing
+  variables:
+    PROD_URL: "https://libravatar.org"
+    PYTHONUNBUFFERED: 1
+  before_script:
+    - apk add --no-cache curl
+    - pip install requests Pillow prettytable pyLibravatar dnspython py3dns
+  script:
+    - echo "Running manual performance tests against libravatar.org..."
+    - python3 scripts/performance_tests.py --base-url $PROD_URL --concurrent-users 5 --output performance_prod_manual.json
+  artifacts:
+    paths:
+      - performance_prod_manual.json
+    expire_in: 30 days
+  allow_failure: true
+
+# Deployment verification jobs
+verify_dev_deployment:
+  stage: deploy
+  image: python:3.11-alpine
+  only:
+    - devel
+  variables:
+    DEV_URL: "https://dev.libravatar.org"
+    MAX_RETRIES: 30
+    RETRY_DELAY: 60
+    PYTHONUNBUFFERED: 1
+  before_script:
+    - apk add --no-cache curl git
+    - pip install Pillow
+  script:
+    - echo "Waiting for dev.libravatar.org deployment to complete..."
+    - python3 scripts/check_deployment.py --dev --max-retries $MAX_RETRIES --retry-delay $RETRY_DELAY
+  allow_failure: false
+
+verify_prod_deployment:
+  stage: deploy
+  image: python:3.11-alpine
+  only:
+    - master
+  when: on_success
+  variables:
+    PROD_URL: "https://libravatar.org"
+    MAX_RETRIES: 10
+    RETRY_DELAY: 30
+    PYTHONUNBUFFERED: 1
+  before_script:
+    - apk add --no-cache curl git
+    - pip install Pillow
+  script:
+    - echo "Verifying production deployment..."
+    - python3 scripts/check_deployment.py --prod --max-retries $MAX_RETRIES --retry-delay $RETRY_DELAY
+  allow_failure: false
+
+include:
+  - template: Jobs/SAST.gitlab-ci.yml
+  - template: Jobs/Dependency-Scanning.gitlab-ci.yml
+  - template: Jobs/Secret-Detection.gitlab-ci.yml

.gitlab/issue_templates/example-template.md

@@ -0,0 +1,5 @@
+# Dscribe your issue
+
+# What have you tried to far?
+
+# Links / Pointer / Resources

.pre-commit-config.yaml

@@ -4,16 +4,20 @@ repos:
     hooks:
     -   id: check-useless-excludes
 -   repo: https://github.com/pre-commit/mirrors-prettier
-    rev: v3.0.0-alpha.4
+    rev: v4.0.0-alpha.8
     hooks:
     -   id: prettier
         files: \.(css|js|md|markdown|json)
 -   repo: https://github.com/python/black
-    rev: 22.10.0
+    rev: 25.9.0
     hooks:
     -   id: black
+-   repo: https://github.com/asottile/pyupgrade
+    rev: v3.21.0
+    hooks:
+    -   id: pyupgrade
 -   repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v6.0.0
     hooks:
     -   id: check-added-large-files
     -   id: check-ast
@@ -28,7 +32,6 @@ repos:
         args:
         - --unsafe
     -   id: end-of-file-fixer
-    -   id: fix-encoding-pragma
     -   id: forbid-new-submodules
     -   id: no-commit-to-branch
         args:
@@ -38,7 +41,7 @@ repos:
     -   id: sort-simple-yaml
     -   id: trailing-whitespace
 -   repo: https://github.com/PyCQA/flake8
-    rev: 6.0.0
+    rev: 7.3.0
     hooks:
     -   id: flake8
 -   repo: local
@@ -57,16 +60,17 @@ repos:
         types:
         - shell
 -   repo: https://github.com/asottile/blacken-docs
-    rev: v1.12.1
+    rev: 1.20.0
     hooks:
     -   id: blacken-docs
--   repo: https://github.com/hcodes/yaspeller.git
-    rev: v8.0.1
-    hooks:
-    -   id: yaspeller
-
-        types:
-        - markdown
+# YASpeller does not seem to work anymore
+# -   repo: https://github.com/hcodes/yaspeller.git
+#     rev: v8.0.1
+#     hooks:
+#     -   id: yaspeller
+#
+#         types:
+#         - markdown
 -   repo: https://github.com/kadrach/pre-commit-gitlabci-lint
     rev: 22d0495c9894e8b27cc37c2ed5d9a6b46385a44c
     hooks:

Dockerfile

@@ -1,17 +1,22 @@
-FROM quay.io/rhn_support_ofalk/fedora35-python3
+FROM git.linux-kernel.at:5050/oliver/fedora40-python3:latest
 LABEL maintainer Oliver Falk <oliver@linux-kernel.at>
 EXPOSE 8081
 
-RUN pip3 install pip --upgrade
-
 ADD . /opt/ivatar-devel
 
 WORKDIR /opt/ivatar-devel
 
-RUN pip3 install Pillow && pip3 install -r requirements.txt && pip3 install python-coveralls coverage pycco django_coverage_plugin
+RUN pip3 install pip --upgrade \
+ && virtualenv .virtualenv \
+ && source .virtualenv/bin/activate \
+ && pip3 install Pillow \
+ && pip3 install -r requirements.txt \
+ && pip3 install python-coveralls coverage pycco django_coverage_plugin
 
 RUN echo "DEBUG = True" >> /opt/ivatar-devel/config_local.py
 RUN echo "EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'" >> /opt/ivatar-devel/config_local.py
-RUN python3 manage.py migrate && python3 manage.py collectstatic --noinput
-RUN echo "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('admin', 'admin@local.tld', 'admin')" | python manage.py shell
-ENTRYPOINT python3 ./manage.py runserver 0:8081
+RUN source .virtualenv/bin/activate \
+ && python3 manage.py migrate \
+ && python3 manage.py collectstatic --noinput \
+ && echo "from django.contrib.auth import get_user_model; User = get_user_model(); User.objects.create_superuser('admin', 'admin@local.tld', 'admin')" | python manage.py shell
+ENTRYPOINT source .virtualenv/bin/activate && python3 ./manage.py runserver 0:8081

FILE_UPLOAD_SECURITY.md

@@ -0,0 +1,229 @@
+# File Upload Security Documentation
+
+## Overview
+
+The ivatar application now includes comprehensive file upload security features to protect against malicious file uploads, data leaks, and other security threats.
+
+## Security Features
+
+### 1. File Type Validation
+
+**Magic Bytes Verification**
+
+- Validates file signatures (magic bytes) to ensure uploaded files are actually images
+- Supports JPEG, PNG, GIF, WebP, BMP, and TIFF formats
+- Prevents file extension spoofing attacks
+
+**MIME Type Validation**
+
+- Uses python-magic library to detect actual MIME types
+- Cross-references with allowed MIME types list
+- Prevents MIME type confusion attacks
+
+### 2. Content Security Scanning
+
+**Malicious Content Detection**
+
+- Scans for embedded scripts (`<script>`, `javascript:`, `vbscript:`)
+- Detects executable content (PE headers, ELF headers)
+- Identifies polyglot attacks (files valid in multiple formats)
+- Checks for PHP and other server-side code
+
+**PIL Image Validation**
+
+- Uses Python Imaging Library to verify file is a valid image
+- Checks image dimensions and format
+- Ensures image can be properly loaded and processed
+
+### 3. EXIF Data Sanitization
+
+**Metadata Removal**
+
+- Automatically strips EXIF data from uploaded images
+- Prevents location data and other sensitive metadata leaks
+- Preserves image quality while removing privacy risks
+
+### 4. Enhanced Logging
+
+**Security Event Logging**
+
+- Logs all file upload attempts with user ID and IP address
+- Records security violations and suspicious activity
+- Provides audit trail for security monitoring
+
+## Configuration
+
+### Settings
+
+All security features can be configured in `config.py` or overridden in `config_local.py`:
+
+```python
+# File upload security settings
+ENABLE_FILE_SECURITY_VALIDATION = True
+ENABLE_EXIF_SANITIZATION = True
+ENABLE_MALICIOUS_CONTENT_SCAN = True
+```
+
+### Dependencies
+
+The security features require the following Python packages:
+
+```bash
+pip install python-magic>=0.4.27
+```
+
+**Note**: On some systems, you may need to install the libmagic system library:
+
+- **Ubuntu/Debian**: `sudo apt-get install libmagic1`
+- **CentOS/RHEL**: `sudo yum install file-devel`
+- **macOS**: `brew install libmagic`
+
+## Security Levels
+
+### Security Score System
+
+Files are assigned a security score (0-100) based on validation results:
+
+- **90-100**: Excellent - No security concerns
+- **80-89**: Good - Minor warnings, safe to process
+- **70-79**: Fair - Some concerns, review recommended
+- **50-69**: Poor - Multiple issues, high risk
+- **0-49**: Critical - Malicious content detected, reject
+
+### Validation Levels
+
+1. **Basic Validation**: File size, filename, extension
+2. **Magic Bytes**: File signature verification
+3. **MIME Type**: Content type validation
+4. **PIL Validation**: Image format verification
+5. **Security Scan**: Malicious content detection
+6. **EXIF Sanitization**: Metadata removal
+
+## API Reference
+
+### FileValidator Class
+
+```python
+from ivatar.file_security import FileValidator
+
+validator = FileValidator(file_data, filename)
+results = validator.comprehensive_validation()
+```
+
+### Main Validation Function
+
+```python
+from ivatar.file_security import validate_uploaded_file
+
+is_valid, results, sanitized_data = validate_uploaded_file(file_data, filename)
+```
+
+### Security Report Generation
+
+```python
+from ivatar.file_security import get_file_security_report
+
+report = get_file_security_report(file_data, filename)
+```
+
+## Error Handling
+
+### Validation Errors
+
+The system provides user-friendly error messages while logging detailed security information:
+
+- **Malicious Content**: "File appears to be malicious and cannot be uploaded"
+- **Invalid Format**: "File format not supported or file appears to be corrupted"
+
+### Logging Levels
+
+- **INFO**: Successful uploads and normal operations
+- **WARNING**: Security violations and suspicious activity
+- **ERROR**: Validation failures and system errors
+
+## Testing
+
+### Running Security Tests
+
+```bash
+python manage.py test ivatar.test_file_security
+```
+
+### Test Coverage
+
+The test suite covers:
+
+- Valid file validation
+- Malicious content detection
+- Magic bytes verification
+- MIME type validation
+- EXIF sanitization
+- Form validation
+- Integration tests
+
+## Performance Considerations
+
+### Memory Usage
+
+- Files are processed in memory for validation
+- Large files (>5MB) may impact performance
+- Consider increasing server memory for high-volume deployments
+
+### Processing Time
+
+- Basic validation: <10ms
+- Full security scan: 50-200ms
+- EXIF sanitization: 100-500ms
+- Total overhead: ~200-700ms per upload
+
+## Troubleshooting
+
+### Common Issues
+
+1. **python-magic Import Error**
+
+   - Install libmagic system library
+   - Verify python-magic installation
+
+2. **False Positives**
+   - Review security score thresholds
+   - Adjust validation settings
+
+### Debug Mode
+
+Enable debug logging to troubleshoot validation issues:
+
+```python
+LOGGING = {
+    "loggers": {
+        "ivatar.security": {
+            "level": "DEBUG",
+        },
+    },
+}
+```
+
+## Security Best Practices
+
+### Deployment Recommendations
+
+1. **Enable All Security Features** in production
+2. **Monitor Security Logs** regularly
+3. **Keep Dependencies Updated**
+4. **Regular Security Audits** of uploaded content
+
+### Monitoring
+
+- Monitor security.log for violations
+- Track upload success/failure rates
+- Alert on repeated security violations
+
+## Future Enhancements
+
+Potential future improvements:
+
+- Virus scanning integration (ClamAV)
+- Content-based image analysis
+- Machine learning threat detection
+- Advanced polyglot detection
+- Real-time threat intelligence feeds

INSTALL.md

@@ -19,19 +19,19 @@ sudo apt-get install git python3-virtualenv libmariadb-dev libldap2-dev libsasl2
 
 ## Checkout
 
-~~~~bash
+```bash
 git clone https://git.linux-kernel.at/oliver/ivatar.git
 cd ivatar
-~~~~
+```
 
 ## Virtual environment
 
-~~~~bash
-virtualenv -p python3 .virtualenv 
+```bash
+virtualenv -p python3 .virtualenv
 source .virtualenv/bin/activate
 pip install pillow
 pip install -r requirements.txt
-~~~~
+```
 
 ## (SQL) Migrations
 
@@ -58,10 +58,55 @@ pip install -r requirements.txt
 ```
 
 ## Running the testsuite
+
 ```
 ./manage.py test -v3 # Or any other verbosity level you like
 ```
 
+## Configuration
+
+### Gravatar Proxy and Redirect Settings
+
+By default, ivatar is configured to work well for public instances like libravatar.org. However, for local or private instances, you may want to disable external requests to Gravatar. You can configure the default behavior by adding these settings to your `config_local.py`:
+
+```python
+# Default settings for Gravatar proxy and redirect behavior
+# These can be overridden by URL parameters (?gravatarproxy=n&gravatarredirect=n)
+
+# Whether to proxy requests to Gravatar when no local avatar is found (default: True)
+DEFAULT_GRAVATARPROXY = False
+
+# Whether to redirect directly to Gravatar when no local avatar is found (default: False)
+DEFAULT_GRAVATARREDIRECT = False
+
+# Whether to force default behavior even when a user avatar exists (default: False)
+FORCEDEFAULT = False
+```
+
+**Use cases:**
+
+- **Private/Local instances**: Set `DEFAULT_GRAVATARPROXY = False` and `DEFAULT_GRAVATARREDIRECT = False` to prevent external requests
+- **Gravatar-first instances**: Set `DEFAULT_GRAVATARREDIRECT = True` to redirect to Gravatar instead of proxying
+- **Testing/Development**: Set `FORCEDEFAULT = True` to always use default avatars
+
+**Note**: URL parameters (`?gravatarproxy=n`, `?gravatarredirect=y`, `?forcedefault=y`) will always override these configuration defaults.
+
+### OpenID Connect authentication with Fedora
+
+To enable OpenID Connect (OIDC) authentication with Fedora, you must have obtained a `client_id` and `client_secret` pair from the Fedora Infrastructure.
+Then you must set these values in `config_local.py`:
+
+```
+SOCIAL_AUTH_FEDORA_KEY = "the-client-id"
+SOCIAL_AUTH_FEDORA_SECRET = "the-client-secret"
+```
+
+You can override the location of the OIDC provider with the `SOCIAL_AUTH_FEDORA_OIDC_ENDPOINT` setting. For example, to authenticate with Fedora's staging environment, set this in `config_local.py`:
+
+```
+SOCIAL_AUTH_FEDORA_OIDC_ENDPOINT = "https://id.stg.fedoraproject.org"
+```
+
 # Production deployment Webserver (non-cloudy)
 
 To deploy this Django application with WSGI on Apache, NGINX or any other web server, please refer to the the webserver documentation; There are also plenty of howtos on the net (I'll not LMGTFY...)
@@ -82,4 +127,4 @@ There is a file called ebcreate.txt as well as a directory called .ebextensions,
 
 ## Database
 
-It should work with SQLite (do *not* use in production!), MySQL/MariaDB, as well as PostgreSQL.
+It should work with SQLite (do _not_ use in production!), MySQL/MariaDB, as well as PostgreSQL.

MANIFEST.in

@@ -0,0 +1,10 @@
+include *.py
+include *.md
+include COPYING
+include LICENSE
+recursive-include templates *
+recursive-include ivatar *
+exclude .virtualenv
+exclude libravatar.egg-info
+global-exclude *.py[co]
+global-exclude __pycache__

OPENTELEMETRY.md

@@ -0,0 +1,463 @@
+# OpenTelemetry Integration for ivatar
+
+This document describes the OpenTelemetry integration implemented in the ivatar project, providing comprehensive observability for avatar generation, file uploads, authentication, and system performance.
+
+## Overview
+
+OpenTelemetry is integrated into ivatar to provide:
+
+- **Distributed Tracing**: Track requests across the entire avatar generation pipeline
+- **Custom Metrics**: Monitor avatar-specific operations and performance
+- **Multi-Instance Support**: Distinguish between production and development environments
+- **Infrastructure Integration**: Works with existing Prometheus/Grafana stack
+
+## Architecture
+
+### Components
+
+1. **OpenTelemetry Configuration** (`ivatar/opentelemetry_config.py`)
+
+   - Centralized configuration management
+   - Environment-based setup
+   - Resource creation with service metadata
+
+2. **Custom Middleware** (`ivatar/opentelemetry_middleware.py`)
+
+   - Request/response tracing
+   - Avatar-specific metrics
+   - Custom decorators for operation tracing
+
+3. **Instrumentation Integration**
+   - Django framework instrumentation
+   - Database query tracing (PostgreSQL/MySQL)
+   - HTTP client instrumentation
+   - Cache instrumentation (Memcached)
+
+## Configuration
+
+### Environment Variables
+
+| Variable                      | Description                          | Default       | Required |
+| ----------------------------- | ------------------------------------ | ------------- | -------- |
+| `OTEL_EXPORT_ENABLED`         | Enable OpenTelemetry data export     | `false`       | No       |
+| `OTEL_SERVICE_NAME`           | Service name identifier              | `ivatar`      | No       |
+| `OTEL_ENVIRONMENT`            | Environment (production/development) | `development` | No       |
+| `OTEL_EXPORTER_OTLP_ENDPOINT` | OTLP collector endpoint              | None          | No       |
+| `OTEL_PROMETHEUS_ENDPOINT`    | Local Prometheus server (dev only)   | None          | No       |
+| `IVATAR_VERSION`              | Application version                  | `2.0`         | No       |
+| `HOSTNAME`                    | Instance identifier                  | `unknown`     | No       |
+
+### Multi-Instance Configuration
+
+#### Production Environment
+
+```bash
+export OTEL_EXPORT_ENABLED=true
+export OTEL_SERVICE_NAME=ivatar-production
+export OTEL_ENVIRONMENT=production
+export OTEL_EXPORTER_OTLP_ENDPOINT=http://collector.internal:4317
+export HOSTNAME=prod-instance-01
+```
+
+**Note**: In production, metrics are exported via OTLP to your existing Prometheus server. Do not set `OTEL_PROMETHEUS_ENDPOINT` in production.
+
+#### Development Environment
+
+```bash
+export OTEL_EXPORT_ENABLED=true
+export OTEL_SERVICE_NAME=ivatar-development
+export OTEL_ENVIRONMENT=development
+export OTEL_EXPORTER_OTLP_ENDPOINT=http://collector.internal:4317
+export OTEL_PROMETHEUS_ENDPOINT=0.0.0.0:9467
+export IVATAR_VERSION=2.0-dev
+export HOSTNAME=dev-instance-01
+```
+
+**Note**: In development, you can optionally set `OTEL_PROMETHEUS_ENDPOINT` to start a local HTTP server for testing metrics.
+
+## Metrics
+
+### Custom Metrics
+
+#### Avatar Operations
+
+- `ivatar_requests_total`: Total HTTP requests by method, status, path
+- `ivatar_request_duration_seconds`: Request duration histogram
+- `ivatar_avatar_requests_total`: Avatar requests by status, size, format
+- `ivatar_avatar_generation_seconds`: Avatar generation time histogram
+- `ivatar_avatars_generated_total`: Avatars generated by size, format, source
+- `ivatar_avatar_cache_hits_total`: Cache hits by size, format
+- `ivatar_avatar_cache_misses_total`: Cache misses by size, format
+- `ivatar_external_avatar_requests_total`: External service requests
+- `ivatar_file_uploads_total`: File uploads by content type, success
+- `ivatar_file_upload_size_bytes`: File upload size histogram
+
+#### Labels/Dimensions
+
+- `method`: HTTP method (GET, POST, etc.)
+- `status_code`: HTTP status code
+- `path`: Request path
+- `size`: Avatar size (80, 128, 256, etc.)
+- `format`: Image format (png, jpg, gif, etc.)
+- `source`: Avatar source (uploaded, generated, external)
+- `service`: External service name (gravatar, bluesky)
+- `content_type`: File MIME type
+- `success`: Operation success (true/false)
+
+### Example Queries
+
+#### Avatar Generation Rate
+
+```promql
+rate(ivatar_avatars_generated_total[5m])
+```
+
+#### Cache Hit Ratio
+
+```promql
+rate(ivatar_avatar_cache_hits_total[5m]) /
+(rate(ivatar_avatar_cache_hits_total[5m]) + rate(ivatar_avatar_cache_misses_total[5m]))
+```
+
+#### Average Avatar Generation Time
+
+```promql
+histogram_quantile(0.95, rate(ivatar_avatar_generation_seconds_bucket[5m]))
+```
+
+#### File Upload Success Rate
+
+```promql
+rate(ivatar_file_uploads_total{success="true"}[5m]) /
+rate(ivatar_file_uploads_total[5m])
+```
+
+## Tracing
+
+### Trace Points
+
+#### Request Lifecycle
+
+- HTTP request processing
+- Avatar generation pipeline
+- File upload and processing
+- Authentication flows
+- External API calls
+
+#### Custom Spans
+
+- `avatar.generate_png`: PNG image generation
+- `avatar.gravatar_proxy`: Gravatar service proxy
+- `file_upload.process`: File upload processing
+- `auth.login`: User authentication
+- `auth.logout`: User logout
+
+### Span Attributes
+
+#### HTTP Attributes
+
+- `http.method`: HTTP method
+- `http.url`: Full request URL
+- `http.status_code`: Response status code
+- `http.user_agent`: Client user agent
+- `http.remote_addr`: Client IP address
+
+#### Avatar Attributes
+
+- `ivatar.request_type`: Request type (avatar, stats, etc.)
+- `ivatar.avatar_size`: Requested avatar size
+- `ivatar.avatar_format`: Requested format
+- `ivatar.avatar_email`: Email address (if applicable)
+
+#### File Attributes
+
+- `file.name`: Uploaded file name
+- `file.size`: File size in bytes
+- `file.content_type`: MIME type
+
+## Infrastructure Requirements
+
+### Option A: Extend Existing Stack (Recommended)
+
+The existing monitoring stack can be extended to support OpenTelemetry:
+
+#### Alloy Configuration
+
+```yaml
+# Add to existing Alloy configuration
+otelcol.receiver.otlp:
+  grpc:
+    endpoint: 0.0.0.0:4317
+  http:
+    endpoint: 0.0.0.0:4318
+
+otelcol.processor.batch:
+  timeout: 1s
+  send_batch_size: 1024
+
+otelcol.exporter.prometheus:
+  endpoint: "0.0.0.0:9464"
+
+otelcol.exporter.jaeger:
+  endpoint: "jaeger-collector:14250"
+
+otelcol.pipeline.traces:
+  receivers: [otelcol.receiver.otlp]
+  processors: [otelcol.processor.batch]
+  exporters: [otelcol.exporter.jaeger]
+
+otelcol.pipeline.metrics:
+  receivers: [otelcol.receiver.otlp]
+  processors: [otelcol.processor.batch]
+  exporters: [otelcol.exporter.prometheus]
+```
+
+#### Prometheus Configuration
+
+```yaml
+scrape_configs:
+  - job_name: "ivatar-opentelemetry"
+    static_configs:
+      - targets: ["ivatar-prod:9464", "ivatar-dev:9464"]
+    scrape_interval: 15s
+    metrics_path: /metrics
+```
+
+### Option B: Dedicated OpenTelemetry Collector
+
+For full OpenTelemetry features, deploy a dedicated collector:
+
+#### Collector Configuration
+
+```yaml
+receivers:
+  otlp:
+    protocols:
+      grpc:
+        endpoint: 0.0.0.0:4317
+      http:
+        endpoint: 0.0.0.0:4318
+
+processors:
+  batch:
+    timeout: 1s
+    send_batch_size: 1024
+  resource:
+    attributes:
+      - key: environment
+        from_attribute: deployment.environment
+        action: insert
+
+exporters:
+  prometheus:
+    endpoint: "0.0.0.0:9464"
+  jaeger:
+    endpoint: "jaeger-collector:14250"
+  logging:
+    loglevel: debug
+
+service:
+  pipelines:
+    traces:
+      receivers: [otlp]
+      processors: [batch, resource]
+      exporters: [jaeger, logging]
+    metrics:
+      receivers: [otlp]
+      processors: [batch, resource]
+      exporters: [prometheus, logging]
+```
+
+## Deployment
+
+### Development Setup
+
+1. **Install Dependencies**
+
+   ```bash
+   pip install -r requirements.txt
+   ```
+
+2. **Configure Environment**
+
+   ```bash
+   export OTEL_ENABLED=true
+   export OTEL_SERVICE_NAME=ivatar-development
+   export OTEL_ENVIRONMENT=development
+   ```
+
+3. **Start Development Server**
+
+   ```bash
+   ./manage.py runserver 0:8080
+   ```
+
+4. **Verify Metrics**
+   ```bash
+   curl http://localhost:9464/metrics
+   ```
+
+### Production Deployment
+
+1. **Update Container Images**
+
+   - Add OpenTelemetry dependencies to requirements.txt
+   - Update container build process
+
+2. **Configure Environment Variables**
+
+   - Set production-specific OpenTelemetry variables
+   - Configure collector endpoints
+
+3. **Update Monitoring Stack**
+
+   - Extend Alloy configuration
+   - Update Prometheus scrape configs
+   - Configure Grafana dashboards
+
+4. **Verify Deployment**
+   - Check metrics endpoint accessibility
+   - Verify trace data flow
+   - Monitor dashboard updates
+
+## Monitoring and Alerting
+
+### Key Metrics to Monitor
+
+#### Performance
+
+- Request duration percentiles (p50, p95, p99)
+- Avatar generation time
+- Cache hit ratio
+- File upload success rate
+
+#### Business Metrics
+
+- Avatar requests per minute
+- Popular avatar sizes
+- External service usage
+- User authentication success rate
+
+#### Error Rates
+
+- HTTP error rates by endpoint
+- File upload failures
+- External service failures
+- Authentication failures
+
+### Example Alerts
+
+#### High Error Rate
+
+```yaml
+alert: HighErrorRate
+expr: rate(ivatar_requests_total{status_code=~"5.."}[5m]) > 0.1
+for: 2m
+labels:
+  severity: warning
+annotations:
+  summary: "High error rate detected"
+  description: "Error rate is {{ $value }} errors per second"
+```
+
+#### Slow Avatar Generation
+
+```yaml
+alert: SlowAvatarGeneration
+expr: histogram_quantile(0.95, rate(ivatar_avatar_generation_seconds_bucket[5m])) > 2
+for: 5m
+labels:
+  severity: warning
+annotations:
+  summary: "Slow avatar generation"
+  description: "95th percentile avatar generation time is {{ $value }}s"
+```
+
+#### Low Cache Hit Ratio
+
+```yaml
+alert: LowCacheHitRatio
+expr: (rate(ivatar_avatar_cache_hits_total[5m]) / (rate(ivatar_avatar_cache_hits_total[5m]) + rate(ivatar_avatar_cache_misses_total[5m]))) < 0.8
+for: 10m
+labels:
+  severity: warning
+annotations:
+  summary: "Low cache hit ratio"
+  description: "Cache hit ratio is {{ $value }}"
+```
+
+## Troubleshooting
+
+### Common Issues
+
+#### OpenTelemetry Not Enabled
+
+- Check `OTEL_ENABLED` environment variable
+- Verify OpenTelemetry packages are installed
+- Check Django logs for configuration errors
+
+#### Metrics Not Appearing
+
+- Verify Prometheus endpoint is accessible
+- Check collector configuration
+- Ensure metrics are being generated
+
+#### Traces Not Showing
+
+- Verify OTLP endpoint configuration
+- Check collector connectivity
+- Ensure tracing is enabled in configuration
+
+#### High Memory Usage
+
+- Adjust batch processor settings
+- Reduce trace sampling rate
+- Monitor collector resource usage
+
+### Debug Mode
+
+Enable debug logging for OpenTelemetry:
+
+```python
+LOGGING = {
+    "loggers": {
+        "opentelemetry": {
+            "level": "DEBUG",
+        },
+        "ivatar.opentelemetry": {
+            "level": "DEBUG",
+        },
+    },
+}
+```
+
+### Performance Considerations
+
+- **Sampling**: Implement trace sampling for high-traffic production
+- **Batch Processing**: Use appropriate batch sizes for your infrastructure
+- **Resource Limits**: Monitor collector resource usage
+- **Network**: Ensure low-latency connections to collectors
+
+## Security Considerations
+
+- **Data Privacy**: Ensure no sensitive data in trace attributes
+- **Network Security**: Use TLS for collector communications
+- **Access Control**: Restrict access to metrics endpoints
+- **Data Retention**: Configure appropriate retention policies
+
+## Future Enhancements
+
+- **Custom Dashboards**: Create Grafana dashboards for avatar metrics
+- **Advanced Sampling**: Implement intelligent trace sampling
+- **Log Correlation**: Correlate traces with application logs
+- **Performance Profiling**: Add profiling capabilities
+- **Custom Exports**: Export to additional backends (Datadog, New Relic)
+
+## Support
+
+For issues related to OpenTelemetry integration:
+
+- Check application logs for configuration errors
+- Verify collector connectivity
+- Review Prometheus metrics for data flow
+- Consult OpenTelemetry documentation for advanced configuration

OPENTELEMETRY_INFRASTRUCTURE.md

@@ -0,0 +1,431 @@
+# OpenTelemetry Infrastructure Requirements
+
+This document outlines the infrastructure requirements and deployment strategy for OpenTelemetry in the ivatar project, considering the existing Fedora Project hosting environment and multi-instance setup.
+
+## Current Infrastructure Analysis
+
+### Existing Monitoring Stack
+
+- **Prometheus + Alertmanager**: Metrics collection and alerting
+- **Loki**: Log aggregation
+- **Alloy**: Observability data collection
+- **Grafana**: Visualization and dashboards
+- **Custom exporters**: Application-specific metrics
+
+### Production Environment
+
+- **Scale**: Millions of requests daily, 30k+ users, 33k+ avatar images
+- **Infrastructure**: Fedora Project hosted, high-performance system
+- **Architecture**: Apache HTTPD + Gunicorn containers + PostgreSQL
+- **Containerization**: Podman (not Docker)
+
+### Multi-Instance Setup
+
+- **Production**: Production environment (master branch)
+- **Development**: Development environment (devel branch)
+- **Deployment**: GitLab CI/CD with Puppet automation
+
+## Infrastructure Options
+
+### Option A: Extend Existing Alloy Stack (Recommended)
+
+**Advantages:**
+
+- Leverages existing infrastructure
+- Minimal additional complexity
+- Consistent with current monitoring approach
+- Cost-effective
+
+**Implementation:**
+
+```yaml
+# Alloy configuration extension
+otelcol.receiver.otlp:
+  grpc:
+    endpoint: 0.0.0.0:4317
+  http:
+    endpoint: 0.0.0.0:4318
+
+otelcol.processor.batch:
+  timeout: 1s
+  send_batch_size: 1024
+
+otelcol.exporter.prometheus:
+  endpoint: "0.0.0.0:9464"
+
+otelcol.exporter.jaeger:
+  endpoint: "jaeger-collector:14250"
+
+otelcol.pipeline.traces:
+  receivers: [otelcol.receiver.otlp]
+  processors: [otelcol.processor.batch]
+  exporters: [otelcol.exporter.jaeger]
+
+otelcol.pipeline.metrics:
+  receivers: [otelcol.receiver.otlp]
+  processors: [otelcol.processor.batch]
+  exporters: [otelcol.exporter.prometheus]
+```
+
+### Option B: Dedicated OpenTelemetry Collector
+
+**Advantages:**
+
+- Full OpenTelemetry feature set
+- Better performance for high-volume tracing
+- More flexible configuration options
+- Future-proof architecture
+
+**Implementation:**
+
+- Deploy standalone OpenTelemetry Collector
+- Configure OTLP receivers and exporters
+- Integrate with existing Prometheus/Grafana
+
+## Deployment Strategy
+
+### Phase 1: Development Environment
+
+1. **Enable OpenTelemetry in Development**
+
+   ```bash
+   # Development environment configuration
+   export OTEL_ENABLED=true
+   export OTEL_SERVICE_NAME=ivatar-development
+   export OTEL_ENVIRONMENT=development
+   export OTEL_EXPORTER_OTLP_ENDPOINT=http://collector.internal:4317
+   export OTEL_PROMETHEUS_ENDPOINT=0.0.0.0:9464
+   ```
+
+2. **Update Alloy Configuration**
+
+   - Add OTLP receivers to existing Alloy instance
+   - Configure trace and metrics pipelines
+   - Test data flow
+
+3. **Verify Integration**
+   - Check metrics endpoint: `http://dev-instance:9464/metrics`
+   - Verify trace data in Jaeger
+   - Monitor Grafana dashboards
+
+### Phase 2: Production Deployment
+
+1. **Production Configuration**
+
+   ```bash
+   # Production environment configuration
+   export OTEL_ENABLED=true
+   export OTEL_SERVICE_NAME=ivatar-production
+   export OTEL_ENVIRONMENT=production
+   export OTEL_EXPORTER_OTLP_ENDPOINT=http://collector.internal:4317
+   export OTEL_PROMETHEUS_ENDPOINT=0.0.0.0:9464
+   ```
+
+2. **Gradual Rollout**
+
+   - Deploy to one Gunicorn container first
+   - Monitor performance impact
+   - Gradually enable on all containers
+
+3. **Performance Monitoring**
+   - Monitor collector resource usage
+   - Check application performance impact
+   - Verify data quality
+
+## Resource Requirements
+
+### Collector Resources
+
+**Minimum Requirements:**
+
+- CPU: 2 cores
+- Memory: 4GB RAM
+- Storage: 10GB for temporary data
+- Network: 1Gbps
+
+**Recommended for Production:**
+
+- CPU: 4 cores
+- Memory: 8GB RAM
+- Storage: 50GB SSD
+- Network: 10Gbps
+
+### Network Requirements
+
+**Ports:**
+
+- 4317: OTLP gRPC receiver
+- 4318: OTLP HTTP receiver
+- 9464: Prometheus metrics exporter
+- 14250: Jaeger trace exporter
+
+**Bandwidth:**
+
+- Estimated 1-5 Mbps per instance
+- Burst capacity for peak loads
+- Low-latency connection to collectors
+
+## Configuration Management
+
+### Environment-Specific Settings
+
+#### Production Environment
+
+```bash
+# Production OpenTelemetry configuration
+OTEL_ENABLED=true
+OTEL_SERVICE_NAME=ivatar-production
+OTEL_ENVIRONMENT=production
+OTEL_EXPORTER_OTLP_ENDPOINT=http://collector.internal:4317
+OTEL_PROMETHEUS_ENDPOINT=0.0.0.0:9464
+OTEL_SAMPLING_RATIO=0.1  # 10% sampling for high volume
+HOSTNAME=prod-instance-01
+```
+
+#### Development Environment
+
+```bash
+# Development OpenTelemetry configuration
+OTEL_ENABLED=true
+OTEL_SERVICE_NAME=ivatar-development
+OTEL_ENVIRONMENT=development
+OTEL_EXPORTER_OTLP_ENDPOINT=http://collector.internal:4317
+OTEL_PROMETHEUS_ENDPOINT=0.0.0.0:9464
+OTEL_SAMPLING_RATIO=1.0  # 100% sampling for debugging
+HOSTNAME=dev-instance-01
+```
+
+### Container Configuration
+
+#### Podman Container Updates
+
+```dockerfile
+# Add to existing Dockerfile
+RUN pip install opentelemetry-api>=1.20.0 \
+    opentelemetry-sdk>=1.20.0 \
+    opentelemetry-instrumentation-django>=0.42b0 \
+    opentelemetry-instrumentation-psycopg2>=0.42b0 \
+    opentelemetry-instrumentation-pymysql>=0.42b0 \
+    opentelemetry-instrumentation-requests>=0.42b0 \
+    opentelemetry-instrumentation-urllib3>=0.42b0 \
+    opentelemetry-exporter-otlp>=1.20.0 \
+    opentelemetry-exporter-prometheus>=1.12.0rc1 \
+    opentelemetry-instrumentation-memcached>=0.42b0
+```
+
+#### Container Environment Variables
+
+```bash
+# Add to container startup script
+export OTEL_ENABLED=${OTEL_ENABLED:-false}
+export OTEL_SERVICE_NAME=${OTEL_SERVICE_NAME:-ivatar}
+export OTEL_ENVIRONMENT=${OTEL_ENVIRONMENT:-development}
+export OTEL_EXPORTER_OTLP_ENDPOINT=${OTEL_EXPORTER_OTLP_ENDPOINT}
+export OTEL_PROMETHEUS_ENDPOINT=${OTEL_PROMETHEUS_ENDPOINT:-0.0.0.0:9464}
+```
+
+## Monitoring and Alerting
+
+### Collector Health Monitoring
+
+#### Collector Metrics
+
+- `otelcol_receiver_accepted_spans`: Spans received by collector
+- `otelcol_receiver_refused_spans`: Spans rejected by collector
+- `otelcol_exporter_sent_spans`: Spans sent to exporters
+- `otelcol_exporter_failed_spans`: Failed span exports
+
+#### Health Checks
+
+```yaml
+# Prometheus health check
+- job_name: "otel-collector-health"
+  static_configs:
+    - targets: ["collector.internal:8888"]
+  metrics_path: /metrics
+  scrape_interval: 30s
+```
+
+### Application Performance Impact
+
+#### Key Metrics to Monitor
+
+- Application response time impact
+- Memory usage increase
+- CPU usage increase
+- Network bandwidth usage
+
+#### Alerting Rules
+
+```yaml
+# High collector resource usage
+alert: HighCollectorCPU
+expr: rate(otelcol_process_cpu_seconds_total[5m]) > 0.8
+for: 5m
+labels:
+  severity: warning
+annotations:
+  summary: "High collector CPU usage"
+  description: "Collector CPU usage is {{ $value }}"
+
+# Collector memory usage
+alert: HighCollectorMemory
+expr: otelcol_process_memory_usage_bytes / otelcol_process_memory_limit_bytes > 0.8
+for: 5m
+labels:
+  severity: warning
+annotations:
+  summary: "High collector memory usage"
+  description: "Collector memory usage is {{ $value }}"
+```
+
+## Security Considerations
+
+### Network Security
+
+- Use TLS for collector communications
+- Restrict collector access to trusted networks
+- Implement proper firewall rules
+
+### Data Privacy
+
+- Ensure no sensitive data in trace attributes
+- Implement data sanitization
+- Configure appropriate retention policies
+
+### Access Control
+
+- Restrict access to metrics endpoints
+- Implement authentication for collector access
+- Monitor access logs
+
+## Backup and Recovery
+
+### Data Retention
+
+- Traces: 7 days (configurable)
+- Metrics: 30 days (configurable)
+- Logs: 14 days (configurable)
+
+### Backup Strategy
+
+- Regular backup of collector configuration
+- Backup of Grafana dashboards
+- Backup of Prometheus rules
+
+## Performance Optimization
+
+### Sampling Strategy
+
+- Production: 10% sampling rate
+- Development: 100% sampling rate
+- Error traces: Always sample
+
+### Batch Processing
+
+- Optimize batch sizes for network conditions
+- Configure appropriate timeouts
+- Monitor queue depths
+
+### Resource Optimization
+
+- Monitor collector resource usage
+- Scale collectors based on load
+- Implement horizontal scaling if needed
+
+## Troubleshooting
+
+### Common Issues
+
+#### Collector Not Receiving Data
+
+- Check network connectivity
+- Verify OTLP endpoint configuration
+- Check collector logs
+
+#### High Resource Usage
+
+- Adjust sampling rates
+- Optimize batch processing
+- Scale collector resources
+
+#### Data Quality Issues
+
+- Verify instrumentation configuration
+- Check span attribute quality
+- Monitor error rates
+
+### Debug Procedures
+
+1. **Check Collector Status**
+
+   ```bash
+   curl http://collector.internal:8888/metrics
+   ```
+
+2. **Verify Application Configuration**
+
+   ```bash
+   curl http://app:9464/metrics
+   ```
+
+3. **Check Trace Data**
+   - Access Jaeger UI
+   - Search for recent traces
+   - Verify span attributes
+
+## Future Enhancements
+
+### Advanced Features
+
+- Custom dashboards for avatar metrics
+- Advanced sampling strategies
+- Log correlation with traces
+- Performance profiling integration
+
+### Scalability Improvements
+
+- Horizontal collector scaling
+- Load balancing for collectors
+- Multi-region deployment
+- Edge collection points
+
+### Integration Enhancements
+
+- Additional exporter backends
+- Custom processors
+- Advanced filtering
+- Data transformation
+
+## Cost Considerations
+
+### Infrastructure Costs
+
+- Additional compute resources for collectors
+- Storage costs for trace data
+- Network bandwidth costs
+
+### Operational Costs
+
+- Monitoring and maintenance
+- Configuration management
+- Troubleshooting and support
+
+### Optimization Strategies
+
+- Implement efficient sampling
+- Use appropriate retention policies
+- Optimize batch processing
+- Monitor resource usage
+
+## Conclusion
+
+The OpenTelemetry integration for ivatar provides comprehensive observability while leveraging the existing monitoring infrastructure. The phased deployment approach ensures minimal disruption to production services while providing valuable insights into avatar generation performance and user behavior.
+
+Key success factors:
+
+- Gradual rollout with monitoring
+- Performance impact assessment
+- Proper resource planning
+- Security considerations
+- Ongoing optimization

README.md

@@ -1,20 +1,102 @@
-ivatar / libravatar
-===================
+# ivatar / libravatar
 
-Pipeline and coverage status
-============================
+# Pipeline and coverage status
 
 [![pipeline status](https://git.linux-kernel.at/oliver/ivatar/badges/master/pipeline.svg)](https://git.linux-kernel.at/oliver/ivatar/commits/master)
 [![coverage report](https://git.linux-kernel.at/oliver/ivatar/badges/master/coverage.svg)](http://git.linux-kernel.at/oliver/ivatar/commits/master)
 
-Reports / code documentation
-============================
+# Reports / code documentation
 
-  - [Coverage HTML report](http://oliver.git.linux-kernel.at/ivatar)
-  - [Code documentation (autogenerated, pycco)](http://oliver.git.linux-kernel.at/ivatar/pycco/)
+- [Coverage HTML report](http://oliver.git.linux-kernel.at/ivatar)
+- [Code documentation (autogenerated, pycco)](http://oliver.git.linux-kernel.at/ivatar/pycco/)
 
-Authors and contributors
-========================
+# Environment Variables
+
+## OpenTelemetry Configuration
+
+OpenTelemetry instrumentation is always enabled in ivatar. The following environment variables control the behavior:
+
+### Core Configuration
+
+- `OTEL_SERVICE_NAME`: Service name for OpenTelemetry (default: "ivatar")
+- `OTEL_ENVIRONMENT`: Deployment environment (default: "production")
+- `OTEL_EXPORT_ENABLED`: Enable/disable data export (default: "false")
+  - Set to "true" to enable sending telemetry data to external collectors
+  - Set to "false" to disable export (instrumentation still active)
+
+### Export Configuration
+
+- `OTEL_EXPORTER_OTLP_ENDPOINT`: OTLP endpoint for traces and metrics export
+  - Example: "http://localhost:4317" (gRPC) or "http://localhost:4318" (HTTP)
+- `OTEL_PROMETHEUS_ENDPOINT`: Prometheus metrics endpoint (default: "0.0.0.0:9464")
+
+## Example Configurations
+
+### Development (Export Disabled)
+
+```bash
+export OTEL_EXPORT_ENABLED=false
+export OTEL_SERVICE_NAME=ivatar-dev
+export OTEL_ENVIRONMENT=development
+```
+
+### Production (Export Enabled)
+
+```bash
+export OTEL_EXPORT_ENABLED=true
+export OTEL_SERVICE_NAME=ivatar
+export OTEL_ENVIRONMENT=production
+export OTEL_EXPORTER_OTLP_ENDPOINT=http://otel-collector:4317
+```
+
+# Testing
+
+## Running Tests
+
+### Local Development (Recommended)
+
+For local development, use the provided script to skip Bluesky tests that require external API credentials:
+
+```bash
+./scripts/run_tests_local.sh
+```
+
+This runs all tests except those marked with `@pytest.mark.bluesky`.
+
+### All Tests
+
+To run all tests including Bluesky tests (requires Bluesky API credentials):
+
+```bash
+python3 manage.py test -v3
+```
+
+### Specific Test Categories
+
+```bash
+# Run only Bluesky tests
+python3 manage.py test ivatar.ivataraccount.test_views_bluesky -v3
+
+# Run only file upload security tests
+python3 manage.py test ivatar.test_file_security -v3
+
+# Run only security fixes tests (ETag sanitization and URL validation)
+python3 manage.py test ivatar.test_security_fixes -v3
+
+# Run only upload tests
+python3 manage.py test ivatar.ivataraccount.test_views -v3
+```
+
+## Test Markers
+
+Tests are categorized using pytest markers:
+
+- `@pytest.mark.bluesky`: Tests requiring Bluesky API credentials
+- `@pytest.mark.slow`: Long-running tests
+- `@pytest.mark.integration`: Integration tests
+- `@pytest.mark.unit`: Unit tests
+
+# Authors and contributors
 
 Lead developer/Owner: Oliver Falk (aka ofalk or falko) - https://git.linux-kernel.at/oliver
 

config.py

@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 """
 Configuration overrides for settings.py
 """
@@ -31,9 +30,12 @@ INSTALLED_APPS.extend(
 
 MIDDLEWARE.extend(
     [
-        "django.middleware.locale.LocaleMiddleware",
+        "ivatar.middleware.CustomLocaleMiddleware",
     ]
 )
+
+# Add OpenTelemetry middleware only if feature flag is enabled
+# Note: This will be checked at runtime, not at import time
 MIDDLEWARE.insert(
     0,
     "ivatar.middleware.MultipleProxyMiddleware",
@@ -44,6 +46,7 @@ AUTHENTICATION_BACKENDS = (
     # See INSTALL for more information.
     # 'django_auth_ldap.backend.LDAPBackend',
     "django_openid_auth.auth.OpenIDBackend",
+    "ivatar.ivataraccount.auth.FedoraOpenIdConnect",
     "django.contrib.auth.backends.ModelBackend",
 )
 
@@ -58,9 +61,13 @@ TEMPLATES[0]["OPTIONS"]["context_processors"].append(
 
 OPENID_CREATE_USERS = True
 OPENID_UPDATE_DETAILS_FROM_SREG = True
+SOCIAL_AUTH_JSONFIELD_ENABLED = True
+# Fedora authentication (OIDC). You need to set these two values to use it.
+SOCIAL_AUTH_FEDORA_KEY = None  # Also known as client_id
+SOCIAL_AUTH_FEDORA_SECRET = None  # Also known as client_secret
 
 SITE_NAME = os.environ.get("SITE_NAME", "libravatar")
-IVATAR_VERSION = "1.7.0"
+IVATAR_VERSION = "2.0"
 
 SCHEMAROOT = "https://www.libravatar.org/schemas/export/0.2"
 
@@ -79,6 +86,18 @@ MAX_PIXELS = 7000
 AVATAR_MAX_SIZE = 512
 JPEG_QUALITY = 85
 
+# Robohash Performance Optimization
+# Enable optimized robohash implementation for 6-22x performance improvement
+ROBOHASH_OPTIMIZATION_ENABLED = True
+
+# Robohash Configuration
+# Maximum number of robot parts to cache in memory (each ~50-200KB)
+ROBOHASH_CACHE_SIZE = 150  # ~10-30MB total cache size
+
+# Pagan Avatar Optimization
+# Maximum number of pagan Avatar objects to cache in memory (each ~100-500KB)
+PAGAN_CACHE_SIZE = 100  # ~10-50MB total cache size
+
 # I'm not 100% sure if single character domains are possible
 # under any tld... so MIN_LENGTH_EMAIL/_URL, might be +1
 MIN_LENGTH_URL = 11  # eg. http://a.io
@@ -153,7 +172,21 @@ if "POSTGRESQL_DATABASE" in os.environ:
         "HOST": "postgresql",
     }
 
-SESSION_SERIALIZER = "django.contrib.sessions.serializers.PickleSerializer"
+# CI/CD config has different naming
+if "POSTGRES_DB" in os.environ:
+    DATABASES["default"] = {  # pragma: no cover
+        "ENGINE": "django.db.backends.postgresql",
+        "NAME": os.environ["POSTGRES_DB"],
+        "USER": os.environ["POSTGRES_USER"],
+        "PASSWORD": os.environ["POSTGRES_PASSWORD"],
+        "HOST": os.environ["POSTGRES_HOST"],
+        # Let Django use its default test database naming
+        # "TEST": {
+        #     "NAME": os.environ["POSTGRES_DB"],
+        # },
+    }
+
+SESSION_SERIALIZER = "django.contrib.sessions.serializers.JSONSerializer"
 
 USE_X_FORWARDED_HOST = True
 ALLOWED_EXTERNAL_OPENID_REDIRECT_DOMAINS = [
@@ -163,6 +196,12 @@ ALLOWED_EXTERNAL_OPENID_REDIRECT_DOMAINS = [
 
 DEFAULT_AVATAR_SIZE = 80
 
+# Default settings for Gravatar proxy and redirect behavior
+# These can be overridden by URL parameters
+DEFAULT_GRAVATARPROXY = True
+DEFAULT_GRAVATARREDIRECT = False
+FORCEDEFAULT = False
+
 LANGUAGES = (
     ("de", _("Deutsch")),
     ("en", _("English")),
@@ -195,18 +234,16 @@ CACHES = {
         "LOCATION": [
             "127.0.0.1:11211",
         ],
+        # "OPTIONS": {"MAX_ENTRIES": 1000000},
     },
     "filesystem": {
         "BACKEND": "django.core.cache.backends.filebased.FileBasedCache",
         "LOCATION": "/var/tmp/ivatar_cache",
         "TIMEOUT": 900,  # 15 minutes
+        "OPTIONS": {"MAX_ENTRIES": 1000000},
     },
 }
 
-# This is 5 minutes caching for generated/resized images,
-# so the sites don't hit ivatar so much - it's what's set in the HTTP header
-CACHE_IMAGES_MAX_AGE = 5 * 60
-
 CACHE_RESPONSE = True
 
 # Trusted URLs for default redirection
@@ -232,6 +269,11 @@ TRUSTED_DEFAULT_URLS = [
         "host_equals": "avatars.dicebear.com",
         "path_prefix": "/api/",
     },
+    {
+        "schemes": ["https"],
+        "host_equals": "api.dicebear.com",
+        "path_prefix": "/",
+    },
     {
         "schemes": ["https"],
         "host_equals": "badges.fedoraproject.org",
@@ -250,9 +292,7 @@ TRUSTED_DEFAULT_URLS = [
     },
 ]
 
-# This MUST BE THE LAST!
-if os.path.isfile(os.path.join(BASE_DIR, "config_local.py")):
-    from config_local import *  # noqa # flake8: noqa # NOQA # pragma: no cover
+URL_TIMEOUT = 10
 
 
 def map_legacy_config(trusted_url):
@@ -268,3 +308,27 @@ def map_legacy_config(trusted_url):
 
 # Backward compability for legacy behavior
 TRUSTED_DEFAULT_URLS = list(map(map_legacy_config, TRUSTED_DEFAULT_URLS))
+
+# Bluesky settings
+BLUESKY_IDENTIFIER = os.environ.get("BLUESKY_IDENTIFIER", None)
+BLUESKY_APP_PASSWORD = os.environ.get("BLUESKY_APP_PASSWORD", None)
+
+# File upload security settings
+FILE_UPLOAD_MAX_MEMORY_SIZE = 5 * 1024 * 1024  # 5MB
+DATA_UPLOAD_MAX_MEMORY_SIZE = 5 * 1024 * 1024  # 5MB
+FILE_UPLOAD_PERMISSIONS = 0o644
+
+# Enhanced file upload security
+ENABLE_FILE_SECURITY_VALIDATION = True
+ENABLE_EXIF_SANITIZATION = True
+ENABLE_MALICIOUS_CONTENT_SCAN = True
+
+# Avatar optimization settings
+PAGAN_CACHE_SIZE = 1000  # Number of pagan avatars to cache
+
+# Logging configuration - can be overridden in local config
+# Example: LOGS_DIR = "/var/log/ivatar"  # For production deployments
+
+# This MUST BE THE LAST!
+if os.path.isfile(os.path.join(BASE_DIR, "config_local.py")):
+    from config_local import *  # noqa # flake8: noqa # NOQA # pragma: no cover

config_local.py.example

@@ -0,0 +1,65 @@
+# -*- coding: utf-8 -*-
+"""
+Example local configuration file for ivatar
+Copy this to config_local.py and customize for your environment
+"""
+
+import os
+
+# Override logs directory for production deployments
+# LOGS_DIR = "/var/log/ivatar"
+
+# Override logs directory for development with custom location
+# LOGS_DIR = os.path.join(os.path.expanduser("~"), "ivatar_logs")
+
+# File upload security settings
+# ENABLE_FILE_SECURITY_VALIDATION = True
+# ENABLE_EXIF_SANITIZATION = True
+# ENABLE_MALICIOUS_CONTENT_SCAN = True
+
+# Example production overrides:
+# DEBUG = False
+# SECRET_KEY = "your-production-secret-key-here"
+# ALLOWED_HOSTS = ["yourdomain.com", "www.yourdomain.com"]
+
+# Database configuration (if not using environment variables)
+# DATABASES = {
+#     'default': {
+#         'ENGINE': 'django.db.backends.postgresql',
+#         'NAME': 'ivatar_prod',
+#         'USER': 'ivatar_user',
+#         'PASSWORD': 'your-db-password',
+#         'HOST': 'localhost',
+#         'PORT': '5432',
+#     }
+# }
+
+# Email configuration
+# EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
+# EMAIL_HOST = 'smtp.yourdomain.com'
+# EMAIL_PORT = 587
+# EMAIL_USE_TLS = True
+# EMAIL_HOST_USER = 'noreply@yourdomain.com'
+# EMAIL_HOST_PASSWORD = 'your-email-password'
+
+# Example: Override logs directory for production
+# LOGS_DIR = "/var/log/ivatar"
+
+# Bluesky integration credentials
+# BLUESKY_IDENTIFIER = "your-bluesky-handle"
+# BLUESKY_APP_PASSWORD = "your-app-password"
+
+# Gravatar proxy and redirect settings
+# These control the default behavior when no local avatar is found
+# URL parameters (?gravatarproxy=n&gravatarredirect=y) will override these defaults
+
+# For private/local instances that should not make external requests:
+# DEFAULT_GRAVATARPROXY = False
+# DEFAULT_GRAVATARREDIRECT = False
+
+# For instances that prefer direct Gravatar redirects:
+# DEFAULT_GRAVATARREDIRECT = True
+# DEFAULT_GRAVATARPROXY = False
+
+# For testing/development (always use default avatars):
+# FORCEDEFAULT = True

config_local_test.py

@@ -0,0 +1,2 @@
+# Test configuration to verify LOGS_DIR override
+LOGS_DIR = "/tmp/ivatar_test_logs"

coverage_extra_style.css

@@ -1,6 +1,6 @@
 .stats span.mis {
-    background: #faa;
+  background: #faa;
 }
 .text p.mis {
-    background: #faa;
+  background: #faa;
 }

create.sh

@@ -2,11 +2,11 @@
 
 oc new-project ivatar
 
-DB_PASSWORD=`openssl rand -base64 16`
-DB_ROOT_PASSWORD=`openssl rand -base64 16`
+DB_PASSWORD=$(openssl rand -base64 16)
+DB_ROOT_PASSWORD=$(openssl rand -base64 16)
 
 if [ -n "$USE_MYSQL" ]; then
-  DB_CMDLINE="mysql-persistent
+    DB_CMDLINE="mysql-persistent
   --group=python+mysql-persistent
   -e MYSQL_USER=ivatar
   -p MYSQL_USER=ivatar
@@ -17,7 +17,7 @@ if [ -n "$USE_MYSQL" ]; then
   -e MYSQL_ROOT_PASSWORD=$DB_ROOT_PASSWORD
   -p MYSQL_ROOT_PASSWORD=$DB_ROOT_PASSWORD"
 else
-  DB_CMDLINE="postgresql-persistent
+    DB_CMDLINE="postgresql-persistent
   -e POSTGRESQL_USER=ivatar
   -p POSTGRESQL_USER=ivatar
   -e POSTGRESQL_DATABASE=ivatar
@@ -35,8 +35,8 @@ if [ -n "$LKERNAT_GITLAB_OPENSHIFT_ACCESS_TOKEN" ]; then
 fi
 
 oc new-app $SECRET_CMDLINE python~https://git.linux-kernel.at/oliver/ivatar.git \
-  -e IVATAR_MAILGUN_API_KEY=$IVATAR_MAILGUN_API_KEY \
-  -e IVATAR_MAILGUN_SENDER_DOMAIN=$IVATAR_MAILGUN_SENDER_DOMAIN \
-  $DB_CMDLINE
+    -e IVATAR_MAILGUN_API_KEY=$IVATAR_MAILGUN_API_KEY \
+    -e IVATAR_MAILGUN_SENDER_DOMAIN=$IVATAR_MAILGUN_SENDER_DOMAIN \
+    $DB_CMDLINE
 
 oc expose svc/ivatar

create_nobody_from_svg_with_inkscape.sh

@@ -1,4 +1,4 @@
 for size in $(seq 1 512); do
     inkscape -z -e ivatar/static/img/nobody/${size}.png -w ${size} -h ${size} \
-      ivatar/static/img/libravatar_logo.svg
+        ivatar/static/img/libravatar_logo.svg
 done

cropperjs.zip

@@ -0,0 +1 @@
+Not Found

import_libravatar.py

@@ -1,5 +1,4 @@
 #!/usr/bin/env python
-# -*- coding: utf-8 -*-
 """
 Import the whole libravatar export
 """

ivatar/__init__.py

@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 """
 Module init
 """

ivatar/context_processors.py

@@ -1,12 +1,9 @@
-# -*- coding: utf-8 -*-
 """
 Default: useful variables for the base page templates.
 """
 
-from ipware import get_client_ip
-from ivatar.settings import IVATAR_VERSION, SITE_NAME, MAX_PHOTO_SIZE
-from ivatar.settings import BASE_URL, SECURE_BASE_URL
-from ivatar.settings import MAX_NUM_UNCONFIRMED_EMAILS
+from django.conf import settings
+from ipware import get_client_ip  # type: ignore
 
 
 def basepage(request):
@@ -21,17 +18,21 @@ def basepage(request):
         ]  # pragma: no cover
     client_ip = get_client_ip(request)[0]
     context["client_ip"] = client_ip
-    context["ivatar_version"] = IVATAR_VERSION
-    context["site_name"] = SITE_NAME
+    context["ivatar_version"] = getattr(settings, "IVATAR_VERSION", "2.0")
+    context["site_name"] = getattr(settings, "SITE_NAME", "libravatar")
     context["site_url"] = request.build_absolute_uri("/")[:-1]
-    context["max_file_size"] = MAX_PHOTO_SIZE
-    context["BASE_URL"] = BASE_URL
-    context["SECURE_BASE_URL"] = SECURE_BASE_URL
+    context["max_file_size"] = getattr(settings, "MAX_PHOTO_SIZE", 10485760)
+    context["BASE_URL"] = getattr(settings, "BASE_URL", "http://localhost:8000/avatar/")
+    context["SECURE_BASE_URL"] = getattr(
+        settings, "SECURE_BASE_URL", "https://localhost:8000/avatar/"
+    )
     context["max_emails"] = False
+
     if request.user:
         if not request.user.is_anonymous:
             unconfirmed = request.user.unconfirmedemail_set.count()
-            if unconfirmed >= MAX_NUM_UNCONFIRMED_EMAILS:
+            max_unconfirmed = getattr(settings, "MAX_NUM_UNCONFIRMED_EMAILS", 5)
+            if unconfirmed >= max_unconfirmed:
                 context["max_emails"] = True
 
     return context

ivatar/file_security.py

@@ -0,0 +1,342 @@
+"""
+File upload security utilities for ivatar
+"""
+
+import hashlib
+import logging
+import magic
+import os
+from io import BytesIO
+from typing import Dict, Tuple
+
+from PIL import Image
+
+# Initialize logger
+logger = logging.getLogger("ivatar.security")
+
+# Security constants
+ALLOWED_MIME_TYPES = [
+    "image/jpeg",
+    "image/png",
+    "image/gif",
+    "image/webp",
+    "image/bmp",
+    "image/tiff",
+]
+
+ALLOWED_EXTENSIONS = [".jpg", ".jpeg", ".png", ".gif", ".webp", ".bmp", ".tiff"]
+
+# Magic byte signatures for image formats
+IMAGE_SIGNATURES = {
+    b"\xff\xd8\xff": "image/jpeg",
+    b"\x89PNG\r\n\x1a\n": "image/png",
+    b"GIF87a": "image/gif",
+    b"GIF89a": "image/gif",
+    b"RIFF": "image/webp",  # WebP starts with RIFF
+    b"BM": "image/bmp",
+    b"II*\x00": "image/tiff",  # Little-endian TIFF
+    b"MM\x00*": "image/tiff",  # Big-endian TIFF
+}
+
+# Maximum file size for different operations (in bytes)
+MAX_FILE_SIZE_BASIC = 5 * 1024 * 1024  # 5MB for basic validation
+MAX_FILE_SIZE_SCAN = 10 * 1024 * 1024  # 10MB for virus scanning
+MAX_FILE_SIZE_PROCESS = 50 * 1024 * 1024  # 50MB for processing
+
+
+class FileUploadSecurityError(Exception):
+    """Custom exception for file upload security issues"""
+
+    pass
+
+
+class FileValidator:
+    """Comprehensive file validation for uploads"""
+
+    def __init__(self, file_data: bytes, filename: str):
+        self.file_data = file_data
+        self.filename = filename
+        self.file_size = len(file_data)
+        self.file_hash = hashlib.sha256(file_data).hexdigest()
+
+    def validate_basic(self) -> Dict[str, any]:
+        """
+        Perform basic file validation
+        Returns validation results dictionary
+        """
+        results = {
+            "valid": True,
+            "errors": [],
+            "warnings": [],
+            "file_info": {
+                "size": self.file_size,
+                "hash": self.file_hash,
+                "filename": self.filename,
+            },
+        }
+
+        # Check file size
+        if self.file_size > MAX_FILE_SIZE_BASIC:
+            results["valid"] = False
+            results["errors"].append(f"File too large: {self.file_size} bytes")
+
+        # Check filename
+        if not self.filename or len(self.filename) > 255:
+            results["valid"] = False
+            results["errors"].append("Invalid filename")
+
+        # Check file extension
+        ext = os.path.splitext(self.filename)[1].lower()
+        if ext not in ALLOWED_EXTENSIONS:
+            results["valid"] = False
+            results["errors"].append(f"File extension not allowed: {ext}")
+
+        return results
+
+    def validate_magic_bytes(self) -> Dict[str, any]:
+        """
+        Validate file using magic bytes (file signatures)
+        """
+        results = {"valid": True, "detected_type": None, "errors": []}
+
+        # Check magic bytes
+        detected_type = None
+        for signature, mime_type in IMAGE_SIGNATURES.items():
+            if self.file_data.startswith(signature):
+                detected_type = mime_type
+                break
+
+        # Special handling for WebP (RIFF + WEBP)
+        if self.file_data.startswith(b"RIFF") and b"WEBP" in self.file_data[:12]:
+            detected_type = "image/webp"
+
+        if not detected_type:
+            results["valid"] = False
+            results["errors"].append(
+                "File signature does not match any supported image format"
+            )
+        else:
+            results["detected_type"] = detected_type
+
+        return results
+
+    def validate_mime_type(self) -> Dict[str, any]:
+        """
+        Validate MIME type using python-magic
+        """
+        results = {"valid": True, "detected_mime": None, "errors": []}
+
+        try:
+            # Use python-magic to detect MIME type
+            detected_mime = magic.from_buffer(self.file_data, mime=True)
+            results["detected_mime"] = detected_mime
+
+            if detected_mime not in ALLOWED_MIME_TYPES:
+                results["valid"] = False
+                results["errors"].append(f"MIME type not allowed: {detected_mime}")
+
+        except Exception as e:
+            logger.warning(f"MIME type detection failed: {e}")
+            results["warnings"].append("Could not detect MIME type")
+
+        return results
+
+    def validate_pil_image(self) -> Dict[str, any]:
+        """
+        Validate using PIL to ensure it's a valid image
+        """
+        results = {"valid": True, "image_info": {}, "errors": []}
+
+        try:
+            # Open image with PIL
+            image = Image.open(BytesIO(self.file_data))
+
+            # Get image information
+            results["image_info"] = {
+                "format": image.format,
+                "mode": image.mode,
+                "size": image.size,
+                "width": image.width,
+                "height": image.height,
+                "has_transparency": image.mode in ("RGBA", "LA", "P"),
+            }
+
+            # Verify image can be loaded
+            image.load()
+
+            # Check for suspicious characteristics
+            if image.width > 10000 or image.height > 10000:
+                results["warnings"].append("Image dimensions are very large")
+
+            if image.width < 1 or image.height < 1:
+                results["valid"] = False
+                results["errors"].append("Invalid image dimensions")
+
+        except Exception as e:
+            results["valid"] = False
+            results["errors"].append(f"Invalid image format: {str(e)}")
+
+        return results
+
+    def sanitize_exif_data(self) -> bytes:
+        """
+        Remove EXIF data from image to prevent metadata leaks
+        """
+        try:
+            image = Image.open(BytesIO(self.file_data))
+
+            # Create new image without EXIF data
+            if image.mode in ("RGBA", "LA"):
+                # Preserve transparency
+                new_image = Image.new("RGBA", image.size, (255, 255, 255, 0))
+                new_image.paste(image, mask=image.split()[-1])
+            else:
+                new_image = Image.new("RGB", image.size, (255, 255, 255))
+                new_image.paste(image)
+
+            # Save without EXIF data
+            output = BytesIO()
+            new_image.save(output, format=image.format or "JPEG", quality=95)
+            return output.getvalue()
+
+        except Exception as e:
+            logger.warning(f"EXIF sanitization failed: {e}")
+            return self.file_data  # Return original if sanitization fails
+
+    def scan_for_malicious_content(self) -> Dict[str, any]:
+        """
+        Scan for potentially malicious content patterns
+        """
+        results = {"suspicious": False, "threats": [], "warnings": []}
+
+        # Check for embedded scripts or executable content
+        suspicious_patterns = [
+            b"<script",
+            b"javascript:",
+            b"vbscript:",
+            b"data:text/html",
+            b"<?php",
+            b"<%",
+            b"#!/bin/",
+            b"MZ",  # PE executable header
+            b"\x7fELF",  # ELF executable header
+        ]
+
+        for pattern in suspicious_patterns:
+            if pattern in self.file_data:
+                results["suspicious"] = True
+                results["threats"].append(f"Suspicious pattern detected: {pattern}")
+
+        # Check for polyglot files (valid in multiple formats)
+        if self.file_data.startswith(b"GIF89a") and b"<script" in self.file_data:
+            results["suspicious"] = True
+            results["threats"].append("Potential polyglot attack detected")
+
+        return results
+
+    def comprehensive_validation(self) -> Dict[str, any]:
+        """
+        Perform comprehensive file validation
+        """
+        results = {
+            "valid": True,
+            "errors": [],
+            "warnings": [],
+            "file_info": {},
+            "security_score": 100,
+        }
+
+        # Basic validation
+        basic_results = self.validate_basic()
+        if not basic_results["valid"]:
+            results["valid"] = False
+            results["errors"].extend(basic_results["errors"])
+            results["security_score"] -= 30
+
+        results["file_info"].update(basic_results["file_info"])
+        results["warnings"].extend(basic_results["warnings"])
+
+        # Magic bytes validation
+        magic_results = self.validate_magic_bytes()
+        if not magic_results["valid"]:
+            results["valid"] = False
+            results["errors"].extend(magic_results["errors"])
+            results[
+                "security_score"
+            ] -= 10  # Reduced from 25 - basic format issue, not security threat
+
+        results["file_info"]["detected_type"] = magic_results["detected_type"]
+
+        # MIME type validation
+        mime_results = self.validate_mime_type()
+        if not mime_results["valid"]:
+            results["valid"] = False
+            results["errors"].extend(mime_results["errors"])
+            results[
+                "security_score"
+            ] -= 10  # Reduced from 20 - basic format issue, not security threat
+
+        results["file_info"]["detected_mime"] = mime_results["detected_mime"]
+        results["warnings"].extend(mime_results.get("warnings", []))
+
+        # PIL image validation
+        pil_results = self.validate_pil_image()
+        if not pil_results["valid"]:
+            results["valid"] = False
+            results["errors"].extend(pil_results["errors"])
+            results[
+                "security_score"
+            ] -= 10  # Reduced from 15 - basic format issue, not security threat
+
+        results["file_info"]["image_info"] = pil_results["image_info"]
+        results["warnings"].extend(pil_results.get("warnings", []))
+
+        # Security scan
+        security_results = self.scan_for_malicious_content()
+        if security_results["suspicious"]:
+            results["valid"] = False
+            results["errors"].extend(security_results["threats"])
+            results["security_score"] -= 50
+
+        results["warnings"].extend(security_results.get("warnings", []))
+
+        # Log security events
+        if not results["valid"]:
+            logger.warning(f"File upload validation failed: {results['errors']}")
+        elif results["security_score"] < 80:
+            logger.info(
+                f"File upload with low security score: {results['security_score']}"
+            )
+
+        return results
+
+
+def validate_uploaded_file(
+    file_data: bytes, filename: str
+) -> Tuple[bool, Dict[str, any], bytes]:
+    """
+    Main function to validate uploaded files
+
+    Returns:
+        (is_valid, validation_results, sanitized_data)
+    """
+    validator = FileValidator(file_data, filename)
+
+    # Perform comprehensive validation
+    results = validator.comprehensive_validation()
+
+    if not results["valid"]:
+        return False, results, file_data
+
+    # Sanitize EXIF data
+    sanitized_data = validator.sanitize_exif_data()
+
+    return True, results, sanitized_data
+
+
+def get_file_security_report(file_data: bytes, filename: str) -> Dict[str, any]:
+    """
+    Generate a security report for a file without modifying it
+    """
+    validator = FileValidator(file_data, filename)
+    return validator.comprehensive_validation()

ivatar/ivataraccount/__init__.py

@@ -1,5 +1,5 @@
-# -*- coding: utf-8 -*-
 """
 Module init
 """
+
 app_label = __name__  # pylint: disable=invalid-name

ivatar/ivataraccount/admin.py

@@ -1,7 +1,7 @@
-# -*- coding: utf-8 -*-
 """
 Register models in admin
 """
+
 from django.contrib import admin
 
 from .models import Photo, ConfirmedEmail, UnconfirmedEmail

ivatar/ivataraccount/auth.py

@@ -0,0 +1,55 @@
+from social_core.backends.open_id_connect import OpenIdConnectAuth
+
+from ivatar.ivataraccount.models import ConfirmedEmail, Photo
+from ivatar.settings import logger, TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS
+
+
+class FedoraOpenIdConnect(OpenIdConnectAuth):
+    name = "fedora"
+    USERNAME_KEY = "nickname"
+    OIDC_ENDPOINT = "https://id.fedoraproject.org"
+    DEFAULT_SCOPE = ["openid", "profile", "email"]
+    TOKEN_ENDPOINT_AUTH_METHOD = "client_secret_post"
+
+
+# Pipeline methods
+
+
+def add_confirmed_email(backend, user, response, *args, **kwargs):
+    """Add a ConfirmedEmail if we trust the auth backend to validate email."""
+    if not kwargs.get("is_new", False):
+        return None  # Only act on account creation
+    if backend.name not in TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS:
+        return None
+    if ConfirmedEmail.objects.filter(email=user.email).count() > 0:
+        # email already exists
+        return None
+    (confirmed_id, external_photos) = ConfirmedEmail.objects.create_confirmed_email(
+        user, user.email, True
+    )
+    confirmed_email = ConfirmedEmail.objects.get(id=confirmed_id)
+    logger.debug(
+        "Email %s added upon creation of user %s", confirmed_email.email, user.pk
+    )
+    photo = Photo.objects.create(user=user, ip_address=confirmed_email.ip_address)
+    import_result = photo.import_image("Gravatar", confirmed_email.email)
+    if import_result:
+        logger.debug("Gravatar image imported for %s", confirmed_email.email)
+
+
+def associate_by_confirmed_email(backend, details, user=None, *args, **kwargs):
+    """
+    Associate current auth with a user that has their email address as ConfirmedEmail in the DB.
+    """
+    if user:
+        return None
+    email = details.get("email")
+    if not email:
+        return None
+    try:
+        confirmed_email = ConfirmedEmail.objects.get(email=email)
+    except ConfirmedEmail.DoesNotExist:
+        return None
+    user = confirmed_email.user
+    logger.debug("Found a matching ConfirmedEmail for %s upon login", user.username)
+    return {"user": user, "is_new": False}

ivatar/ivataraccount/forms.py

@@ -1,20 +1,27 @@
-# -*- coding: utf-8 -*-
 """
 Classes for our ivatar.ivataraccount.forms
 """
+
 from urllib.parse import urlsplit, urlunsplit
 
 from django import forms
 from django.utils.translation import gettext_lazy as _
+from django.core.exceptions import ValidationError
 
 from ipware import get_client_ip
 
 from ivatar import settings
 from ivatar.settings import MIN_LENGTH_EMAIL, MAX_LENGTH_EMAIL
 from ivatar.settings import MIN_LENGTH_URL, MAX_LENGTH_URL
+from ivatar.settings import ENABLE_FILE_SECURITY_VALIDATION
+from ivatar.file_security import validate_uploaded_file, FileUploadSecurityError
 from .models import UnconfirmedEmail, ConfirmedEmail, Photo
 from .models import UnconfirmedOpenId, ConfirmedOpenId
 from .models import UserPreference
+import logging
+
+# Initialize logger
+logger = logging.getLogger("ivatar.ivataraccount.forms")
 
 
 MAX_NUM_UNCONFIRMED_EMAILS_DEFAULT = 5
@@ -81,7 +88,7 @@ class AddEmailForm(forms.Form):
 
 class UploadPhotoForm(forms.Form):
     """
-    Form handling photo upload
+    Form handling photo upload with enhanced security validation
     """
 
     photo = forms.FileField(
@@ -107,20 +114,106 @@ class UploadPhotoForm(forms.Form):
         },
     )
 
-    @staticmethod
-    def save(request, data):
+    def clean_photo(self):
         """
-        Save the model and assign it to the current user
+        Enhanced photo validation with security checks
+        """
+        photo = self.cleaned_data.get("photo")
+
+        if not photo:
+            raise ValidationError(_("No file provided"))
+
+        # Read file data
+        try:
+            # Handle different file types
+            if hasattr(photo, "read"):
+                file_data = photo.read()
+            elif hasattr(photo, "file"):
+                file_data = photo.file.read()
+            else:
+                file_data = bytes(photo)
+            filename = photo.name
+        except Exception as e:
+            logger.error(f"Error reading uploaded file: {e}")
+            raise ValidationError(_("Error reading uploaded file"))
+
+        # Perform comprehensive security validation (if enabled)
+        if ENABLE_FILE_SECURITY_VALIDATION:
+            try:
+                is_valid, validation_results, sanitized_data = validate_uploaded_file(
+                    file_data, filename
+                )
+
+                if not is_valid:
+                    # Log security violation
+                    logger.warning(
+                        f"File upload security violation: {validation_results['errors']}"
+                    )
+
+                    # Only reject truly malicious files at the form level
+                    # Allow basic format issues to pass through to Photo.save() for original error handling
+                    if validation_results.get("security_score", 100) < 30:
+                        raise ValidationError(
+                            _("File appears to be malicious and cannot be uploaded")
+                        )
+                    else:
+                        # For format issues, don't raise ValidationError - let Photo.save() handle it
+                        # This preserves the original error handling behavior
+                        logger.info(
+                            f"File format issue detected, allowing Photo.save() to handle: {validation_results['errors']}"
+                        )
+                        # Store the validation results for potential use, but don't reject the form
+                        self.validation_results = validation_results
+                        self.file_data = file_data
+                else:
+                    # Store sanitized data for later use
+                    self.sanitized_data = sanitized_data
+                    self.validation_results = validation_results
+                    # Store original file data for fallback
+                    self.file_data = file_data
+
+                    # Log successful validation
+                    logger.info(
+                        f"File upload validated successfully: {filename}, security_score: {validation_results.get('security_score', 100)}"
+                    )
+
+            except FileUploadSecurityError as e:
+                logger.error(f"File upload security error: {e}")
+                raise ValidationError(_("File security validation failed"))
+            except Exception as e:
+                logger.error(f"Unexpected error during file validation: {e}")
+                raise ValidationError(_("File validation failed"))
+        else:
+            # Security validation disabled (e.g., in tests)
+            logger.debug(f"File upload security validation disabled for: {filename}")
+            self.file_data = file_data
+
+        return photo
+
+    def save(self, request, data):
+        """
+        Save the model and assign it to the current user with enhanced security
         """
         # Link this file to the user's profile
         photo = Photo()
         photo.user = request.user
         photo.ip_address = get_client_ip(request)[0]
-        photo.data = data.read()
+
+        # Use sanitized data if available, otherwise use stored file data
+        if hasattr(self, "sanitized_data"):
+            photo.data = self.sanitized_data
+        elif hasattr(self, "file_data"):
+            photo.data = self.file_data
+        else:
+            # Fallback: try to read from the file object
+            try:
+                photo.data = data.read()
+            except Exception as e:
+                logger.error(f"Failed to read file data: {e}")
+                photo.data = b""
+
         photo.save()
-        if not photo.pk:
-            return None
-        return photo
+        return photo if photo.pk else None
 
 
 class AddOpenIDForm(forms.Form):
@@ -141,13 +234,16 @@ class AddOpenIDForm(forms.Form):
         """
         # Lowercase hostname port of the URL
         url = urlsplit(self.cleaned_data["openid"])
-        data = urlunsplit(
-            (url.scheme.lower(), url.netloc.lower(), url.path, url.query, url.fragment)
+        return urlunsplit(
+            (
+                url.scheme.lower(),
+                url.netloc.lower(),
+                url.path,
+                url.query,
+                url.fragment,
+            )
         )
 
-        # TODO: Domain restriction as in libravatar?
-        return data
-
     def save(self, user):
         """
         Save the model, ensuring some safety

ivatar/ivataraccount/gravatar.py

@@ -1,15 +1,14 @@
-# -*- coding: utf-8 -*-
 """
 Helper method to fetch Gravatar image
 """
+
 from ssl import SSLError
-from urllib.request import urlopen, HTTPError, URLError
+from urllib.request import HTTPError, URLError
+from ivatar.utils import urlopen
 import hashlib
 
 from ..settings import AVATAR_MAX_SIZE
 
-URL_TIMEOUT = 5  # in seconds
-
 
 def get_photo(email):
     """
@@ -23,29 +22,23 @@ def get_photo(email):
         + "?s=%i&d=404" % AVATAR_MAX_SIZE
     )
     image_url = (
-        "https://secure.gravatar.com/avatar/" + hash_object.hexdigest() + "?s=512&d=404"
+        f"https://secure.gravatar.com/avatar/{hash_object.hexdigest()}?s=512&d=404"
     )
 
     # Will redirect to the public profile URL if it exists
-    service_url = "http://www.gravatar.com/" + hash_object.hexdigest()
+    service_url = f"http://www.gravatar.com/{hash_object.hexdigest()}"
 
     try:
-        urlopen(image_url, timeout=URL_TIMEOUT)
+        urlopen(image_url)
     except HTTPError as exc:
-        if exc.code != 404 and exc.code != 503:
-            print(  # pragma: no cover
-                "Gravatar fetch failed with an unexpected %s HTTP error" % exc.code
-            )
+        if exc.code not in [404, 503]:
+            print(f"Gravatar fetch failed with an unexpected {exc.code} HTTP error")
         return False
     except URLError as exc:  # pragma: no cover
-        print(
-            "Gravatar fetch failed with URL error: %s" % exc.reason
-        )  # pragma: no cover
+        print(f"Gravatar fetch failed with URL error: {exc.reason}")
         return False  # pragma: no cover
     except SSLError as exc:  # pragma: no cover
-        print(
-            "Gravatar fetch failed with SSL error: %s" % exc.reason
-        )  # pragma: no cover
+        print(f"Gravatar fetch failed with SSL error: {exc.reason}")
         return False  # pragma: no cover
 
     return {

ivatar/ivataraccount/migrations/0001_initial.py

@@ -3,7 +3,6 @@
 from django.conf import settings
 from django.db import migrations, models
 import django.db.models.deletion
-import ivatar.ivataraccount.models
 
 
 class Migration(migrations.Migration):
@@ -16,93 +15,167 @@ class Migration(migrations.Migration):
 
     operations = [
         migrations.CreateModel(
-            name='ConfirmedEmail',
+            name="ConfirmedEmail",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('ip_address', models.GenericIPAddressField(unpack_ipv4=True)),
-                ('add_date', models.DateTimeField()),
-                ('email', models.EmailField(max_length=254, unique=True)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("ip_address", models.GenericIPAddressField(unpack_ipv4=True)),
+                ("add_date", models.DateTimeField()),
+                ("email", models.EmailField(max_length=254, unique=True)),
             ],
             options={
-                'verbose_name': 'confirmed email',
-                'verbose_name_plural': 'confirmed emails',
+                "verbose_name": "confirmed email",
+                "verbose_name_plural": "confirmed emails",
             },
         ),
         migrations.CreateModel(
-            name='ConfirmedOpenId',
+            name="ConfirmedOpenId",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('ip_address', models.GenericIPAddressField(unpack_ipv4=True)),
-                ('add_date', models.DateTimeField()),
-                ('openid', models.URLField(max_length=255, unique=True)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("ip_address", models.GenericIPAddressField(unpack_ipv4=True)),
+                ("add_date", models.DateTimeField()),
+                ("openid", models.URLField(max_length=255, unique=True)),
             ],
             options={
-                'verbose_name': 'confirmed OpenID',
-                'verbose_name_plural': 'confirmed OpenIDs',
+                "verbose_name": "confirmed OpenID",
+                "verbose_name_plural": "confirmed OpenIDs",
             },
         ),
         migrations.CreateModel(
-            name='Photo',
+            name="Photo",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('add_date', models.DateTimeField()),
-                ('ip_address', models.GenericIPAddressField(unpack_ipv4=True)),
-                ('data', models.BinaryField()),
-                ('format', models.CharField(max_length=3)),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("add_date", models.DateTimeField()),
+                ("ip_address", models.GenericIPAddressField(unpack_ipv4=True)),
+                ("data", models.BinaryField()),
+                ("format", models.CharField(max_length=3)),
+                (
+                    "user",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
             ],
             options={
-                'verbose_name': 'photo',
-                'verbose_name_plural': 'photos',
+                "verbose_name": "photo",
+                "verbose_name_plural": "photos",
             },
         ),
         migrations.CreateModel(
-            name='UnconfirmedEmail',
+            name="UnconfirmedEmail",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('ip_address', models.GenericIPAddressField(unpack_ipv4=True)),
-                ('add_date', models.DateTimeField()),
-                ('email', models.EmailField(max_length=254)),
-                ('verification_key', models.CharField(max_length=64)),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("ip_address", models.GenericIPAddressField(unpack_ipv4=True)),
+                ("add_date", models.DateTimeField()),
+                ("email", models.EmailField(max_length=254)),
+                ("verification_key", models.CharField(max_length=64)),
+                (
+                    "user",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
             ],
             options={
-                'verbose_name': 'unconfirmed_email',
-                'verbose_name_plural': 'unconfirmed_emails',
+                "verbose_name": "unconfirmed_email",
+                "verbose_name_plural": "unconfirmed_emails",
             },
         ),
         migrations.CreateModel(
-            name='UnconfirmedOpenId',
+            name="UnconfirmedOpenId",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('ip_address', models.GenericIPAddressField(unpack_ipv4=True)),
-                ('add_date', models.DateTimeField()),
-                ('openid', models.URLField(max_length=255)),
-                ('user', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("ip_address", models.GenericIPAddressField(unpack_ipv4=True)),
+                ("add_date", models.DateTimeField()),
+                ("openid", models.URLField(max_length=255)),
+                (
+                    "user",
+                    models.ForeignKey(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
             ],
             options={
-                'verbose_name': 'unconfirmed OpenID',
-                'verbose_name_plural': 'unconfirmed_OpenIDs',
+                "verbose_name": "unconfirmed OpenID",
+                "verbose_name_plural": "unconfirmed_OpenIDs",
             },
         ),
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='photo',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='openids', to='ivataraccount.Photo'),
+            model_name="confirmedopenid",
+            name="photo",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="openids",
+                to="ivataraccount.Photo",
+            ),
         ),
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='user',
-            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+            model_name="confirmedopenid",
+            name="user",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL
+            ),
         ),
         migrations.AddField(
-            model_name='confirmedemail',
-            name='photo',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.CASCADE, related_name='emails', to='ivataraccount.Photo'),
+            model_name="confirmedemail",
+            name="photo",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.CASCADE,
+                related_name="emails",
+                to="ivataraccount.Photo",
+            ),
         ),
         migrations.AddField(
-            model_name='confirmedemail',
-            name='user',
-            field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
+            model_name="confirmedemail",
+            name="user",
+            field=models.ForeignKey(
+                on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0002_openidassociation_openidnonce.py

@@ -6,29 +6,45 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0001_initial'),
+        ("ivataraccount", "0001_initial"),
     ]
 
     operations = [
         migrations.CreateModel(
-            name='OpenIDAssociation',
+            name="OpenIDAssociation",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('server_url', models.TextField(max_length=2047)),
-                ('handle', models.CharField(max_length=255)),
-                ('secret', models.TextField(max_length=255)),
-                ('issued', models.IntegerField()),
-                ('lifetime', models.IntegerField()),
-                ('assoc_type', models.TextField(max_length=64)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("server_url", models.TextField(max_length=2047)),
+                ("handle", models.CharField(max_length=255)),
+                ("secret", models.TextField(max_length=255)),
+                ("issued", models.IntegerField()),
+                ("lifetime", models.IntegerField()),
+                ("assoc_type", models.TextField(max_length=64)),
             ],
         ),
         migrations.CreateModel(
-            name='OpenIDNonce',
+            name="OpenIDNonce",
             fields=[
-                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
-                ('server_url', models.CharField(max_length=255)),
-                ('timestamp', models.IntegerField()),
-                ('salt', models.CharField(max_length=128)),
+                (
+                    "id",
+                    models.AutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                ("server_url", models.CharField(max_length=255)),
+                ("timestamp", models.IntegerField()),
+                ("salt", models.CharField(max_length=128)),
             ],
         ),
     ]

ivatar/ivataraccount/migrations/0003_auto_20180508_0637.py

@@ -7,53 +7,53 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0002_openidassociation_openidnonce'),
+        ("ivataraccount", "0002_openidassociation_openidnonce"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='add_date',
+            model_name="confirmedemail",
+            name="add_date",
             field=models.DateTimeField(default=datetime.datetime.utcnow),
         ),
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='ip_address',
+            model_name="confirmedemail",
+            name="ip_address",
             field=models.GenericIPAddressField(null=True, unpack_ipv4=True),
         ),
         migrations.AlterField(
-            model_name='confirmedopenid',
-            name='add_date',
+            model_name="confirmedopenid",
+            name="add_date",
             field=models.DateTimeField(default=datetime.datetime.utcnow),
         ),
         migrations.AlterField(
-            model_name='confirmedopenid',
-            name='ip_address',
+            model_name="confirmedopenid",
+            name="ip_address",
             field=models.GenericIPAddressField(null=True, unpack_ipv4=True),
         ),
         migrations.AlterField(
-            model_name='photo',
-            name='add_date',
+            model_name="photo",
+            name="add_date",
             field=models.DateTimeField(default=datetime.datetime.utcnow),
         ),
         migrations.AlterField(
-            model_name='unconfirmedemail',
-            name='add_date',
+            model_name="unconfirmedemail",
+            name="add_date",
             field=models.DateTimeField(default=datetime.datetime.utcnow),
         ),
         migrations.AlterField(
-            model_name='unconfirmedemail',
-            name='ip_address',
+            model_name="unconfirmedemail",
+            name="ip_address",
             field=models.GenericIPAddressField(null=True, unpack_ipv4=True),
         ),
         migrations.AlterField(
-            model_name='unconfirmedopenid',
-            name='add_date',
+            model_name="unconfirmedopenid",
+            name="add_date",
             field=models.DateTimeField(default=datetime.datetime.utcnow),
         ),
         migrations.AlterField(
-            model_name='unconfirmedopenid',
-            name='ip_address',
+            model_name="unconfirmedopenid",
+            name="ip_address",
             field=models.GenericIPAddressField(null=True, unpack_ipv4=True),
         ),
     ]

ivatar/ivataraccount/migrations/0004_auto_20180508_0742.py

@@ -7,33 +7,33 @@ import django.utils.timezone
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0003_auto_20180508_0637'),
+        ("ivataraccount", "0003_auto_20180508_0637"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='add_date',
+            model_name="confirmedemail",
+            name="add_date",
             field=models.DateTimeField(default=django.utils.timezone.now),
         ),
         migrations.AlterField(
-            model_name='confirmedopenid',
-            name='add_date',
+            model_name="confirmedopenid",
+            name="add_date",
             field=models.DateTimeField(default=django.utils.timezone.now),
         ),
         migrations.AlterField(
-            model_name='photo',
-            name='add_date',
+            model_name="photo",
+            name="add_date",
             field=models.DateTimeField(default=django.utils.timezone.now),
         ),
         migrations.AlterField(
-            model_name='unconfirmedemail',
-            name='add_date',
+            model_name="unconfirmedemail",
+            name="add_date",
             field=models.DateTimeField(default=django.utils.timezone.now),
         ),
         migrations.AlterField(
-            model_name='unconfirmedopenid',
-            name='add_date',
+            model_name="unconfirmedopenid",
+            name="add_date",
             field=models.DateTimeField(default=django.utils.timezone.now),
         ),
     ]

ivatar/ivataraccount/migrations/0005_auto_20180522_1155.py

@@ -6,20 +6,20 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0004_auto_20180508_0742'),
+        ("ivataraccount", "0004_auto_20180508_0742"),
     ]
 
     operations = [
         migrations.AddField(
-            model_name='confirmedemail',
-            name='digest',
-            field=models.CharField(default='', max_length=64),
+            model_name="confirmedemail",
+            name="digest",
+            field=models.CharField(default="", max_length=64),
             preserve_default=False,
         ),
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='digest',
-            field=models.CharField(default='', max_length=64),
+            model_name="confirmedopenid",
+            name="digest",
+            field=models.CharField(default="", max_length=64),
             preserve_default=False,
         ),
     ]

ivatar/ivataraccount/migrations/0006_auto_20180626_1445.py

@@ -6,18 +6,18 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0005_auto_20180522_1155'),
+        ("ivataraccount", "0005_auto_20180522_1155"),
     ]
 
     operations = [
         migrations.AddField(
-            model_name='confirmedemail',
-            name='digest_sha256',
+            model_name="confirmedemail",
+            name="digest_sha256",
             field=models.CharField(max_length=64, null=True),
         ),
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='digest',
+            model_name="confirmedemail",
+            name="digest",
             field=models.CharField(max_length=32),
         ),
     ]

ivatar/ivataraccount/migrations/0007_auto_20180627_0624.py

@@ -3,37 +3,50 @@
 from django.db import migrations, models
 import django.db.models.deletion
 
+
 def add_sha256(apps, schema_editor):
-     '''
-     Make sure all ConfirmedEmail have digest_sha256 set
-     in order to alter the model so sha256 may not be NULL
-     '''
-     ConfirmedEmail = apps.get_model('ivataraccount', 'ConfirmedEmail')
-     for mail in ConfirmedEmail.objects.filter(digest_sha256=None):
-         mail.save()  # pragma: no cover
+    """
+    Make sure all ConfirmedEmail have digest_sha256 set
+    in order to alter the model so sha256 may not be NULL
+    """
+    ConfirmedEmail = apps.get_model("ivataraccount", "ConfirmedEmail")
+    for mail in ConfirmedEmail.objects.filter(digest_sha256=None):
+        mail.save()  # pragma: no cover
 
 
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0006_auto_20180626_1445'),
+        ("ivataraccount", "0006_auto_20180626_1445"),
     ]
 
     operations = [
         migrations.RunPython(add_sha256),
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='digest_sha256',
+            model_name="confirmedemail",
+            name="digest_sha256",
             field=models.CharField(max_length=64),
         ),
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='photo',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='emails', to='ivataraccount.Photo'),
+            model_name="confirmedemail",
+            name="photo",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.SET_NULL,
+                related_name="emails",
+                to="ivataraccount.Photo",
+            ),
         ),
         migrations.AlterField(
-            model_name='confirmedopenid',
-            name='photo',
-            field=models.ForeignKey(blank=True, null=True, on_delete=django.db.models.deletion.SET_NULL, related_name='openids', to='ivataraccount.Photo'),
+            model_name="confirmedopenid",
+            name="photo",
+            field=models.ForeignKey(
+                blank=True,
+                null=True,
+                on_delete=django.db.models.deletion.SET_NULL,
+                related_name="openids",
+                to="ivataraccount.Photo",
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0008_userpreference.py

@@ -7,11 +7,14 @@ import django.db.models.deletion
 
 
 def add_preference_to_user(apps, schema_editor):  # pylint: disable=unused-argument
-    '''
+    """
     Make sure all users have preferences set up
-    '''
+    """
     from django.contrib.auth.models import User
-    UserPreference = apps.get_model('ivataraccount', 'UserPreference')  # pylint: disable=invalid-name
+
+    UserPreference = apps.get_model(
+        "ivataraccount", "UserPreference"
+    )  # pylint: disable=invalid-name
     for user in User.objects.filter(userpreference=None):
         pref = UserPreference.objects.create(user_id=user.pk)  # pragma: no cover
         pref.save()  # pragma: no cover
@@ -20,24 +23,34 @@ def add_preference_to_user(apps, schema_editor):  # pylint: disable=unused-argum
 class Migration(migrations.Migration):  # pylint: disable=missing-docstring
 
     dependencies = [
-        ('auth', '0009_alter_user_last_name_max_length'),
-        ('ivataraccount', '0007_auto_20180627_0624'),
+        ("auth", "0009_alter_user_last_name_max_length"),
+        ("ivataraccount", "0007_auto_20180627_0624"),
     ]
 
     operations = [
         migrations.CreateModel(
-            name='UserPreference',
+            name="UserPreference",
             fields=[
-                ('theme', models.CharField(
-                    choices=[
-                        ('default', 'Default theme'),
-                        ('clime', 'Climes theme')],
-                    default='default', max_length=10)),
-                ('user', models.OneToOneField(
-                    on_delete=django.db.models.deletion.CASCADE,
-                    primary_key=True,
-                    serialize=False,
-                    to=settings.AUTH_USER_MODEL)),
+                (
+                    "theme",
+                    models.CharField(
+                        choices=[
+                            ("default", "Default theme"),
+                            ("clime", "Climes theme"),
+                        ],
+                        default="default",
+                        max_length=10,
+                    ),
+                ),
+                (
+                    "user",
+                    models.OneToOneField(
+                        on_delete=django.db.models.deletion.CASCADE,
+                        primary_key=True,
+                        serialize=False,
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
             ],
         ),
         migrations.RunPython(add_preference_to_user),

ivatar/ivataraccount/migrations/0009_auto_20180705_1152.py

@@ -6,13 +6,21 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0008_userpreference'),
+        ("ivataraccount", "0008_userpreference"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='userpreference',
-            name='theme',
-            field=models.CharField(choices=[('default', 'Default theme'), ('clime', 'climes theme'), ('falko', 'falkos theme')], default='default', max_length=10),
+            model_name="userpreference",
+            name="theme",
+            field=models.CharField(
+                choices=[
+                    ("default", "Default theme"),
+                    ("clime", "climes theme"),
+                    ("falko", "falkos theme"),
+                ],
+                default="default",
+                max_length=10,
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0010_auto_20180705_1201.py

@@ -6,13 +6,17 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0009_auto_20180705_1152'),
+        ("ivataraccount", "0009_auto_20180705_1152"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='userpreference',
-            name='theme',
-            field=models.CharField(choices=[('default', 'Default theme'), ('falko', 'falkos theme')], default='default', max_length=10),
+            model_name="userpreference",
+            name="theme",
+            field=models.CharField(
+                choices=[("default", "Default theme"), ("falko", "falkos theme")],
+                default="default",
+                max_length=10,
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0011_auto_20181107_1550.py

@@ -6,18 +6,26 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0010_auto_20180705_1201'),
+        ("ivataraccount", "0010_auto_20180705_1201"),
     ]
 
     operations = [
         migrations.AddField(
-            model_name='photo',
-            name='access_count',
+            model_name="photo",
+            name="access_count",
             field=models.BigIntegerField(default=0, editable=False),
         ),
         migrations.AlterField(
-            model_name='userpreference',
-            name='theme',
-            field=models.CharField(choices=[('default', 'Default theme'), ('clime', 'climes theme'), ('falko', 'falkos theme')], default='default', max_length=10),
+            model_name="userpreference",
+            name="theme",
+            field=models.CharField(
+                choices=[
+                    ("default", "Default theme"),
+                    ("clime", "climes theme"),
+                    ("falko", "falkos theme"),
+                ],
+                default="default",
+                max_length=10,
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0012_auto_20181107_1732.py

@@ -6,18 +6,18 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0011_auto_20181107_1550'),
+        ("ivataraccount", "0011_auto_20181107_1550"),
     ]
 
     operations = [
         migrations.AddField(
-            model_name='confirmedemail',
-            name='access_count',
+            model_name="confirmedemail",
+            name="access_count",
             field=models.BigIntegerField(default=0, editable=False),
         ),
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='access_count',
+            model_name="confirmedopenid",
+            name="access_count",
             field=models.BigIntegerField(default=0, editable=False),
         ),
     ]

ivatar/ivataraccount/migrations/0013_auto_20181203_1421.py

@@ -6,13 +6,22 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0012_auto_20181107_1732'),
+        ("ivataraccount", "0012_auto_20181107_1732"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='userpreference',
-            name='theme',
-            field=models.CharField(choices=[('default', 'Default theme'), ('clime', 'climes theme'), ('green', 'green theme'), ('red', 'red theme')], default='default', max_length=10),
+            model_name="userpreference",
+            name="theme",
+            field=models.CharField(
+                choices=[
+                    ("default", "Default theme"),
+                    ("clime", "climes theme"),
+                    ("green", "green theme"),
+                    ("red", "red theme"),
+                ],
+                default="default",
+                max_length=10,
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0014_auto_20190218_1602.py

@@ -6,12 +6,15 @@ from django.db import migrations
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0013_auto_20181203_1421'),
+        ("ivataraccount", "0013_auto_20181203_1421"),
     ]
 
     operations = [
         migrations.AlterModelOptions(
-            name='unconfirmedemail',
-            options={'verbose_name': 'unconfirmed email', 'verbose_name_plural': 'unconfirmed emails'},
+            name="unconfirmedemail",
+            options={
+                "verbose_name": "unconfirmed email",
+                "verbose_name_plural": "unconfirmed emails",
+            },
         ),
     ]

ivatar/ivataraccount/migrations/0015_auto_20200225_0934.py

@@ -6,23 +6,23 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0014_auto_20190218_1602'),
+        ("ivataraccount", "0014_auto_20190218_1602"),
     ]
 
     operations = [
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='alt_digest1',
+            model_name="confirmedopenid",
+            name="alt_digest1",
             field=models.CharField(blank=True, default=None, max_length=64, null=True),
         ),
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='alt_digest2',
+            model_name="confirmedopenid",
+            name="alt_digest2",
             field=models.CharField(blank=True, default=None, max_length=64, null=True),
         ),
         migrations.AddField(
-            model_name='confirmedopenid',
-            name='alt_digest3',
+            model_name="confirmedopenid",
+            name="alt_digest3",
             field=models.CharField(blank=True, default=None, max_length=64, null=True),
         ),
     ]

ivatar/ivataraccount/migrations/0016_auto_20210413_0904.py

@@ -6,18 +6,18 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0015_auto_20200225_0934'),
+        ("ivataraccount", "0015_auto_20200225_0934"),
     ]
 
     operations = [
         migrations.AddField(
-            model_name='unconfirmedemail',
-            name='last_send_date',
+            model_name="unconfirmedemail",
+            name="last_send_date",
             field=models.DateTimeField(blank=True, null=True),
         ),
         migrations.AddField(
-            model_name='unconfirmedemail',
-            name='last_status',
+            model_name="unconfirmedemail",
+            name="last_status",
             field=models.TextField(blank=True, max_length=2047, null=True),
         ),
     ]

ivatar/ivataraccount/migrations/0017_auto_20210528_1314.py

@@ -6,43 +6,57 @@ from django.db import migrations, models
 class Migration(migrations.Migration):
 
     dependencies = [
-        ('ivataraccount', '0016_auto_20210413_0904'),
+        ("ivataraccount", "0016_auto_20210413_0904"),
     ]
 
     operations = [
         migrations.AlterField(
-            model_name='confirmedemail',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="confirmedemail",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
         migrations.AlterField(
-            model_name='confirmedopenid',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="confirmedopenid",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
         migrations.AlterField(
-            model_name='openidassociation',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="openidassociation",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
         migrations.AlterField(
-            model_name='openidnonce',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="openidnonce",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
         migrations.AlterField(
-            model_name='photo',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="photo",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
         migrations.AlterField(
-            model_name='unconfirmedemail',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="unconfirmedemail",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
         migrations.AlterField(
-            model_name='unconfirmedopenid',
-            name='id',
-            field=models.BigAutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID'),
+            model_name="unconfirmedopenid",
+            name="id",
+            field=models.BigAutoField(
+                auto_created=True, primary_key=True, serialize=False, verbose_name="ID"
+            ),
         ),
     ]

ivatar/ivataraccount/migrations/0018_alter_photo_format.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.0 on 2024-05-31 15:00
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("ivataraccount", "0017_auto_20210528_1314"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="photo",
+            name="format",
+            field=models.CharField(max_length=4),
+        ),
+    ]

ivatar/ivataraccount/migrations/0019_confirmedemail_bluesky_handle.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.1.5 on 2025-01-27 10:54
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("ivataraccount", "0018_alter_photo_format"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="confirmedemail",
+            name="bluesky_handle",
+            field=models.CharField(blank=True, max_length=256, null=True),
+        ),
+    ]

ivatar/ivataraccount/migrations/0020_confirmedopenid_bluesky_handle.py

@@ -0,0 +1,18 @@
+# Generated by Django 5.1.5 on 2025-01-27 13:33
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("ivataraccount", "0019_confirmedemail_bluesky_handle"),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name="confirmedopenid",
+            name="bluesky_handle",
+            field=models.CharField(blank=True, max_length=256, null=True),
+        ),
+    ]

ivatar/ivataraccount/migrations/0021_add_performance_indexes.py

@@ -0,0 +1,129 @@
+# Generated manually for performance optimization
+
+from typing import Any, List, Tuple, Optional
+from django.db import migrations, connection
+
+
+def create_indexes(apps: Any, schema_editor: Any) -> None:
+    """
+    Create performance indexes for both PostgreSQL and MySQL compatibility.
+    Uses CONCURRENTLY for PostgreSQL production, regular CREATE INDEX for tests/transactions.
+    """
+    db_engine = connection.vendor
+
+    indexes: List[Tuple[str, str, str, Optional[str]]] = [
+        # ConfirmedEmail indexes
+        ("idx_cemail_digest", "ivataraccount_confirmedemail", "digest", None),
+        (
+            "idx_cemail_digest_sha256",
+            "ivataraccount_confirmedemail",
+            "digest_sha256",
+            None,
+        ),
+        (
+            "idx_cemail_access_count",
+            "ivataraccount_confirmedemail",
+            "access_count",
+            None,
+        ),
+        (
+            "idx_cemail_bluesky_handle",
+            "ivataraccount_confirmedemail",
+            "bluesky_handle",
+            "WHERE bluesky_handle IS NOT NULL",
+        ),
+        # Photo indexes
+        ("idx_photo_format", "ivataraccount_photo", "format", None),
+        ("idx_photo_access_count", "ivataraccount_photo", "access_count", None),
+        # Composite indexes
+        (
+            "idx_cemail_user_access",
+            "ivataraccount_confirmedemail",
+            "user_id, access_count",
+            None,
+        ),
+        (
+            "idx_cemail_photo_access",
+            "ivataraccount_confirmedemail",
+            "photo_id, access_count",
+            None,
+        ),
+        ("idx_photo_user_format", "ivataraccount_photo", "user_id, format", None),
+    ]
+
+    with connection.cursor() as cursor:
+        # Check if we're in a transaction (test environment)
+        try:
+            cursor.execute("SELECT 1")
+            in_transaction = connection.in_atomic_block
+        except Exception:
+            in_transaction = True
+
+        for index_name, table_name, columns, where_clause in indexes:
+            try:
+                if db_engine == "postgresql":
+                    # Use CONCURRENTLY only if not in a transaction (production)
+                    # Use regular CREATE INDEX if in a transaction (tests)
+                    if in_transaction:
+                        # In transaction (test environment) - use regular CREATE INDEX
+                        if where_clause:
+                            sql = f"CREATE INDEX IF NOT EXISTS {index_name} ON {table_name}({columns}) {where_clause};"
+                        else:
+                            sql = f"CREATE INDEX IF NOT EXISTS {index_name} ON {table_name}({columns});"
+                    else:
+                        # Not in transaction (production) - use CONCURRENTLY
+                        if where_clause:
+                            sql = f"CREATE INDEX CONCURRENTLY IF NOT EXISTS {index_name} ON {table_name}({columns}) {where_clause};"
+                        else:
+                            sql = f"CREATE INDEX CONCURRENTLY IF NOT EXISTS {index_name} ON {table_name}({columns});"
+                else:
+                    # MySQL and other databases - skip partial indexes
+                    if where_clause:
+                        print(
+                            f"Skipping partial index {index_name} for {db_engine} (not supported)"
+                        )
+                        continue
+                    sql = f"CREATE INDEX IF NOT EXISTS {index_name} ON {table_name}({columns});"
+
+                cursor.execute(sql)
+                print(f"Created index: {index_name}")
+
+            except Exception as e:
+                # Index might already exist or other error - log and continue
+                print(f"Index {index_name} creation skipped: {e}")
+
+
+def drop_indexes(apps: Any, schema_editor: Any) -> None:
+    """
+    Drop the performance indexes.
+    """
+    indexes: List[str] = [
+        "idx_cemail_digest",
+        "idx_cemail_digest_sha256",
+        "idx_cemail_access_count",
+        "idx_cemail_bluesky_handle",
+        "idx_photo_format",
+        "idx_photo_access_count",
+        "idx_cemail_user_access",
+        "idx_cemail_photo_access",
+        "idx_photo_user_format",
+    ]
+
+    with connection.cursor() as cursor:
+        for index_name in indexes:
+            try:
+                cursor.execute(f"DROP INDEX IF EXISTS {index_name};")
+                print(f"Dropped index: {index_name}")
+            except Exception as e:
+                print(f"Index {index_name} drop skipped: {e}")
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ("ivataraccount", "0020_confirmedopenid_bluesky_handle"),
+    ]
+
+    operations = [
+        migrations.RunPython(create_indexes, drop_indexes),
+    ]

ivatar/ivataraccount/models.py

@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 """
 Our models for ivatar.ivataraccount
 """
@@ -9,8 +8,9 @@ import time
 from io import BytesIO
 from os import urandom
 from urllib.error import HTTPError, URLError
-from urllib.request import urlopen
-from urllib.parse import urlsplit, urlunsplit
+from ivatar.utils import urlopen, Bluesky
+from urllib.parse import urlsplit, urlunsplit, quote
+import logging
 
 from PIL import Image
 from django.contrib.auth.models import User
@@ -20,6 +20,7 @@ from django.utils import timezone
 from django.http import HttpResponseRedirect
 from django.urls import reverse_lazy, reverse
 from django.utils.translation import gettext_lazy as _
+from django.core.cache import cache
 from django.core.exceptions import ObjectDoesNotExist
 from django.core.mail import send_mail
 from django.template.loader import render_to_string
@@ -29,13 +30,16 @@ from openid.store.interface import OpenIDStore
 
 from libravatar import libravatar_url
 
-from ivatar.settings import MAX_LENGTH_EMAIL, logger
+from ivatar.settings import MAX_LENGTH_EMAIL
 from ivatar.settings import MAX_PIXELS, AVATAR_MAX_SIZE, JPEG_QUALITY
 from ivatar.settings import MAX_LENGTH_URL
 from ivatar.settings import SECURE_BASE_URL, SITE_NAME, DEFAULT_FROM_EMAIL
 from ivatar.utils import openid_variations
 from .gravatar import get_photo as get_gravatar_photo
 
+# Initialize logger
+logger = logging.getLogger("ivatar")
+
 
 def file_format(image_type):
     """
@@ -124,7 +128,7 @@ class Photo(BaseAccountModel):
 
     ip_address = models.GenericIPAddressField(unpack_ipv4=True)
     data = models.BinaryField()
-    format = models.CharField(max_length=3)
+    format = models.CharField(max_length=4)
     access_count = models.BigIntegerField(default=0, editable=False)
 
     class Meta:  # pylint: disable=too-few-public-methods
@@ -134,6 +138,11 @@ class Photo(BaseAccountModel):
 
         verbose_name = _("photo")
         verbose_name_plural = _("photos")
+        indexes = [
+            models.Index(fields=["format"], name="idx_photo_format"),
+            models.Index(fields=["access_count"], name="idx_photo_access_count"),
+            models.Index(fields=["user_id", "format"], name="idx_photo_user_format"),
+        ]
 
     def import_image(self, service_name, email_address):
         """
@@ -142,8 +151,7 @@ class Photo(BaseAccountModel):
         image_url = False
 
         if service_name == "Gravatar":
-            gravatar = get_gravatar_photo(email_address)
-            if gravatar:
+            if gravatar := get_gravatar_photo(email_address):
                 image_url = gravatar["image_url"]
 
         if service_name == "Libravatar":
@@ -153,15 +161,13 @@ class Photo(BaseAccountModel):
             return False  # pragma: no cover
         try:
             image = urlopen(image_url)
-        # No idea how to test this
-        # pragma: no cover
         except HTTPError as exc:
-            print("%s import failed with an HTTP error: %s" % (service_name, exc.code))
+            logger.warning(
+                f"{service_name} import failed with an HTTP error: {exc.code}"
+            )
             return False
-        # No idea how to test this
-        # pragma: no cover
         except URLError as exc:
-            print("%s import failed: %s" % (service_name, exc.reason))
+            logger.warning(f"{service_name} import failed: {exc.reason}")
             return False
         data = image.read()
 
@@ -173,7 +179,7 @@ class Photo(BaseAccountModel):
 
         self.format = file_format(img.format)
         if not self.format:
-            print("Unable to determine format: %s" % img)  # pragma: no cover
+            logger.warning(f"Unable to determine format: {img}")
             return False  # pragma: no cover
         self.data = data
         super().save()
@@ -188,14 +194,13 @@ class Photo(BaseAccountModel):
         # Use PIL to read the file format
         try:
             img = Image.open(BytesIO(self.data))
-        # Testing? Ideas anyone?
         except Exception as exc:  # pylint: disable=broad-except
             # For debugging only
-            print("Exception caught in Photo.save(): %s" % exc)
+            logger.error(f"Exception caught in Photo.save(): {exc}")
             return False
         self.format = file_format(img.format)
         if not self.format:
-            print("Format not recognized")
+            logger.error("Format not recognized")
             return False
         return super().save(force_insert, force_update, using, update_fields)
 
@@ -266,7 +271,7 @@ class Photo(BaseAccountModel):
         cropped_w, cropped_h = cropped.size
         max_w = AVATAR_MAX_SIZE
         if cropped_w > max_w or cropped_h > max_w:
-            cropped = cropped.resize((max_w, max_w), Image.ANTIALIAS)
+            cropped = cropped.resize((max_w, max_w), Image.LANCZOS)
 
         data = BytesIO()
         cropped.save(data, pil_format(self.format), quality=JPEG_QUALITY)
@@ -301,8 +306,7 @@ class ConfirmedEmailManager(models.Manager):
 
         external_photos = []
         if is_logged_in:
-            gravatar = get_gravatar_photo(confirmed.email)
-            if gravatar:
+            if gravatar := get_gravatar_photo(confirmed.email):
                 external_photos.append(gravatar)
 
         return (confirmed.pk, external_photos)
@@ -322,6 +326,8 @@ class ConfirmedEmail(BaseAccountModel):
         null=True,
         on_delete=models.deletion.SET_NULL,
     )
+    # Alternative assignment - use Bluesky handle
+    bluesky_handle = models.CharField(max_length=256, null=True, blank=True)
     digest = models.CharField(max_length=32)
     digest_sha256 = models.CharField(max_length=64)
     objects = ConfirmedEmailManager()
@@ -334,6 +340,20 @@ class ConfirmedEmail(BaseAccountModel):
 
         verbose_name = _("confirmed email")
         verbose_name_plural = _("confirmed emails")
+        indexes = [
+            models.Index(fields=["digest"], name="idx_cemail_digest"),
+            models.Index(fields=["digest_sha256"], name="idx_cemail_digest_sha256"),
+            models.Index(fields=["access_count"], name="idx_cemail_access_count"),
+            models.Index(fields=["bluesky_handle"], name="idx_cemail_bluesky_handle"),
+            models.Index(
+                fields=["user_id", "access_count"],
+                name="idx_cemail_user_access",
+            ),
+            models.Index(
+                fields=["photo_id", "access_count"],
+                name="idx_cemail_photo_access",
+            ),
+        ]
 
     def set_photo(self, photo):
         """
@@ -342,6 +362,19 @@ class ConfirmedEmail(BaseAccountModel):
         self.photo = photo
         self.save()
 
+    def set_bluesky_handle(self, handle):
+        """
+        Helper method to set Bluesky handle
+        """
+
+        bs = Bluesky()
+        handle = bs.normalize_handle(handle)
+        avatar = bs.get_profile(handle)
+        if not avatar:
+            raise ValueError("Invalid Bluesky handle")
+        self.bluesky_handle = handle
+        self.save()
+
     def save(
         self, force_insert=False, force_update=False, using=None, update_fields=None
     ):
@@ -354,6 +387,39 @@ class ConfirmedEmail(BaseAccountModel):
         self.digest_sha256 = hashlib.sha256(
             self.email.strip().lower().encode("utf-8")
         ).hexdigest()
+
+        # We need to manually expire the page caches
+        # TODO: Verify this works as expected
+        # First check if we already have an ID
+        if self.pk:
+            cache_url = reverse_lazy(
+                "assign_photo_email", kwargs={"email_id": int(self.pk)}
+            )
+
+            cache_key = f"views.decorators.cache.cache_page.{quote(str(cache_url))}"
+            try:
+                if cache.has_key(cache_key):
+                    cache.delete(cache_key)
+                    logger.debug("Successfully cleaned up cached page: %s" % cache_key)
+            except Exception as exc:
+                logger.warning(
+                    "Failed to clean up cached page {}: {}".format(cache_key, exc)
+                )
+
+            # Invalidate Bluesky avatar URL cache if bluesky_handle changed
+            if hasattr(self, "bluesky_handle") and self.bluesky_handle:
+                try:
+                    cache.delete(self.bluesky_handle)
+                    logger.debug(
+                        "Successfully cleaned up Bluesky avatar cache for handle: %s"
+                        % self.bluesky_handle
+                    )
+                except Exception as exc:
+                    logger.warning(
+                        "Failed to clean up Bluesky avatar cache for handle %s: %s"
+                        % (self.bluesky_handle, exc)
+                    )
+
         return super().save(force_insert, force_update, using, update_fields)
 
     def __str__(self):
@@ -388,9 +454,7 @@ class UnconfirmedEmail(BaseAccountModel):
                 + self.user.username.encode("utf-8")  # pylint: disable=no-member
             )  # pylint: disable=no-member
             self.verification_key = hash_object.hexdigest()
-        super(UnconfirmedEmail, self).save(
-            force_insert, force_update, using, update_fields
-        )
+        super().save(force_insert, force_update, using, update_fields)
 
     def send_confirmation_mail(self, url=SECURE_BASE_URL):
         """
@@ -414,7 +478,7 @@ class UnconfirmedEmail(BaseAccountModel):
         try:
             send_mail(email_subject, email_body, DEFAULT_FROM_EMAIL, [self.email])
         except Exception as e:
-            self.last_status = "%s" % e
+            self.last_status = f"{e}"
         self.save()
         return True
 
@@ -463,6 +527,8 @@ class ConfirmedOpenId(BaseAccountModel):
     alt_digest2 = models.CharField(max_length=64, null=True, blank=True, default=None)
     # https://<id> - https w/o trailing slash
     alt_digest3 = models.CharField(max_length=64, null=True, blank=True, default=None)
+    # Alternative assignment - use Bluesky handle
+    bluesky_handle = models.CharField(max_length=256, null=True, blank=True)
 
     access_count = models.BigIntegerField(default=0, editable=False)
 
@@ -481,13 +547,25 @@ class ConfirmedOpenId(BaseAccountModel):
         self.photo = photo
         self.save()
 
+    def set_bluesky_handle(self, handle):
+        """
+        Helper method to set Bluesky handle
+        """
+        bs = Bluesky()
+        handle = bs.normalize_handle(handle)
+        avatar = bs.get_profile(handle)
+        if not avatar:
+            raise ValueError("Invalid Bluesky handle")
+        self.bluesky_handle = handle
+        self.save()
+
     def save(
         self, force_insert=False, force_update=False, using=None, update_fields=None
     ):
         url = urlsplit(self.openid)
         if url.username:  # pragma: no cover
             password = url.password or ""
-            netloc = url.username + ":" + password + "@" + url.hostname
+            netloc = f"{url.username}:{password}@{url.hostname}"
         else:
             netloc = url.hostname
         lowercase_url = urlunsplit(
@@ -508,6 +586,36 @@ class ConfirmedOpenId(BaseAccountModel):
             openid_variations(lowercase_url)[3].encode("utf-8")
         ).hexdigest()
 
+        # Invalidate page caches and Bluesky avatar cache
+        if self.pk:
+            # Invalidate assign_photo_openid page cache
+            cache_url = reverse_lazy(
+                "assign_photo_openid", kwargs={"openid_id": int(self.pk)}
+            )
+            cache_key = f"views.decorators.cache.cache_page.{quote(str(cache_url))}"
+            try:
+                if cache.has_key(cache_key):
+                    cache.delete(cache_key)
+                    logger.debug("Successfully cleaned up cached page: %s" % cache_key)
+            except Exception as exc:
+                logger.warning(
+                    "Failed to clean up cached page {}: {}".format(cache_key, exc)
+                )
+
+            # Invalidate Bluesky avatar URL cache if bluesky_handle exists
+            if hasattr(self, "bluesky_handle") and self.bluesky_handle:
+                try:
+                    cache.delete(self.bluesky_handle)
+                    logger.debug(
+                        "Successfully cleaned up Bluesky avatar cache for handle: %s"
+                        % self.bluesky_handle
+                    )
+                except Exception as exc:
+                    logger.warning(
+                        "Failed to clean up Bluesky avatar cache for handle %s: %s"
+                        % (self.bluesky_handle, exc)
+                    )
+
         return super().save(force_insert, force_update, using, update_fields)
 
     def __str__(self):
@@ -607,9 +715,7 @@ class DjangoOpenIDStore(OpenIDStore):
                 self.removeAssociation(server_url, assoc.handle)
             else:
                 associations.append((association.issued, association))
-        if not associations:
-            return None
-        return associations[-1][1]
+        return associations[-1][1] if associations else None
 
     @staticmethod
     def removeAssociation(server_url, handle):  # pragma: no cover
@@ -662,6 +768,6 @@ class DjangoOpenIDStore(OpenIDStore):
         """
         Helper method to cleanup associations
         """
-        OpenIDAssociation.objects.extra(  # pylint: disable=no-member
-            where=["issued + lifetimeint < (%s)" % time.time()]
+        OpenIDAssociation.objects.extra(
+            where=[f"issued + lifetimeint < ({time.time()})"]
         ).delete()

ivatar/ivataraccount/read_libravatar_export.py

@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 """
 Reading libravatar export
 """
@@ -32,8 +31,6 @@ def read_gzdata(gzdata=None):
     """
     Read gzipped data file
     """
-    emails = []  # pylint: disable=invalid-name
-    openids = []  # pylint: disable=invalid-name
     photos = []  # pylint: disable=invalid-name
     username = None  # pylint: disable=invalid-name
     password = None  # pylint: disable=invalid-name
@@ -45,8 +42,8 @@ def read_gzdata(gzdata=None):
     content = fh.read()
     fh.close()
     root = xml.etree.ElementTree.fromstring(content)
-    if not root.tag == "{%s}user" % SCHEMAROOT:
-        print("Unknown export format: %s" % root.tag)
+    if root.tag != "{%s}user" % SCHEMAROOT:
+        print(f"Unknown export format: {root.tag}")
         exit(-1)
 
     # Username
@@ -56,23 +53,21 @@ def read_gzdata(gzdata=None):
         if item[0] == "password":
             password = item[1]
 
-    # Emails
-    for email in root.findall("{%s}emails" % SCHEMAROOT)[0]:
-        if email.tag == "{%s}email" % SCHEMAROOT:
-            emails.append({"email": email.text, "photo_id": email.attrib["photo_id"]})
-
-    # OpenIDs
-    for openid in root.findall("{%s}openids" % SCHEMAROOT)[0]:
-        if openid.tag == "{%s}openid" % SCHEMAROOT:
-            openids.append(
-                {"openid": openid.text, "photo_id": openid.attrib["photo_id"]}
-            )
-
+    emails = [
+        {"email": email.text, "photo_id": email.attrib["photo_id"]}
+        for email in root.findall("{%s}emails" % SCHEMAROOT)[0]
+        if email.tag == "{%s}email" % SCHEMAROOT
+    ]
+    openids = [
+        {"openid": openid.text, "photo_id": openid.attrib["photo_id"]}
+        for openid in root.findall("{%s}openids" % SCHEMAROOT)[0]
+        if openid.tag == "{%s}openid" % SCHEMAROOT
+    ]
     # Photos
     for photo in root.findall("{%s}photos" % SCHEMAROOT)[0]:
         if photo.tag == "{%s}photo" % SCHEMAROOT:
             try:
-                # Safty measures to make sure we do not try to parse
+                # Safety measures to make sure we do not try to parse
                 # a binary encoded string
                 photo.text = photo.text.strip("'")
                 photo.text = photo.text.strip("\\n")
@@ -80,26 +75,14 @@ def read_gzdata(gzdata=None):
                 data = base64.decodebytes(bytes(photo.text, "utf-8"))
             except binascii.Error as exc:
                 print(
-                    "Cannot decode photo; Encoding: %s, Format: %s, Id: %s: %s"
-                    % (
-                        photo.attrib["encoding"],
-                        photo.attrib["format"],
-                        photo.attrib["id"],
-                        exc,
-                    )
+                    f'Cannot decode photo; Encoding: {photo.attrib["encoding"]}, Format: {photo.attrib["format"]}, Id: {photo.attrib["id"]}: {exc}'
                 )
                 continue
             try:
                 Image.open(BytesIO(data))
             except Exception as exc:  # pylint: disable=broad-except
                 print(
-                    "Cannot decode photo; Encoding: %s, Format: %s, Id: %s: %s"
-                    % (
-                        photo.attrib["encoding"],
-                        photo.attrib["format"],
-                        photo.attrib["id"],
-                        exc,
-                    )
+                    f'Cannot decode photo; Encoding: {photo.attrib["encoding"]}, Format: {photo.attrib["format"]}, Id: {photo.attrib["id"]}: {exc}'
                 )
                 continue
             else:

ivatar/ivataraccount/templates/_import_photo_form.html

@@ -12,23 +12,24 @@
     {% endif %}
       <div class="row">
       {% for photo in photos %}
-<div class="panel panel-tortin" style="width:182px;float:left;margin-left:20px">
-  <div class="panel-heading">
-    <h3 class="panel-title">
-<input type="checkbox" name="photo_{{photo.service_name}}" id="photo_{{photo.service_name}}" checked="checked">
-<label for="photo_{{photo.service_name}}" style="width:100%">
-{{ photo.service_name }}
-{% if photo.service_url %}
-        <a href="{{ photo.service_url }}" style="float:right;color:#FFFFFF"><i class="fa fa-external-link"></i></a>
-        {% endif %}
-</label>
-</h3></div>
-  <div class="panel-body">
-        <center>
-          <img src="{{ photo.thumbnail_url }}" style="max-width: 80px; max-height: 80px;" alt="{{ photo.service_name }} image">
-        </center>
-</div>
-</div>
+        <div class="panel panel-tortin" style="width:182px;float:left;margin-left:20px">
+          <div class="panel-heading">
+            <h3 class="panel-title">
+              <input type="checkbox" name="photo_{{photo.service_name}}" id="photo_{{photo.service_name}}" checked="checked">
+              <label for="photo_{{photo.service_name}}" style="width:100%">
+                {{ photo.service_name }}
+                {% if photo.service_url %}
+                  <a href="{{ photo.service_url }}" style="float:right;color:#FFFFFF"><i class="fa-solid fa-up-right-from-square"></i></a>
+                {% endif %}
+              </label>
+            </h3>
+          </div>
+          <div class="panel-body">
+            <center>
+              <img src="{{ photo.thumbnail_url }}" style="max-width: 80px; max-height: 80px;" alt="{{ photo.service_name }} image">
+            </center>
+          </div>
+        </div>
       {% endfor %}
       </div>
       <p>

ivatar/ivataraccount/templates/add_email.html

@@ -17,15 +17,17 @@
 {% if form.email.errors %}
 <div class="alert alert-danger" role="alert">{{ form.email.errors }}</div>
 {% endif %}
-<div style="max-width:640px">
+<div class="form-container">
 <form action="{% url 'add_email' %}" name="addemail" method="post" id="form-addemail">
 {% csrf_token %}
 
 <div class="form-group">
-<label for="id_email">{% trans 'Email' %}:</label>
-<input type="text" name="email" autofocus required class="form-control" id="id_email">
+<label for="id_email" class="form-label">{% trans 'Email' %}</label>
+<input type="email" name="email" autofocus required class="form-control" id="id_email" placeholder="{% trans 'Enter your email address' %}">
+</div>
+<div class="button-group">
+  <button type="submit" class="btn btn-primary">{% trans 'Add' %}</button>
 </div>
-<button type="submit" class="button">{% trans 'Add' %}</button>
 
 </form>
 </div>

ivatar/ivataraccount/templates/add_openid.html

@@ -1,4 +1,4 @@
-{% extends 'base.html' %}                                                                                                                      
+{% extends 'base.html' %}
 {% load i18n %}
 
 {% block title %}{% trans 'Add a new OpenID' %}{% endblock title %}

ivatar/ivataraccount/templates/assign_photo_email.html

@@ -4,65 +4,81 @@
 {% block title %}{% blocktrans with email.email as email_address %}Choose a photo for {{ email_address }}{% endblocktrans %}{% endblock title %}
 
 {% block content %}
-<style>
-.nobutton {
-background: none;
-color: inherit;
-border: none;
-padding: 0;
-font: inherit;
-cursor: pointer;
-outline: inherit;
-}
-</style>
 <h1>{% blocktrans with email.email as email_address %}Choose a photo for {{ email_address }}{% endblocktrans %}</h1>
 
-{% if not user.photo_set.count %}
-
-{% url 'upload_photo' as upload_url %}
-<h4>{% blocktrans %}You need to <a href="{{ upload_url }}">upload some photos</a> first!{% endblocktrans %}</h4>
-
-<p><a href="{% url 'profile' %}" class="button">{% trans 'Back to your profile' %}</a></p>
-
-{% else %}
-
-<p>{% trans 'Here are the pictures you have uploaded, click on the one you wish to associate with this email address:' %}</p>
-<div class="row">
-{% for photo in user.photo_set.all %}
-  <form action="{% url 'assign_photo_email' view.kwargs.email_id %}" method="post" style="float:left;margin-left:20px">{% csrf_token %}
-  <input type="hidden" name="photo_id" value="{{ photo.id }}">
-  <button type="submit" name="photo{{ photo.id }}" class="nobutton">
-<div class="panel panel-tortin" style="width:132px;margin:0">
-  <div class="panel-heading">
-    <h3 class="panel-title">{% if email.photo.id == photo.id %}<i class="fa fa-check"></i>{% endif %} {% trans 'Image' %} {{ forloop.counter }}</h3>
-</div>
-  <div class="panel-body" style="height:130px">
-        <center>
-            <img style="max-height:100px;max-width:100px" src="{% url 'raw_image' photo.id %}">
-        </center>
-</div>
-</div>
-</button>
-  </form>
-{% endfor %}
-  <form action="{% url 'assign_photo_email' view.kwargs.email_id %}" method="post" style="float:left;margin-left:20px">{% csrf_token %}
-<button type="submit" name="photoNone" class="nobutton">
-<div class="panel panel-tortin" style="width:132px;margin:0">
-  <div class="panel-heading">
-    <h3 class="panel-title">{% if email.photo.id == photo.id %}<i class="fa fa-check"></i>{% endif %} {% trans 'No image' %}</h3>
-</div>
-  <div class="panel-body" style="height:130px">
-        <center>
-            <img style="max-height:100px;max-width:100px" src="/static/img/nobody/100.png">
-        </center>
-</div>
-</div>
-</button>
-  </form>
-</div>
-<div style="height:8px"></div>
-  <a href="{% url 'upload_photo' %}" class="button">{% blocktrans %}Upload a new one{% endblocktrans %}</a>&nbsp;&nbsp;
-  <a href="{% url 'import_photo' email.pk %}" class="button">{% blocktrans %}Import from other services{% endblocktrans %}</a>
+{% if user.photo_set.count %}
+  <p>{% trans 'Here are the pictures you have uploaded, click on the one you wish to associate with this email address:' %}</p>
+  <div class="photo-grid">
+    {% for photo in user.photo_set.all %}
+      <form action="{% url 'assign_photo_email' view.kwargs.email_id %}" method="post" class="photo-card">{% csrf_token %}
+        <input type="hidden" name="photo_id" value="{{ photo.id }}">
+        <button type="submit" name="photo{{ photo.id }}" class="nobutton">
+          <div class="panel panel-tortin">
+            <div class="panel-heading">
+              <h3 class="panel-title">{% if email.photo.id == photo.id %}<i class="fa-solid fa-check"></i>{% endif %} {% trans 'Image' %} {{ forloop.counter }}</h3>
+            </div>
+            <div class="panel-body" style="height:130px">
+              <center>
+                <img style="max-height:100px;max-width:100px" src="{% url 'raw_image' photo.id %}">
+              </center>
+            </div>
+          </div>
+        </button>
+      </form>
+    {% endfor %}
+  </div>
 {% endif %}
-<div style="height:40px"></div>
+
+<div class="photo-grid">
+  <form action="{% url 'assign_photo_email' view.kwargs.email_id %}" method="post" class="photo-card">{% csrf_token %}
+    <button type="submit" name="photoNone" class="nobutton">
+      <div class="panel panel-tortin">
+        <div class="panel-heading">
+          <h3 class="panel-title">{% if email.photo.id == photo.id %}{% if not email.bluesky_handle %}<i class="fa-solid fa-check"></i>{% endif %}{% endif %} {% trans 'No image' %}</h3>
+        </div>
+        <div class="panel-body" style="height:130px">
+              <center>
+                  <img style="max-height:100px;max-width:100px" src="/static/img/nobody/100.png">
+              </center>
+        </div>
+      </div>
+    </button>
+  </form>
+  {% if email.bluesky_handle %}
+  <form action="{% url 'assign_photo_email' view.kwargs.email_id %}" method="post" class="photo-card">{% csrf_token %}
+    <input type="hidden" name="photo_id" value="bluesky">
+    <button type="submit" name="photoBluesky" class="nobutton">
+      <div class="panel panel-tortin">
+        <div class="panel-heading">
+          <h3 class="panel-title">{% if email.bluesky_handle %}<i class="fa-solid fa-check"></i>{% endif %} {% trans "Bluesky" %}</h3>
+        </div>
+        <div class="panel-body" style="height:130px">
+          <center>
+            <img style="max-height:100px;max-width:100px" src="{% url "blueskyproxy" email.digest %}?size=100">
+          </center>
+        </div>
+      </div>
+    </button>
+  </form>
+  {% endif %}
+</div>
+
+<div class="action-buttons">
+  <a href="{% url 'upload_photo' %}" class="btn btn-primary">{% blocktrans %}Upload a new one{% endblocktrans %}</a>
+  <a href="{% url 'import_photo' %}" class="btn btn-secondary">{% blocktrans %}Import from other services{% endblocktrans %}</a>
+</div>
+
+<div style="margin-top: 2rem;">
+  <form action="{% url 'assign_bluesky_handle_to_email' view.kwargs.email_id %}" method="post">{% csrf_token %}
+    <div class="form-group">
+      <label for="id_bluesky_handle">{% trans "Bluesky handle" %}:</label>
+      {% if email.bluesky_handle %}
+        <input type="text" name="bluesky_handle" required value="{{ email.bluesky_handle }}" class="form-control" id="id_bluesky_handle">
+      {% else %}
+        <input type="text" name="bluesky_handle" required value="" placeholder="{% trans 'Bluesky handle' %}" class="form-control" id="id_bluesky_handle">
+      {% endif %}
+    </div>
+    <button type="submit" class="btn btn-primary">{% trans 'Assign Bluesky handle' %}</button>
+  </form>
+</div>
 {% endblock content %}

ivatar/ivataraccount/templates/assign_photo_openid.html

@@ -4,65 +4,78 @@
 {% block title %}{% blocktrans with openid.openid as openid_address %}Choose a photo for {{ openid_address }}{% endblocktrans %}{% endblock title %}
 
 {% block content %}
-<style>
-.nobutton {
-background: none;
-color: inherit;
-border: none;
-padding: 0;
-font: inherit;
-cursor: pointer;
-outline: inherit;
-}
-</style>
 <h1>{% blocktrans with openid.openid as openid_address %}Choose a photo for {{ openid_address }}{% endblocktrans %}</h1>
 
-{% if not user.photo_set.count %}
-
-{% url 'upload_photo' as upload_url %}
-<h3>{% blocktrans %}You need to <a href="{{ upload_url }}">upload some photos</a> first!{% endblocktrans %}</h3>
-
-<p><a href="{% url 'profile' %}" class="button">{% trans 'Back to your profile' %}</a></p>
-
-{% else %}
-
-<p>{% trans 'Here are the pictures you have uploaded, click on the one you wish to associate with this openid address:' %}</p>
-<div class="row">
-{% for photo in user.photo_set.all %}
-<form action="{% url 'assign_photo_openid' view.kwargs.openid_id %}" method="post" style="float:left;margin-left:20px">{% csrf_token %}
-  <input type="hidden" name="photo_id" value="{{ photo.id }}">
-  <button type="submit" name="photo{{ photo.id }}" class="nobutton">
-<div class="panel panel-tortin" style="width:132px;margin:0">
-  <div class="panel-heading">
-    <h3 class="panel-title">{% if openid.photo.id == photo.id %}<i class="fa fa-check"></i>{% endif %} {% trans 'Image' %} {{ forloop.counter }}</h3>
-</div>
-  <div class="panel-body" style="height:130px">
-        <center>
-            <img style="max-height:100px;max-width:100px" src="{% url 'raw_image' photo.id %}">
-        </center>
-</div>
-</div>
-</button>
-  </form>
-{% endfor %}
-<form action="{% url 'assign_photo_openid' view.kwargs.openid_id %}" method="post" style="float:left;margin-left:20px">{% csrf_token %}
-<button type="submit" name="photoNone" class="nobutton">
-<div class="panel panel-tortin" style="width:132px;margin:0">
-  <div class="panel-heading">
-    <h3 class="panel-title">{% if openid.photo.id == photo.id %}<i class="fa fa-check"></i>{% endif %} {% trans 'No image' %}</h3>
-</div>
-  <div class="panel-body" style="height:130px">
-        <center>
-            <img style="max-height:100px;max-width:100px" src="/static/img/nobody/100.png">
-        </center>
-</div>
-</div>
-</button>
-  </form>
-</div>
-<div style="height:8px"></div>
-<a href="{% url 'upload_photo' %}" class="button">{% blocktrans %}upload a new one{% endblocktrans %}</a>
-
+{% if user.photo_set.count %}
+  <p>{% trans 'Here are the pictures you have uploaded, click on the one you wish to associate with this openid address:' %}</p>
+  <div class="photo-grid">
+  {% for photo in user.photo_set.all %}
+  <form action="{% url 'assign_photo_openid' view.kwargs.openid_id %}" method="post" class="photo-card">{% csrf_token %}
+    <input type="hidden" name="photo_id" value="{{ photo.id }}">
+    <button type="submit" name="photo{{ photo.id }}" class="nobutton">
+  <div class="panel panel-tortin">
+    <div class="panel-heading">
+      <h3 class="panel-title">{% if openid.photo.id == photo.id %}<i class="fa-solid fa-check"></i>{% endif %} {% trans 'Image' %} {{ forloop.counter }}</h3>
+  </div>
+    <div class="panel-body" style="height:130px">
+          <center>
+              <img style="max-height:100px;max-width:100px" src="{% url 'raw_image' photo.id %}">
+          </center>
+  </div>
+  </div>
+  </button>
+    </form>
+  {% endfor %}
+  </div>
 {% endif %}
-<div style="height:40px"></div>
+
+<div class="photo-grid">
+  <form action="{% url 'assign_photo_openid' view.kwargs.openid_id %}" method="post" class="photo-card">{% csrf_token %}
+    <button type="submit" name="photoNone" class="nobutton">
+      <div class="panel panel-tortin">
+        <div class="panel-heading">
+          <h3 class="panel-title">{% if not openid.photo and not openid.bluesky_handle %}<i class="fa-solid fa-check"></i>{% endif %} {% trans 'No image' %}</h3>
+        </div>
+        <div class="panel-body" style="height:130px">
+          <center>
+            <img style="max-height:100px;max-width:100px" src="/static/img/nobody/100.png">
+          </center>
+        </div>
+      </div>
+    </button>
+  </form>
+  {% if openid.bluesky_handle %}
+  <form action="" class="photo-card">
+    <div class="panel panel-tortin">
+      <div class="panel-heading">
+        <h3 class="panel-title"><i class="fa-solid fa-check"></i> {% trans "Bluesky" %}</h3>
+      </div>
+      <div class="panel-body" style="height:130px">
+            <center>
+                <img style="max-height:100px;max-width:100px" src="{% url "blueskyproxy" openid.digest %}?size=100">
+            </center>
+      </div>
+    </div>
+  </form>
+  {% endif %}
+</div>
+
+<div class="action-buttons">
+  <a href="{% url 'upload_photo' %}" class="btn btn-primary">{% blocktrans %}upload a new one{% endblocktrans %}</a>
+  <a href="{% url 'import_photo' %}" class="btn btn-secondary">{% blocktrans %}Import from other services{% endblocktrans %}</a>
+</div>
+
+<div style="margin-top: 2rem;">
+  <form action="{% url 'assign_bluesky_handle_to_openid' view.kwargs.openid_id %}" method="post">{% csrf_token %}
+    <div class="form-group">
+      <label for="id_bluesky_handle">{% trans "Bluesky handle" %}:</label>
+      {% if openid.bluesky_handle %}
+        <input type="text" name="bluesky_handle" required value="{{ openid.bluesky_handle }}" class="form-control" id="id_bluesky_handle">
+      {% else %}
+        <input type="text" name="bluesky_handle" required value="" placeholder="{% trans 'Bluesky handle' %}" class="form-control" id="id_bluesky_handle">
+      {% endif %}
+    </div>
+    <button type="submit" class="btn btn-primary">{% trans 'Assign Bluesky handle' %}</button>
+  </form>
+</div>
 {% endblock content %}

ivatar/ivataraccount/templates/choose_libravatar_export.html

@@ -8,12 +8,13 @@
 <style>
 input[type=checkbox] {display:none}
 input[type=checkbox].image + label:before {
-font-family: FontAwesome;
+font-family: "Font Awesome 7 Free";
+font-weight: 900;
 display: inline-block;
 }
-input[type=checkbox].image + label:before {content: "\f096"}
+input[type=checkbox].image + label:before {content: "\f0c8"}
 input[type=checkbox].image + label:before {letter-spacing: 5px}
-input[type=checkbox].image:checked + label:before {content: "\f046"}
+input[type=checkbox].image:checked + label:before {content: "\f14a"}
 input[type=checkbox].image:checked + label:before {letter-spacing: 3px}
 </style>
   <h1>{% trans 'Choose items to be imported' %}</h1>

ivatar/ivataraccount/templates/crop_photo.html

@@ -1,4 +1,4 @@
-{% extends 'base.html' %}                                                                                                                      
+{% extends 'base.html' %}
 {% load i18n %}
 {% load static %}
 

ivatar/ivataraccount/templates/delete.html

@@ -1,4 +1,4 @@
-{% extends 'base.html' %}                                                                                                                      
+{% extends 'base.html' %}
 {% load i18n %}
 {% load static %}
 
@@ -27,7 +27,7 @@
 
 <button type="submit" class="btn btn-danger">{% trans 'Yes, delete all of my stuff' %}</button>
 &nbsp;
-<button type="cancel" class="button" href="{% url 'profile' %}">{% trans 'Cancel' %}</button>
+<a href="{% url 'profile' %}" class="btn btn-secondary">{% trans 'Cancel' %}</a>
 
 </form>
 

ivatar/ivataraccount/templates/email_confirmation.txt

@@ -1,4 +1,4 @@
-{% load i18n %}{% blocktrans %}Someone, probably you, requested that this email address be added to their                                      
+{% load i18n %}{% blocktrans %}Someone, probably you, requested that this email address be added to their
 {{ site_name }} account.
 
 If that's what you want, please confirm that you are the owner of this

ivatar/ivataraccount/templates/email_confirmed.html

@@ -7,12 +7,13 @@
 <style>
 input[type=checkbox] {display:none}
 input[type=checkbox] + label:before {
-font-family: FontAwesome;
+font-family: "Font Awesome 7 Free";
+font-weight: 900;
 display: inline-block;
 }
-input[type=checkbox] + label:before {content: "\f096"}
+input[type=checkbox] + label:before {content: "\f0c8"}
 input[type=checkbox] + label:before {letter-spacing: 5px}
-input[type=checkbox]:checked + label:before {content: "\f046"}
+input[type=checkbox]:checked + label:before {content: "\f14a"}
 input[type=checkbox]:checked + label:before {letter-spacing: 3px}
 </style>
 <h1>{% trans 'Email confirmation' %}</h1>

ivatar/ivataraccount/templates/import_photo.html

@@ -5,37 +5,38 @@
 
 {% block content %}
 <style>
-input[type=checkbox] {display:none}
-input[type=checkbox] + label:before {
-font-family: FontAwesome;
-display: inline-block;
-}
-input[type=checkbox] + label:before {content: "\f096"}
-input[type=checkbox] + label:before {letter-spacing: 5px}
-input[type=checkbox]:checked + label:before {content: "\f046"}
-input[type=checkbox]:checked + label:before {letter-spacing: 3px}
+  input[type=checkbox] {display:none}
+  input[type=checkbox] + label:before {
+    font-family: "Font Awesome 7 Free";
+    font-weight: 900;
+    display: inline-block;
+  }
+  input[type=checkbox] + label:before {content: "\f0c8"}
+  input[type=checkbox] + label:before {letter-spacing: 5px}
+  input[type=checkbox]:checked + label:before {content: "\f14a"}
+  input[type=checkbox]:checked + label:before {letter-spacing: 3px}
 </style>
 <h1>{% trans 'Import photo' %}</h1>
 
 {% if not email_id %}
-<div style="max-width:640px">
-  <form action="{% url 'import_photo' %}" method="get" id="check_mail_form">
-<div class="form-group">
-    <label for="check_email_addr">{% trans 'Email Address' %}</label>
-    <input type="text" name="check_email_addr" class="form-control" value="{{ email_addr }}">
-</div>
-<div class="form-group">
-      <button type="submit" class="button">{% trans 'Check' %}</button>
-</div>
-  </form>
-  <script>
-    document.getElementById('check_mail_form').onsubmit = 
-      function(self) {
-        window.location.href = "{% url 'import_photo' %}" + document.getElementsByName('check_email_addr')[0].value;
-        return false;
-    };
-  </script>
-</div>
+  <div style="max-width:640px">
+    <form action="{% url 'import_photo' %}" method="get" id="check_mail_form">
+      <div class="form-group">
+        <label for="check_email_addr">{% trans 'Email Address' %}</label>
+        <input type="text" name="check_email_addr" class="form-control" value="{{ email_addr }}">
+      </div>
+      <div class="form-group">
+        <button type="submit" class="button">{% trans 'Check' %}</button>
+      </div>
+    </form>
+    <script>
+      document.getElementById('check_mail_form').onsubmit =
+        function(self) {
+          window.location.href = "{% url 'import_photo' %}" + document.getElementsByName('check_email_addr')[0].value;
+          return false;
+      };
+    </script>
+  </div>
 {% endif %}
 
 {% include '_import_photo_form.html' %}

ivatar/ivataraccount/templates/login.html

@@ -18,24 +18,28 @@
 {% if form.password.errors %}
 <div class="alert alert-danger" role="alert">{{ form.password.errors }}</div>
 {% endif %}
-<div style="max-width:700px">
+<div class="form-container">
 <form action="{% url 'login' %}" method="post" name="login">
 {% csrf_token %}
+{% if next %}<input type="hidden" name="next" value="{{ next }}">{% endif %}
 <div class="form-group">
-<label for="id_username">{% trans 'Username' %}:</label>
-<input type="text" name="username" autofocus required class="form-control" id="id_username">
+<label for="id_username" class="form-label">{% trans 'Username' %}</label>
+<input type="text" name="username" autofocus required class="form-control" id="id_username" placeholder="{% trans 'Enter your username' %}">
 </div>
 <div class="form-group">
-<label for="id_password">{% trans 'Password' %}:</label>
-<input type="password" name="password" class="form-control" required id="id_password">
+<label for="id_password" class="form-label">{% trans 'Password' %}</label>
+<input type="password" name="password" class="form-control" required id="id_password" placeholder="{% trans 'Enter your password' %}">
+</div>
+
+<div class="button-group">
+  <button type="submit" class="btn btn-primary">{% trans 'Login' %}</button>
+  <a href="{% url 'openid-login' %}" class="btn btn-secondary">{% trans 'Login with OpenID' %}</a>
+  {% if with_fedora %}
+  <a href="{% url "social:begin" "fedora" %}" class="btn btn-secondary">{% trans 'Login with Fedora' %}</a>
+  {% endif %}
+  <a href="{% url 'new_account' %}" class="btn btn-secondary">{% trans 'Create new user' %}</a>
+  <a href="{% url 'password_reset' %}" class="btn btn-secondary">{% trans 'Password reset' %}</a>
 </div>
-  <button type="submit" class="button">{% trans 'Login' %}</button>
-  &nbsp;
-  <a href="{% url 'openid-login' %}" class="button">{% trans 'Login with OpenID' %}</a>
-  &nbsp;
-  <a href="{% url 'new_account' %}" class="button">{% trans 'Create new user' %}</a>
-  &nbsp;
-  <a href="{% url 'password_reset' %}" class="button">{% trans 'Password reset' %}</a>
 </form>
 </div>
 <div style="height:40px"></div>

ivatar/ivataraccount/templates/new.html

@@ -1,4 +1,4 @@
-{% extends 'base.html' %}                                                                                                                      
+{% extends 'base.html' %}
 {% load i18n %}
 
 {% block title %}{% trans 'Create a new ivatar account' %}{% endblock title %}
@@ -16,22 +16,25 @@
 {% if form.password2.errors %}
 <div class="alert alert-danger" role="alert">{{ form.password2.errors }}</div>
 {% endif %}
+<div class="form-container">
 <form action="{% url 'new_account' %}" method="post" name="newaccount">
 {% csrf_token %}
-<div style="max-width:640px">
 <div class="form-group">
-<label for="id_username">{% trans 'Username' %}:</label>
-<input type="text" name="username" autofocus required class="form-control" id="id_username">
+<label for="id_username" class="form-label">{% trans 'Username' %}</label>
+<input type="text" name="username" autofocus required class="form-control" id="id_username" placeholder="{% trans 'Choose a username' %}">
 </div>
 <div class="form-group">
-<label for="id_password1">{% trans 'Password' %}:</label>
-<input type="password" name="password1" class="form-control" required id="id_password1">
+<label for="id_password1" class="form-label">{% trans 'Password' %}</label>
+<input type="password" name="password1" class="form-control" required id="id_password1" placeholder="{% trans 'Enter a secure password' %}">
 </div>
 <div class="form-group">
-<label for="id_password2">{% trans 'Password confirmation' %}:</label>
-<input type="password" name="password2" class="form-control" required id="id_password2">
+<label for="id_password2" class="form-label">{% trans 'Password confirmation' %}</label>
+<input type="password" name="password2" class="form-control" required id="id_password2" placeholder="{% trans 'Confirm your password' %}">
+</div>
+<div class="button-group">
+  <button type="submit" class="btn btn-primary">{% trans 'Create account' %}</button>
+  <a href="/accounts/login/" class="btn btn-secondary">{% trans 'Login' %}</a>
 </div>
-<button type="submit" class="button">{% trans 'Create account' %}</button> or <a href="/accounts/login/" class="button">{% trans 'Login' %}</a>
 </form>
 </div>
 <div style="height:40px"></div>

ivatar/ivataraccount/templates/password_change.html

@@ -1,4 +1,4 @@
-{% extends 'base.html' %}                                                                                                                      
+{% extends 'base.html' %}
 {% load i18n %}
 
 {% block title %}{% trans 'Change your ivatar password' %}{% endblock title %}

ivatar/ivataraccount/templates/password_reset.html

@@ -8,17 +8,18 @@
 <h1>{% trans 'Reset password' %}</h1>
 
 <p>{% trans 'To continue with the password reset, enter one of the email addresses associated with your account.' %}</p>
-<div style="max-width:640px">
+<div class="form-container">
 <form action="" method="post" name="reset">{% csrf_token %}
 
-{{ form.email.errors }}
 <div class="form-group">
-<label for="id_email">{% trans 'Email' %}:</label>
-<input type="text" name="email" autofocus required class="form-control" id="id_email">
+<label for="id_email" class="form-label">{% trans 'Email' %}</label>
+<input type="email" name="email" autofocus required class="form-control" id="id_email" placeholder="{% trans 'Enter your email address' %}">
 </div>
 
-<button type="submit" class="button">{% trans 'Reset my password' %}</button>&nbsp;
-<button type="cancel" class="button" href="{% url 'profile' %}">{% trans 'Cancel' %}</button>
+<div class="button-group">
+  <button type="submit" class="btn btn-primary">{% trans 'Reset my password' %}</button>
+  <a href="{% url 'profile' %}" class="btn btn-secondary">{% trans 'Cancel' %}</a>
+</div>
 
 </form>
 </div>

ivatar/ivataraccount/templates/preferences.html

@@ -7,17 +7,22 @@
 {% block content %}
 <h1>{% trans 'Account settings' %}</h1>
 
-<label for="id_username">{% trans 'Username' %}:</label>
-<input type="text" name="username" class="form-control" id="id_username" disabled value="{{ user.username }}" style="max-width:600px;">
+<div class="form-container">
+<label for="id_username" class="form-label">{% trans 'Username' %}</label>
+<input type="text" name="username" class="form-control" id="id_username" disabled value="{{ user.username }}">
+
 <form action="{% url 'user_preference' %}" method="post">{% csrf_token %}
   <div class="form-group">
-    <label for="id_first_name">{% trans 'Firstname' %}:</label>
-    <input type="text" name="first_name" class="form-control" id="id_first_name" value="{{ user.first_name }}" style="max-width:600px;">
-    <label for="id_last_name">{% trans 'Lastname' %}:</label>
-    <input type="text" name="last_name" class="form-control" id="id_last_name" value="{{ user.last_name }}" style="max-width:600px;">
-
-    <label for="id_email">{% trans 'E-mail address' %}:</label>
-    <select name="email" class="form-control" id="id_email" style="max-width:600px;">
+    <label for="id_first_name" class="form-label">{% trans 'Firstname' %}</label>
+    <input type="text" name="first_name" class="form-control" id="id_first_name" value="{{ user.first_name }}" placeholder="{% trans 'Enter your first name' %}">
+  </div>
+  <div class="form-group">
+    <label for="id_last_name" class="form-label">{% trans 'Lastname' %}</label>
+    <input type="text" name="last_name" class="form-control" id="id_last_name" value="{{ user.last_name }}" placeholder="{% trans 'Enter your last name' %}">
+  </div>
+  <div class="form-group">
+    <label for="id_email" class="form-label">{% trans 'E-mail address' %}</label>
+    <select name="email" class="form-control" id="id_email">
       <option value="{{ user.email }}" selected>{{ user.email }}</option>
       {% for confirmed_email in user.confirmedemail_set.all %}
         {% if user.email != confirmed_email.email %}
@@ -27,8 +32,11 @@
     </select>
   </div>
   <input type="hidden" name="theme" value="{{ user.userpreference.theme }}"/>
-  <button type="submit" class="button">{% trans 'Save' %}</button>
+  <div class="button-group">
+    <button type="submit" class="btn btn-primary">{% trans 'Save' %}</button>
+  </div>
 </form>
+</div>
 
 <!-- TODO: Language stuff not yet fully implemented; Esp. translations are only half-way there
 

ivatar/ivataraccount/templates/profile.html

@@ -101,7 +101,15 @@
     <form action="{% url 'remove_confirmed_email' email.id %}" method="post">
       {% csrf_token %}
         <div id="email-conf-{{ forloop.counter }}" class="profile-container active">
-            <img title="{% trans 'Access count' %}: {{ email.access_count }}" src="{% if email.photo %}{% url 'raw_image' email.photo.id %}{% else %}{% static '/img/nobody/120.png' %}{% endif %}">
+            <img title="{% trans 'Access count' %}: {{ email.access_count }}"
+              src="
+              {% if email.photo %}
+                {% url 'raw_image' email.photo.id %}
+              {% elif email.bluesky_handle %}
+                {% url 'blueskyproxy' email.digest %}
+              {% else %}
+                {% static '/img/nobody/120.png' %}
+              {% endif %}">
             <h3 class="panel-title email-profile" title="{{ email.email }}">
                {{ email.email }}
             </h3>
@@ -123,7 +131,15 @@
     <form action="{% url 'remove_confirmed_email' email.id %}" method="post">
       {% csrf_token %}
         <div id="email-conf-{{ forloop.counter }}" class="profile-container" onclick="add_active('email-conf-{{ forloop.counter }}')">
-            <img title="{% trans 'Access count' %}: {{ email.access_count }}" src="{% if email.photo %}{% url 'raw_image' email.photo.id %}{% else %}{% static '/img/nobody/120.png' %}{% endif %}">
+            <img title="{% trans 'Access count' %}: {{ email.access_count }}"
+              src="
+              {% if email.photo %}
+                {% url 'raw_image' email.photo.id %}
+              {% elif email.bluesky_handle %}
+                {% url 'blueskyproxy' email.digest %}
+              {% else %}
+                {% static '/img/nobody/120.png' %}
+              {% endif %}">
             <h3 class="panel-title email-profile" title="{{ email.email }}">
                {{ email.email }}
             </h3>
@@ -148,7 +164,15 @@
     <form action="{% url 'remove_confirmed_openid' openid.id %}" method="post">{% csrf_token %}
       <div>
         <div id="id-conf-{{ forloop.counter }}" class="profile-container active">
-          <img title="{% trans 'Access count' %}: {{ openid.access_count }}" src="{% if openid.photo %}{% url 'raw_image' openid.photo.id %}{% else %}{% static '/img/nobody/120.png' %}{% endif %}">
+          <img title="{% trans 'Access count' %}: {{ openid.access_count }}"
+            src="
+            {% if openid.photo %}
+              {% url 'raw_image' openid.photo.id %}
+            {% elif openid.bluesky_handle %}
+              {% url 'blueskyproxy' openid.digest %}
+            {% else %}
+              {% static '/img/nobody/120.png' %}
+            {% endif %}">
           <h3 class="panel-title email-profile" title="{{ openid.openid }}">
             {{ openid.openid }}
           </h3>
@@ -201,8 +225,8 @@
   <form class="unconfirmed-mail-form" action="{% url 'remove_unconfirmed_email' email.id %}" method="post">
     {% csrf_token %}
     <div class="btn-group form-group" role="group">
-      <button type="submit" class="button" onclick="return confirm('{% trans 'Are you sure that you want to delete this email address?' %}')"><i class="fa fa-trash"></i></button>
-      <a href="{% url 'resend_confirmation_mail' email.pk %}" class="button"><i class="fa fa-envelope"></i></a>
+      <button type="submit" class="button" onclick="return confirm('{% trans 'Are you sure that you want to delete this email address?' %}')"><i class="fa-solid fa-trash"></i></button>
+      <a href="{% url 'resend_confirmation_mail' email.pk %}" class="button"><i class="fa-solid fa-envelope"></i></a>
       <span class="input-group-addon" style="width: auto;">{{ email.email }}</span>
     </div>
   </form>
@@ -212,7 +236,7 @@
   <form action="{% url 'remove_unconfirmed_openid' openid.id %}" method="post">
     {% csrf_token %}
     <div class="btn-group form-group" role="group">
-      <button type="submit" class="button" onclick="return confirm('{% trans 'Are you sure that you want to delete this OpenID?' %}')"><i class="fa fa-trash"></i></button>
+      <button type="submit" class="button" onclick="return confirm('{% trans 'Are you sure that you want to delete this OpenID?' %}')"><i class="fa-solid fa-trash"></i></button>
       <span class="input-group-addon">{{ openid.openid }}</span>
     </div>
   </form>
@@ -229,7 +253,7 @@
     {% for photo in user.photo_set.all %}
     <div class="panel panel-tortin" style="width:132px;margin-left:20px;float:left">
       <div class="panel-heading">
-        <h3 class="panel-title"><a href="{% url 'delete_photo' photo.pk %}" onclick="return confirm('{% trans 'Are you sure that you want to delete this image?' %}')"><i class="fa fa-trash"></i></a> {% trans 'Image' %} {{ forloop.counter }}</h3>
+        <h3 class="panel-title"><a href="{% url 'delete_photo' photo.pk %}" onclick="return confirm('{% trans 'Are you sure that you want to delete this image?' %}')"><i class="fa-solid fa-trash"></i></a> {% trans 'Image' %} {{ forloop.counter }}</h3>
       </div>
       <div class="panel-body" style="height:130px">
         <img title="{% trans 'Access count' %}: {{ photo.access_count }}" style="max-height:100px;max-width:100px" src="{% url 'raw_image' photo.id %}">

ivatar/ivataraccount/test_auth.py

@@ -0,0 +1,72 @@
+from unittest import mock
+
+from django.test import TestCase
+from django.contrib.auth.models import User
+from ivatar.ivataraccount.auth import FedoraOpenIdConnect
+from ivatar.ivataraccount.models import ConfirmedEmail
+from django.test import override_settings
+
+
+@override_settings(SOCIAL_AUTH_FEDORA_OIDC_ENDPOINT="https://id.example.com/")
+class AuthFedoraTestCase(TestCase):
+    def _authenticate(self, response):
+        backend = FedoraOpenIdConnect()
+        pipeline = backend.strategy.get_pipeline(backend)
+        return backend.pipeline(pipeline, response=response)
+
+    def test_new_user(self):
+        """Check that a Fedora user gets a ConfirmedEmail automatically."""
+        user = self._authenticate({"nickname": "testuser", "email": "test@example.com"})
+        self.assertEqual(user.confirmedemail_set.count(), 1)
+        self.assertEqual(user.confirmedemail_set.first().email, "test@example.com")
+
+    @mock.patch("ivatar.ivataraccount.auth.TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS", [])
+    def test_new_user_untrusted_backend(self):
+        """Check that ConfirmedEmails aren't automatically created for untrusted backends."""
+        user = self._authenticate({"nickname": "testuser", "email": "test@example.com"})
+        self.assertEqual(user.confirmedemail_set.count(), 0)
+
+    def test_existing_user(self):
+        """Checks that existing users are found."""
+        user = User.objects.create_user(
+            username="testuser",
+            password="password",
+            email="test@example.com",
+            first_name="test",
+            last_name="user",
+        )
+        auth_user = self._authenticate(
+            {"nickname": "testuser", "email": "test@example.com"}
+        )
+        self.assertEqual(auth_user, user)
+        # Only add ConfirmedEmails on account creation.
+        self.assertEqual(auth_user.confirmedemail_set.count(), 0)
+
+    def test_existing_user_with_confirmed_email(self):
+        """Check that the authenticating user is found using their ConfirmedEmail."""
+        user = User.objects.create_user(
+            username="testuser1",
+            password="password",
+            email="first@example.com",
+            first_name="test",
+            last_name="user",
+        )
+        ConfirmedEmail.objects.create_confirmed_email(user, "second@example.com", False)
+        auth_user = self._authenticate(
+            {"nickname": "testuser2", "email": "second@example.com"}
+        )
+        self.assertEqual(auth_user, user)
+
+    def test_existing_confirmed_email(self):
+        """Check that ConfirmedEmail isn't created twice."""
+        user = User.objects.create_user(
+            username="testuser",
+            password="password",
+            email="testuser@example.com",
+            first_name="test",
+            last_name="user",
+        )
+        ConfirmedEmail.objects.create_confirmed_email(user, user.email, False)
+        auth_user = self._authenticate({"nickname": user.username, "email": user.email})
+        self.assertEqual(auth_user, user)
+        self.assertEqual(auth_user.confirmedemail_set.count(), 1)

ivatar/ivataraccount/test_views_bluesky.py

@@ -0,0 +1,267 @@
+"""
+Test our views in ivatar.ivataraccount.views and ivatar.views
+"""
+
+import contextlib
+
+# pylint: disable=too-many-lines
+import os
+import django
+import pytest
+from django.test import TestCase
+from django.test import Client
+
+from django.urls import reverse
+from django.contrib.auth.models import User
+
+# from django.contrib.auth import authenticate
+
+os.environ["DJANGO_SETTINGS_MODULE"] = "ivatar.settings"
+django.setup()
+
+# pylint: disable=wrong-import-position
+from ivatar import settings
+from ivatar.ivataraccount.models import ConfirmedOpenId, ConfirmedEmail
+from ivatar.utils import random_string, Bluesky
+
+from libravatar import libravatar_url
+
+
+class Tester(TestCase):  # pylint: disable=too-many-public-methods
+    """
+    Main test class
+    """
+
+    client = Client()
+    user = None
+    username = random_string()
+    password = random_string()
+    email = "{}@{}.{}".format(username, random_string(), random_string(2))
+    # Dunno why random tld doesn't work, but I'm too lazy now to investigate
+    openid = "http://{}.{}.{}/".format(username, random_string(), "org")
+    first_name = random_string()
+    last_name = random_string()
+    bsky_test_account = "libravatar.org"
+
+    def login(self):
+        """
+        Login as user
+        """
+        self.client.login(username=self.username, password=self.password)
+
+    def setUp(self):
+        """
+        Prepare for tests.
+        - Create user
+        """
+        self.user = User.objects.create_user(
+            username=self.username,
+            password=self.password,
+            first_name=self.first_name,
+            last_name=self.last_name,
+        )
+        settings.EMAIL_BACKEND = "django.core.mail.backends.dummy.EmailBackend"
+
+        # Clear any existing Bluesky session to ensure clean test state
+        Bluesky.clear_shared_session()
+
+    def tearDown(self):
+        """
+        Clean up after tests
+        """
+        # Clear Bluesky session to avoid affecting other tests
+        Bluesky.clear_shared_session()
+
+    def create_confirmed_openid(self):
+        """
+        Create a confirmed openid
+        """
+        return ConfirmedOpenId.objects.create(
+            user=self.user,
+            ip_address="127.0.0.1",
+            openid=self.openid,
+        )
+
+    def create_confirmed_email(self):
+        """
+        Create a confirmed email
+        """
+        return ConfirmedEmail.objects.create(
+            email=self.email,
+            user=self.user,
+        )
+
+    # The following tests need to be moved over to the model tests
+    # and real web UI tests added
+    @pytest.mark.bluesky
+    def test_bluesky_handle_for_mail_via_model_handle_does_not_exist(self):
+        """
+        Add Bluesky handle to a confirmed mail address
+        """
+        self.login()
+        confirmed = self.create_confirmed_email()
+        confirmed.set_bluesky_handle(self.bsky_test_account)
+
+        with contextlib.suppress(Exception):
+            confirmed.set_bluesky_handle(f"{self.bsky_test_account}1")
+        self.assertNotEqual(
+            confirmed.bluesky_handle,
+            f"{self.bsky_test_account}1",
+            "Setting Bluesky handle that doesn't exist works?",
+        )
+
+    @pytest.mark.bluesky
+    def test_bluesky_handle_for_mail_via_model_handle_exists(self):
+        """
+        Add Bluesky handle to a confirmed mail address
+        """
+        self.login()
+        confirmed = self.create_confirmed_email()
+        confirmed.set_bluesky_handle(self.bsky_test_account)
+
+        self.assertEqual(
+            confirmed.bluesky_handle,
+            self.bsky_test_account,
+            "Setting Bluesky handle doesn't work?",
+        )
+
+    @pytest.mark.bluesky
+    def test_bluesky_handle_for_openid_via_model_handle_does_not_exist(self):
+        """
+        Add Bluesky handle to a confirmed openid address
+        """
+        self.login()
+        confirmed = self.create_confirmed_openid()
+        confirmed.set_bluesky_handle(self.bsky_test_account)
+
+        with contextlib.suppress(Exception):
+            confirmed.set_bluesky_handle(f"{self.bsky_test_account}1")
+        self.assertNotEqual(
+            confirmed.bluesky_handle,
+            f"{self.bsky_test_account}1",
+            "Setting Bluesky handle that doesn't exist works?",
+        )
+
+    @pytest.mark.bluesky
+    def test_bluesky_handle_for_openid_via_model_handle_exists(self):
+        """
+        Add Bluesky handle to a confirmed openid address
+        """
+        self.login()
+        confirmed = self.create_confirmed_openid()
+        confirmed.set_bluesky_handle(self.bsky_test_account)
+
+        self.assertEqual(
+            confirmed.bluesky_handle,
+            self.bsky_test_account,
+            "Setting Bluesky handle doesn't work?",
+        )
+
+    @pytest.mark.bluesky
+    def test_bluesky_fetch_mail(self):
+        """
+        Check if we can successfully fetch a Bluesky avatar via email
+        """
+        self.login()
+        confirmed = self.create_confirmed_email()
+        confirmed.set_bluesky_handle(self.bsky_test_account)
+        lu = libravatar_url(confirmed.email, https=True)
+        lu = lu.replace("https://seccdn.libravatar.org/", reverse("home"))
+
+        response = self.client.get(lu)
+        # This is supposed to redirect to the Bluesky proxy
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response["Location"], f"/blueskyproxy/{confirmed.digest}")
+
+    @pytest.mark.bluesky
+    def test_bluesky_fetch_openid(self):
+        """
+        Check if we can successfully fetch a Bluesky avatar via OpenID
+        """
+        self.login()
+        confirmed = self.create_confirmed_openid()
+        confirmed.set_bluesky_handle(self.bsky_test_account)
+        lu = libravatar_url(openid=confirmed.openid, https=True)
+        lu = lu.replace("https://seccdn.libravatar.org/", reverse("home"))
+
+        response = self.client.get(lu)
+        # This is supposed to redirect to the Bluesky proxy
+        self.assertEqual(response.status_code, 302)
+        self.assertEqual(response["Location"], f"/blueskyproxy/{confirmed.digest}")
+
+    @pytest.mark.bluesky
+    def test_assign_bluesky_handle_to_openid(self):
+        """
+        Assign a Bluesky handle to an OpenID
+        """
+        self.login()
+        confirmed = self.create_confirmed_openid()
+        self._assign_handle_to(
+            "assign_bluesky_handle_to_openid",
+            confirmed,
+            "Adding Bluesky handle to OpenID fails?",
+        )
+
+    @pytest.mark.bluesky
+    def test_assign_bluesky_handle_to_email(self):
+        """
+        Assign a Bluesky handle to an email
+
+        """
+        self.login()
+        confirmed = self.create_confirmed_email()
+        self._assign_handle_to(
+            "assign_bluesky_handle_to_email",
+            confirmed,
+            "Adding Bluesky handle to Email fails?",
+        )
+
+    def _assign_handle_to(self, endpoint, confirmed, message):
+        """
+        Helper method to assign a handle to reduce code duplication
+        Since the endpoints are similar, we can reuse the code
+        """
+        url = reverse(endpoint, args=[confirmed.id])
+        response = self.client.post(
+            url, {"bluesky_handle": self.bsky_test_account}, follow=True
+        )
+        self.assertEqual(response.status_code, 200, message)
+        confirmed.refresh_from_db(fields=["bluesky_handle"])
+        self.assertEqual(
+            confirmed.bluesky_handle,
+            self.bsky_test_account,
+            "Setting Bluesky handle doesn't work?",
+        )
+
+    @pytest.mark.bluesky
+    def test_assign_photo_to_mail_removes_bluesky_handle(self):
+        """
+        Assign a Photo to a mail, removes Bluesky handle
+        """
+        self.login()
+        confirmed = self.create_confirmed_email()
+        self._assign_bluesky_handle(confirmed, "assign_photo_email")
+
+    @pytest.mark.bluesky
+    def test_assign_photo_to_openid_removes_bluesky_handle(self):
+        """
+        Assign a Photo to a OpenID, removes Bluesky handle
+        """
+        self.login()
+        confirmed = self.create_confirmed_openid()
+        self._assign_bluesky_handle(confirmed, "assign_photo_openid")
+
+    def _assign_bluesky_handle(self, confirmed, endpoint):
+        """
+        Helper method to assign a Bluesky handle
+        Since the endpoints are similar, we can reuse the code
+        """
+        confirmed.bluesky_handle = self.bsky_test_account
+        confirmed.save()
+        url = reverse(endpoint, args=[confirmed.id])
+        response = self.client.post(url, {"photoNone": True}, follow=True)
+        self.assertEqual(response.status_code, 200, "Unassigning Photo doesn't work?")
+        confirmed.refresh_from_db(fields=["bluesky_handle"])
+        self.assertEqual(
+            confirmed.bluesky_handle, None, "Removing Bluesky handle doesn't work?"
+        )

ivatar/ivataraccount/urls.py

@@ -1,7 +1,7 @@
-# -*- coding: utf-8 -*-
 """
 URLs for ivatar.ivataraccount
 """
+
 from django.urls import path, re_path
 
 from django.contrib.auth.views import LogoutView
@@ -20,6 +20,7 @@ from .views import RemoveUnconfirmedOpenIDView, RemoveConfirmedOpenIDView
 from .views import ImportPhotoView, RawImageView, DeletePhotoView
 from .views import UploadPhotoView, AssignPhotoOpenIDView
 from .views import AddOpenIDView, RedirectOpenIDView, ConfirmOpenIDView
+from .views import AssignBlueskyHandleToEmailView, AssignBlueskyHandleToOpenIdView
 from .views import CropPhotoView
 from .views import UserPreferenceView, UploadLibravatarExportView
 from .views import ResendConfirmationMailView
@@ -125,6 +126,16 @@ urlpatterns = [  # pylint: disable=invalid-name
         AssignPhotoOpenIDView.as_view(),
         name="assign_photo_openid",
     ),
+    re_path(
+        r"assign_bluesky_handle_to_email/(?P<email_id>\d+)",
+        AssignBlueskyHandleToEmailView.as_view(),
+        name="assign_bluesky_handle_to_email",
+    ),
+    re_path(
+        r"assign_bluesky_handle_to_openid/(?P<open_id>\d+)",
+        AssignBlueskyHandleToOpenIdView.as_view(),
+        name="assign_bluesky_handle_to_openid",
+    ),
     re_path(r"import_photo/$", ImportPhotoView.as_view(), name="import_photo"),
     re_path(
         r"import_photo/(?P<email_addr>[\w.+-]+@[\w.]+.[\w.]+)",

ivatar/ivataraccount/views.py

@@ -1,13 +1,15 @@
-# -*- coding: utf-8 -*-
 """
 View classes for ivatar/ivataraccount/
 """
+
 from io import BytesIO
-from urllib.request import urlopen
+from ivatar.utils import urlopen, Bluesky
 import base64
 import binascii
+import contextlib
 from xml.sax import saxutils
 import gzip
+import logging
 
 from PIL import Image
 
@@ -27,6 +29,7 @@ from django.contrib.auth.views import LoginView
 from django.contrib.auth.views import (
     PasswordResetView as PasswordResetViewOriginal,
 )
+from django.utils.crypto import get_random_string
 from django.utils.translation import gettext_lazy as _
 from django.http import HttpResponseRedirect, HttpResponse
 from django.urls import reverse_lazy, reverse
@@ -46,6 +49,7 @@ from ivatar.settings import (
     MAX_PHOTO_SIZE,
     JPEG_QUALITY,
     AVATAR_MAX_SIZE,
+    SOCIAL_AUTH_FEDORA_KEY,
 )
 from .gravatar import get_photo as get_gravatar_photo
 
@@ -58,6 +62,19 @@ from .models import UserPreference
 from .models import file_format
 from .read_libravatar_export import read_gzdata as libravatar_read_gzdata
 
+# Initialize loggers
+logger = logging.getLogger("ivatar")
+security_logger = logging.getLogger("ivatar.security")
+
+# Import OpenTelemetry with graceful degradation
+from ..telemetry_utils import (
+    trace_file_upload,
+    trace_authentication,
+    get_telemetry_metrics,
+)
+
+avatar_metrics = get_telemetry_metrics()
+
 
 def openid_logging(message, level=0):
     """
@@ -66,7 +83,7 @@ def openid_logging(message, level=0):
     # Normal messages are not that important
     # No need for coverage here
     if level > 0:  # pragma: no cover
-        print(message)
+        logger.debug(message)
 
 
 class CreateView(SuccessMessageMixin, FormView):
@@ -77,6 +94,7 @@ class CreateView(SuccessMessageMixin, FormView):
     template_name = "new.html"
     form_class = UserCreationForm
 
+    @trace_authentication("user_registration")
     def form_valid(self, form):
         form.save()
         user = authenticate(
@@ -87,23 +105,8 @@ class CreateView(SuccessMessageMixin, FormView):
             # If the username looks like a mail address, automagically
             # add it as unconfirmed mail and set it also as user's
             # email address
-            try:
-                # This will error out if it's not a valid address
-                valid = validate_email(form.cleaned_data["username"])
-                user.email = valid.email
-                user.save()
-                # The following will also error out if it already exists
-                unconfirmed = UnconfirmedEmail()
-                unconfirmed.email = valid.email
-                unconfirmed.user = user
-                unconfirmed.save()
-                unconfirmed.send_confirmation_mail(
-                    url=self.request.build_absolute_uri("/")[:-1]
-                )
-            # In any exception cases, we just skip it
-            except Exception:  # pylint: disable=broad-except
-                pass
-
+            with contextlib.suppress(Exception):
+                self._extracted_from_form_valid_(form, user)
             login(self.request, user)
             pref = UserPreference.objects.create(
                 user_id=user.pk
@@ -112,13 +115,26 @@ class CreateView(SuccessMessageMixin, FormView):
             return HttpResponseRedirect(reverse_lazy("profile"))
         return HttpResponseRedirect(reverse_lazy("login"))  # pragma: no cover
 
+    def _extracted_from_form_valid_(self, form, user):
+        # This will error out if it's not a valid address
+        valid = validate_email(form.cleaned_data["username"])
+        user.email = valid.email
+        user.save()
+        # The following will also error out if it already exists
+        unconfirmed = UnconfirmedEmail()
+        unconfirmed.email = valid.email
+        unconfirmed.user = user
+        unconfirmed.save()
+        unconfirmed.send_confirmation_mail(
+            url=self.request.build_absolute_uri("/")[:-1]
+        )
+
     def get(self, request, *args, **kwargs):
         """
         Handle get for create view
         """
-        if request.user:
-            if request.user.is_authenticated:
-                return HttpResponseRedirect(reverse_lazy("profile"))
+        if request.user and request.user.is_authenticated:
+            return HttpResponseRedirect(reverse_lazy("profile"))
         return super().get(self, request, args, kwargs)
 
 
@@ -134,7 +150,7 @@ class PasswordSetView(SuccessMessageMixin, FormView):
     success_url = reverse_lazy("profile")
 
     def get_form_kwargs(self):
-        kwargs = super(PasswordSetView, self).get_form_kwargs()
+        kwargs = super().get_form_kwargs()
         kwargs["user"] = self.request.user
         return kwargs
 
@@ -207,6 +223,13 @@ class ConfirmEmailView(SuccessMessageMixin, TemplateView):
             messages.error(request, _("Verification key does not exist"))
             return HttpResponseRedirect(reverse_lazy("profile"))
 
+        if ConfirmedEmail.objects.filter(email=unconfirmed.email).count() > 0:
+            messages.error(
+                request,
+                _("This mail address has been taken already and cannot be confirmed"),
+            )
+            return HttpResponseRedirect(reverse_lazy("profile"))
+
         # TODO: Check for a reasonable expiration time in unconfirmed email
 
         (confirmed_id, external_photos) = ConfirmedEmail.objects.create_confirmed_email(
@@ -268,19 +291,30 @@ class AssignPhotoEmailView(SuccessMessageMixin, TemplateView):
 
         if "photoNone" in request.POST:
             email.photo = None
+            email.bluesky_handle = None
+        elif "photoBluesky" in request.POST:
+            # Keep the existing Bluesky handle, clear the photo
+            email.photo = None
+            # Don't clear bluesky_handle - keep it as is
         else:
             if "photo_id" not in request.POST:
                 messages.error(request, _("Invalid request [photo_id] missing"))
                 return HttpResponseRedirect(reverse_lazy("profile"))
 
-            try:
-                photo = self.model.objects.get(  # pylint: disable=no-member
-                    id=request.POST["photo_id"], user=request.user
-                )
-            except self.model.DoesNotExist:  # pylint: disable=no-member
-                messages.error(request, _("Photo does not exist"))
-                return HttpResponseRedirect(reverse_lazy("profile"))
-            email.photo = photo
+            if request.POST["photo_id"] == "bluesky":
+                # Handle Bluesky photo selection
+                email.photo = None
+                # Don't clear bluesky_handle - keep it as is
+            else:
+                try:
+                    photo = self.model.objects.get(  # pylint: disable=no-member
+                        id=request.POST["photo_id"], user=request.user
+                    )
+                except self.model.DoesNotExist:  # pylint: disable=no-member
+                    messages.error(request, _("Photo does not exist"))
+                    return HttpResponseRedirect(reverse_lazy("profile"))
+                email.photo = photo
+                email.bluesky_handle = None
         email.save()
 
         messages.success(request, _("Successfully changed photo"))
@@ -330,6 +364,7 @@ class AssignPhotoOpenIDView(SuccessMessageMixin, TemplateView):
                 messages.error(request, _("Photo does not exist"))
                 return HttpResponseRedirect(reverse_lazy("profile"))
             openid.photo = photo
+        openid.bluesky_handle = None
         openid.save()
 
         messages.success(request, _("Successfully changed photo"))
@@ -343,6 +378,116 @@ class AssignPhotoOpenIDView(SuccessMessageMixin, TemplateView):
         return data
 
 
+@method_decorator(login_required, name="dispatch")
+class AssignBlueskyHandleToEmailView(SuccessMessageMixin, TemplateView):
+    """
+    View class for assigning a Bluesky handle to an email address
+    """
+
+    def post(self, request, *args, **kwargs):  # pylint: disable=unused-argument
+        """
+        Handle post request - assign bluesky handle to email
+        """
+
+        try:
+            email = ConfirmedEmail.objects.get(user=request.user, id=kwargs["email_id"])
+        except ConfirmedEmail.DoesNotExist:  # pylint: disable=no-member
+            messages.error(request, _("Invalid request"))
+            return HttpResponseRedirect(reverse_lazy("profile"))
+
+        if "bluesky_handle" not in request.POST:
+            messages.error(request, _("Invalid request [bluesky_handle] missing"))
+            return HttpResponseRedirect(reverse_lazy("profile"))
+        bluesky_handle = request.POST["bluesky_handle"]
+
+        try:
+            bs = Bluesky()
+
+            bs.get_avatar(bluesky_handle)
+        except Exception as e:
+            messages.error(request, _(f"Handle '{bluesky_handle}' not found: {e}"))
+            return HttpResponseRedirect(
+                reverse_lazy(
+                    "assign_photo_email", kwargs={"email_id": int(kwargs["email_id"])}
+                )
+            )
+        try:
+            email.set_bluesky_handle(bluesky_handle)
+        except Exception as e:
+            messages.error(request, _(f"Error: {e}"))
+            return HttpResponseRedirect(
+                reverse_lazy(
+                    "assign_photo_email", kwargs={"email_id": int(kwargs["email_id"])}
+                )
+            )
+        email.photo = None
+        email.save()
+
+        messages.success(request, _("Successfully assigned Bluesky handle"))
+        return HttpResponseRedirect(reverse_lazy("profile"))
+
+    def get_context_data(self, **kwargs):
+        data = super().get_context_data(**kwargs)
+        data["email"] = ConfirmedEmail.objects.get(pk=kwargs["email_id"])
+        return data
+
+
+@method_decorator(login_required, name="dispatch")
+class AssignBlueskyHandleToOpenIdView(SuccessMessageMixin, TemplateView):
+    """
+    View class for assigning a Bluesky handle to an email address
+    """
+
+    def post(self, request, *args, **kwargs):  # pylint: disable=unused-argument
+        """
+        Handle post request - assign bluesky handle to email
+        """
+
+        try:
+            openid = ConfirmedOpenId.objects.get(
+                user=request.user, id=kwargs["open_id"]
+            )
+        except ConfirmedOpenId.DoesNotExist:  # pylint: disable=no-member
+            messages.error(request, _("Invalid request"))
+            return HttpResponseRedirect(reverse_lazy("profile"))
+
+        if "bluesky_handle" not in request.POST:
+            messages.error(request, _("Invalid request [bluesky_handle] missing"))
+            return HttpResponseRedirect(reverse_lazy("profile"))
+        bluesky_handle = request.POST["bluesky_handle"]
+
+        try:
+            bs = Bluesky()
+
+            bs.get_avatar(bluesky_handle)
+        except Exception as e:
+            messages.error(request, _(f"Handle '{bluesky_handle}' not found: {e}"))
+            return HttpResponseRedirect(
+                reverse_lazy(
+                    "assign_photo_openid", kwargs={"openid_id": int(kwargs["open_id"])}
+                )
+            )
+        try:
+            openid.set_bluesky_handle(bluesky_handle)
+        except Exception as e:
+            messages.error(request, _(f"Error: {e}"))
+            return HttpResponseRedirect(
+                reverse_lazy(
+                    "assign_photo_openid", kwargs={"openid_id": int(kwargs["open_id"])}
+                )
+            )
+        openid.photo = None
+        openid.save()
+
+        messages.success(request, _("Successfully assigned Bluesky handle"))
+        return HttpResponseRedirect(reverse_lazy("profile"))
+
+    def get_context_data(self, **kwargs):
+        data = super().get_context_data(**kwargs)
+        data["openid"] = ConfirmedOpenId.objects.get(pk=kwargs["open_id"])
+        return data
+
+
 @method_decorator(login_required, name="dispatch")
 class ImportPhotoView(SuccessMessageMixin, TemplateView):
     """
@@ -363,29 +508,25 @@ class ImportPhotoView(SuccessMessageMixin, TemplateView):
                 messages.error(self.request, _("Address does not exist"))
                 return context
 
-        addr = kwargs.get("email_addr", None)
-
-        if addr:
-            gravatar = get_gravatar_photo(addr)
-            if gravatar:
+        if addr := kwargs.get("email_addr", None):
+            if gravatar := get_gravatar_photo(addr):
                 context["photos"].append(gravatar)
 
-            libravatar_service_url = libravatar_url(
+            if libravatar_service_url := libravatar_url(
                 email=addr,
                 default=404,
                 size=AVATAR_MAX_SIZE,
-            )
-            if libravatar_service_url:
+            ):
                 try:
                     urlopen(libravatar_service_url)
                 except OSError as exc:
-                    print("Exception caught during photo import: {}".format(exc))
+                    logger.warning(f"Exception caught during photo import: {exc}")
                 else:
                     context["photos"].append(
                         {
                             "service_url": libravatar_service_url,
-                            "thumbnail_url": libravatar_service_url + "&s=80",
-                            "image_url": libravatar_service_url + "&s=512",
+                            "thumbnail_url": f"{libravatar_service_url}&s=80",
+                            "image_url": f"{libravatar_service_url}&s=512",
                             "width": 80,
                             "height": 80,
                             "service_name": "Libravatar",
@@ -404,7 +545,7 @@ class ImportPhotoView(SuccessMessageMixin, TemplateView):
         imported = None
 
         email_id = kwargs.get("email_id", request.POST.get("email_id", None))
-        addr = kwargs.get("emali_addr", request.POST.get("email_addr", None))
+        addr = kwargs.get("email", request.POST.get("email_addr", None))
 
         if email_id:
             email = ConfirmedEmail.objects.filter(id=email_id, user=request.user)
@@ -454,9 +595,9 @@ class RawImageView(DetailView):
 
     def get(self, request, *args, **kwargs):
         photo = self.model.objects.get(pk=kwargs["pk"])  # pylint: disable=no-member
-        if not photo.user.id == request.user.id and not request.user.is_staff:
+        if photo.user.id != request.user.id and not request.user.is_staff:
             return HttpResponseRedirect(reverse_lazy("home"))
-        return HttpResponse(BytesIO(photo.data), content_type="image/%s" % photo.format)
+        return HttpResponse(BytesIO(photo.data), content_type=f"image/{photo.format}")
 
 
 @method_decorator(login_required, name="dispatch")
@@ -486,7 +627,7 @@ class DeletePhotoView(SuccessMessageMixin, View):
 @method_decorator(login_required, name="dispatch")
 class UploadPhotoView(SuccessMessageMixin, FormView):
     """
-    View class responsible for photo upload
+    View class responsible for photo upload with enhanced security
     """
 
     model = Photo
@@ -496,26 +637,64 @@ class UploadPhotoView(SuccessMessageMixin, FormView):
     success_url = reverse_lazy("profile")
 
     def post(self, request, *args, **kwargs):
+        # Check maximum number of photos
         num_photos = request.user.photo_set.count()
         if num_photos >= MAX_NUM_PHOTOS:
             messages.error(
                 request, _("Maximum number of photos (%i) reached" % MAX_NUM_PHOTOS)
             )
             return HttpResponseRedirect(reverse_lazy("profile"))
+
         return super().post(request, *args, **kwargs)
 
+    @trace_file_upload("photo_upload")
     def form_valid(self, form):
         photo_data = self.request.FILES["photo"]
+
+        # Additional size check (redundant but good for security)
         if photo_data.size > MAX_PHOTO_SIZE:
             messages.error(self.request, _("Image too big"))
+            avatar_metrics.record_file_upload(
+                file_size=photo_data.size,
+                content_type=photo_data.content_type,
+                success=False,
+            )
             return HttpResponseRedirect(reverse_lazy("profile"))
 
+        # Enhanced security logging
+        security_logger.info(
+            f"Photo upload attempt by user {self.request.user.id} "
+            f"from IP {get_client_ip(self.request)[0]}, "
+            f"file size: {photo_data.size} bytes"
+        )
+
         photo = form.save(self.request, photo_data)
 
         if not photo:
+            security_logger.warning(
+                f"Photo upload failed for user {self.request.user.id} - invalid format"
+            )
             messages.error(self.request, _("Invalid Format"))
+            avatar_metrics.record_file_upload(
+                file_size=photo_data.size,
+                content_type=photo_data.content_type,
+                success=False,
+            )
             return HttpResponseRedirect(reverse_lazy("profile"))
 
+        # Log successful upload
+        security_logger.info(
+            f"Photo uploaded successfully by user {self.request.user.id}, "
+            f"photo ID: {photo.pk}"
+        )
+
+        # Record successful file upload metrics
+        avatar_metrics.record_file_upload(
+            file_size=photo_data.size,
+            content_type=photo_data.content_type,
+            success=True,
+        )
+
         # Override success URL -> Redirect to crop page.
         self.success_url = reverse_lazy("crop_photo", args=[photo.pk])
         return super().form_valid(form)
@@ -532,17 +711,16 @@ class AddOpenIDView(SuccessMessageMixin, FormView):
     success_url = reverse_lazy("profile")
 
     def form_valid(self, form):
-        openid_id = form.save(self.request.user)
-        if not openid_id:
+        if openid_id := form.save(self.request.user):
+            # At this point we have an unconfirmed OpenID, but
+            # we do not add the message, that we successfully added it,
+            # since this is misleading
+            return HttpResponseRedirect(
+                reverse_lazy("openid_redirection", args=[openid_id])
+            )
+        else:
             return render(self.request, self.template_name, {"form": form})
 
-        # At this point we have an unconfirmed OpenID, but
-        # we do not add the message, that we successfully added it,
-        # since this is misleading
-        return HttpResponseRedirect(
-            reverse_lazy("openid_redirection", args=[openid_id])
-        )
-
 
 @method_decorator(login_required, name="dispatch")
 class RemoveUnconfirmedOpenIDView(View):
@@ -562,7 +740,9 @@ class RemoveUnconfirmedOpenIDView(View):
             )
             openid.delete()
             messages.success(request, _("ID removed"))
-        except self.model.DoesNotExist:  # pragma: no cover pylint: disable=no-member,line-too-long
+        except (
+            self.model.DoesNotExist
+        ):  # pragma: no cover pylint: disable=no-member,line-too-long
             messages.error(request, _("ID does not exist"))
         return HttpResponseRedirect(reverse_lazy("profile"))
 
@@ -592,7 +772,7 @@ class RemoveConfirmedOpenIDView(View):
                 openidobj.delete()
             except Exception as exc:  # pylint: disable=broad-except
                 # Why it is not there?
-                print("How did we get here: %s" % exc)
+                logger.warning(f"How did we get here: {exc}")
             openid.delete()
             messages.success(request, _("ID removed"))
         except self.model.DoesNotExist:  # pylint: disable=no-member
@@ -616,7 +796,9 @@ class RedirectOpenIDView(View):
             unconfirmed = self.model.objects.get(  # pylint: disable=no-member
                 user=request.user, id=kwargs["openid_id"]
             )
-        except self.model.DoesNotExist:  # pragma: no cover  pylint: disable=no-member,line-too-long
+        except (
+            self.model.DoesNotExist
+        ):  # pragma: no cover  pylint: disable=no-member,line-too-long
             messages.error(request, _("ID does not exist"))
             return HttpResponseRedirect(reverse_lazy("profile"))
 
@@ -629,7 +811,7 @@ class RedirectOpenIDView(View):
         try:
             auth_request = openid_consumer.begin(user_url)
         except consumer.DiscoveryFailure as exc:
-            messages.error(request, _("OpenID discovery failed: %s" % exc))
+            messages.error(request, _(f"OpenID discovery failed: {exc}"))
             return HttpResponseRedirect(reverse_lazy("profile"))
         except UnicodeDecodeError as exc:  # pragma: no cover
             msg = _(
@@ -641,7 +823,7 @@ class RedirectOpenIDView(View):
                     "message": exc,
                 }
             )
-            print("message: %s" % msg)
+            logger.error(f"message: {msg}")
             messages.error(request, msg)
 
         if auth_request is None:  # pragma: no cover
@@ -775,19 +957,13 @@ class CropPhotoView(TemplateView):
         }
         email = openid = None
         if "email" in request.POST:
-            try:
+            with contextlib.suppress(ConfirmedEmail.DoesNotExist):
                 email = ConfirmedEmail.objects.get(email=request.POST["email"])
-            except ConfirmedEmail.DoesNotExist:  # pylint: disable=no-member
-                pass  # Ignore automatic assignment
-
         if "openid" in request.POST:
-            try:
+            with contextlib.suppress(ConfirmedOpenId.DoesNotExist):
                 openid = ConfirmedOpenId.objects.get(  # pylint: disable=no-member
                     openid=request.POST["openid"]
                 )
-            except ConfirmedOpenId.DoesNotExist:  # pylint: disable=no-member
-                pass  # Ignore automatic assignment
-
         return photo.perform_crop(request, dimensions, email, openid)
 
 
@@ -823,14 +999,14 @@ class UserPreferenceView(FormView, UpdateView):
                 if request.POST["email"] not in addresses:
                     messages.error(
                         self.request,
-                        _("Mail address not allowed: %s" % request.POST["email"]),
+                        _(f'Mail address not allowed: {request.POST["email"]}'),
                     )
                 else:
                     self.request.user.email = request.POST["email"]
                     self.request.user.save()
                     messages.info(self.request, _("Mail address changed."))
         except Exception as e:  # pylint: disable=broad-except
-            messages.error(self.request, _("Error setting new mail address: %s" % e))
+            messages.error(self.request, _(f"Error setting new mail address: {e}"))
 
         try:
             if request.POST["first_name"] or request.POST["last_name"]:
@@ -842,7 +1018,7 @@ class UserPreferenceView(FormView, UpdateView):
                     messages.info(self.request, _("Last name changed."))
                 self.request.user.save()
         except Exception as e:  # pylint: disable=broad-except
-            messages.error(self.request, _("Error setting names: %s" % e))
+            messages.error(self.request, _(f"Error setting names: {e}"))
 
         return HttpResponseRedirect(reverse_lazy("user_preference"))
 
@@ -910,15 +1086,14 @@ class UploadLibravatarExportView(SuccessMessageMixin, FormView):
                             except Exception as exc:  # pylint: disable=broad-except
                                 # DEBUG
                                 print(
-                                    "Exception during adding mail address (%s): %s"
-                                    % (email, exc)
+                                    f"Exception during adding mail address ({email}): {exc}"
                                 )
 
                     if arg.startswith("photo"):
                         try:
                             data = base64.decodebytes(bytes(request.POST[arg], "utf-8"))
                         except binascii.Error as exc:
-                            print("Cannot decode photo: %s" % exc)
+                            logger.warning(f"Cannot decode photo: {exc}")
                             continue
                         try:
                             pilobj = Image.open(BytesIO(data))
@@ -932,7 +1107,7 @@ class UploadLibravatarExportView(SuccessMessageMixin, FormView):
                             photo.data = out.read()
                             photo.save()
                         except Exception as exc:  # pylint: disable=broad-except
-                            print("Exception during save: %s" % exc)
+                            logger.error(f"Exception during save: {exc}")
                             continue
 
                 return HttpResponseRedirect(reverse_lazy("profile"))
@@ -952,7 +1127,7 @@ class UploadLibravatarExportView(SuccessMessageMixin, FormView):
                 },
             )
         except Exception as e:
-            messages.error(self.request, _("Unable to parse file: %s" % e))
+            messages.error(self.request, _(f"Unable to parse file: {e}"))
             return HttpResponseRedirect(reverse_lazy("upload_export"))
 
 
@@ -978,13 +1153,12 @@ class ResendConfirmationMailView(View):
             try:
                 email.send_confirmation_mail(url=request.build_absolute_uri("/")[:-1])
                 messages.success(
-                    request, "%s: %s" % (_("Confirmation mail sent to"), email.email)
+                    request, f'{_("Confirmation mail sent to")}: {email.email}'
                 )
             except Exception as exc:  # pylint: disable=broad-except
                 messages.error(
                     request,
-                    "%s %s: %s"
-                    % (_("Unable to send confirmation email for"), email.email, exc),
+                    f'{_("Unable to send confirmation email for")} {email.email}: {exc}',
                 )
         return HttpResponseRedirect(reverse_lazy("profile"))
 
@@ -996,15 +1170,32 @@ class IvatarLoginView(LoginView):
 
     template_name = "login.html"
 
+    @trace_authentication("login_attempt")
     def get(self, request, *args, **kwargs):
         """
         Handle get for login view
         """
         if request.user:
             if request.user.is_authenticated:
+                # Respect the 'next' parameter if present
+                next_url = request.GET.get("next")
+                if next_url:
+                    return HttpResponseRedirect(next_url)
                 return HttpResponseRedirect(reverse_lazy("profile"))
         return super().get(self, request, args, kwargs)
 
+    @trace_authentication("login_post")
+    def post(self, request, *args, **kwargs):
+        """
+        Handle login form submission
+        """
+        return super().post(request, *args, **kwargs)
+
+    def get_context_data(self, **kwargs):
+        context = super().get_context_data(**kwargs)
+        context["with_fedora"] = SOCIAL_AUTH_FEDORA_KEY is not None
+        return context
+
 
 @method_decorator(login_required, name="dispatch")
 class ProfileView(TemplateView):
@@ -1018,12 +1209,9 @@ class ProfileView(TemplateView):
         if "profile_username" in kwargs:
             if not request.user.is_staff:
                 return HttpResponseRedirect(reverse_lazy("profile"))
-            try:
+            with contextlib.suppress(Exception):
                 u = User.objects.get(username=kwargs["profile_username"])
                 request.user = u
-            except Exception:  # pylint: disable=broad-except
-                pass
-
         self._confirm_claimed_openid()
         return super().get(self, request, args, kwargs)
 
@@ -1054,7 +1242,7 @@ class ProfileView(TemplateView):
                 openid=openids.first().claimed_id
             ).exists():
                 return
-            print("need to confirm: %s" % openids.first())
+            logger.debug(f"need to confirm: {openids.first()}")
             confirmed = ConfirmedOpenId()
             confirmed.user = self.request.user
             confirmed.ip_address = get_client_ip(self.request)[0]
@@ -1072,7 +1260,7 @@ class PasswordResetView(PasswordResetViewOriginal):
         Since we have the mail addresses in ConfirmedEmail model,
         we need to set the email on the user object in order for the
         PasswordResetView class to pick up the correct user.
-        In case we have the mail address in the User objecct, we still
+        In case we have the mail address in the User object, we still
         need to assign a random password in order for PasswordResetView
         class to pick up the user - else it will silently do nothing.
         """
@@ -1089,22 +1277,19 @@ class PasswordResetView(PasswordResetViewOriginal):
             # If we find the user there, we need to set the mail
             # attribute on the user object accordingly
             if not user:
-                try:
+                with contextlib.suppress(ObjectDoesNotExist):
                     confirmed_email = ConfirmedEmail.objects.get(
                         email=request.POST["email"]
                     )
                     user = confirmed_email.user
                     user.email = confirmed_email.email
                     user.save()
-                except ObjectDoesNotExist:
-                    pass
-
             # If we found the user, set a random password. Else, the
             # ResetPasswordView class will silently ignore the password
             # reset request
             if user:
                 if not user.password or user.password.startswith("!"):
-                    random_pass = User.objects.make_random_password()
+                    random_pass = get_random_string(12)
                     user.set_password(random_pass)
                     user.save()
 
@@ -1138,7 +1323,6 @@ class DeleteAccountView(SuccessMessageMixin, FormView):
                 messages.error(request, _("No password given"))
                 return HttpResponseRedirect(reverse_lazy("delete"))
 
-                raise _("No password given")
         # should delete all confirmed/unconfirmed/photo objects
         request.user.delete()
         return super().post(self, request, args, kwargs)
@@ -1161,7 +1345,7 @@ class ExportView(SuccessMessageMixin, TemplateView):
         Handle real export
         """
         SCHEMA_ROOT = "https://www.libravatar.org/schemas/export/0.2"
-        SCHEMA_XSD = "%s/export.xsd" % SCHEMA_ROOT
+        SCHEMA_XSD = f"{SCHEMA_ROOT}/export.xsd"
 
         def xml_header():
             return (
@@ -1177,7 +1361,7 @@ class ExportView(SuccessMessageMixin, TemplateView):
         def xml_account(user):
             escaped_username = saxutils.quoteattr(user.username)
             escaped_password = saxutils.quoteattr(user.password)
-            return "  <account username=%s password=%s/>\n" % (
+            return "  <account username={} password={}/>\n".format(
                 escaped_username,
                 escaped_password,
             )
@@ -1244,7 +1428,7 @@ class ExportView(SuccessMessageMixin, TemplateView):
 
         response = HttpResponse(content_type="application/gzip")
         response["Content-Disposition"] = (
-            'attachment; filename="libravatar-export_%s.xml.gz"' % user.username
+            f'attachment; filename="libravatar-export_{user.username}.xml.gz"'
         )
         response.write(bytesobj.read())
         return response

ivatar/middleware.py

@@ -1,9 +1,47 @@
-# -*- coding: utf-8 -*-
 """
 Middleware classes
 """
 
 from django.utils.deprecation import MiddlewareMixin
+from django.middleware.locale import LocaleMiddleware
+
+
+class CustomLocaleMiddleware(LocaleMiddleware):
+    """
+    Middleware that extends LocaleMiddleware to skip Vary header processing for image URLs
+    """
+
+    def process_response(self, request, response):
+        # Check if this is an image-related URL
+        path = request.path
+        if any(
+            path.startswith(prefix)
+            for prefix in ["/avatar/", "/gravatarproxy/", "/blueskyproxy/"]
+        ):
+            # Delete Vary from header if exists
+            if "Vary" in response:
+                del response["Vary"]
+
+            # Extract hash from URL path for ETag
+            # URLs are like /avatar/{hash}, /gravatarproxy/{hash}, /blueskyproxy/{hash}
+            path_parts = path.strip("/").split("/")
+            if len(path_parts) >= 2:
+                hash_value = path_parts[1]  # Get the hash part
+                # Sanitize hash_value to remove newlines and other control characters
+                # that would cause BadHeaderError
+                hash_value = "".join(
+                    c for c in hash_value if c.isprintable() and c not in "\r\n"
+                )
+                response["Etag"] = f'"{hash_value}"'
+            else:
+                # Fallback to content hash if we can't extract from URL
+                response["Etag"] = f'"{hash(response.content)}"'
+
+            # Skip the parent's process_response to avoid adding Accept-Language to Vary
+            return response
+
+        # For all other URLs, use the parent's behavior
+        return super().process_response(request, response)
 
 
 class MultipleProxyMiddleware(

ivatar/opentelemetry_config.py

@@ -0,0 +1,300 @@
+"""
+OpenTelemetry configuration for ivatar project.
+
+This module provides OpenTelemetry setup and configuration for the ivatar
+Django application, including tracing, metrics, and logging integration.
+"""
+
+import os
+import logging
+
+from opentelemetry import trace, metrics
+from opentelemetry.sdk.trace import TracerProvider
+from opentelemetry.sdk.trace.export import BatchSpanProcessor
+from opentelemetry.sdk.metrics import MeterProvider
+from opentelemetry.sdk.metrics.export import PeriodicExportingMetricReader
+from opentelemetry.sdk.resources import Resource
+from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter
+from opentelemetry.exporter.otlp.proto.grpc.metric_exporter import OTLPMetricExporter
+from opentelemetry.exporter.prometheus import PrometheusMetricReader
+from opentelemetry.instrumentation.psycopg2 import Psycopg2Instrumentor
+from opentelemetry.instrumentation.pymysql import PyMySQLInstrumentor
+from opentelemetry.instrumentation.requests import RequestsInstrumentor
+from opentelemetry.instrumentation.urllib3 import URLLib3Instrumentor
+
+from django.conf import settings
+from django.core.exceptions import ImproperlyConfigured
+
+# Note: Memcached instrumentation not available in OpenTelemetry Python
+
+logger = logging.getLogger("ivatar")
+
+
+class OpenTelemetryConfig:
+    """
+    OpenTelemetry configuration manager for ivatar.
+
+    Handles setup of tracing, metrics, and instrumentation for the Django application.
+    """
+
+    def __init__(self):
+        self.enabled = True  # Always enable OpenTelemetry instrumentation
+        self.export_enabled = self._is_export_enabled()
+        self.service_name = self._get_service_name()
+        self.environment = self._get_environment()
+        self.resource = self._create_resource()
+
+    def _is_export_enabled(self) -> bool:
+        """Check if OpenTelemetry data export is enabled via environment variable."""
+        return os.environ.get("OTEL_EXPORT_ENABLED", "false").lower() in (
+            "true",
+            "1",
+            "yes",
+        )
+
+    def _get_service_name(self) -> str:
+        """Get service name from environment or default."""
+        return os.environ.get("OTEL_SERVICE_NAME", "ivatar")
+
+    def _get_environment(self) -> str:
+        """Get environment name (production, development, etc.)."""
+        return os.environ.get("OTEL_ENVIRONMENT", "development")
+
+    def _create_resource(self) -> Resource:
+        """Create OpenTelemetry resource with service information."""
+        # Get IVATAR_VERSION from environment or settings, handling case where
+        # Django settings might not be configured yet
+        ivatar_version = os.environ.get("IVATAR_VERSION")
+        if not ivatar_version:
+            # Try to access settings, but handle case where Django isn't configured
+            try:
+                ivatar_version = getattr(settings, "IVATAR_VERSION", "2.0")
+            except ImproperlyConfigured:
+                # Django settings not configured yet, use default
+                ivatar_version = "2.0"
+
+        return Resource.create(
+            {
+                "service.name": self.service_name,
+                "service.version": ivatar_version,
+                "service.namespace": "libravatar",
+                "deployment.environment": self.environment,
+                "service.instance.id": os.environ.get("HOSTNAME", "unknown"),
+            }
+        )
+
+    def setup_tracing(self) -> None:
+        """Set up OpenTelemetry tracing."""
+        try:
+            # Only set up tracing if export is enabled
+            if not self.export_enabled:
+                logger.info("OpenTelemetry tracing disabled (export disabled)")
+                return
+
+            # Set up tracer provider
+            trace.set_tracer_provider(TracerProvider(resource=self.resource))
+            tracer_provider = trace.get_tracer_provider()
+
+            # Configure OTLP exporter if endpoint is provided
+            otlp_endpoint = os.environ.get("OTEL_EXPORTER_OTLP_ENDPOINT")
+            if otlp_endpoint:
+                otlp_exporter = OTLPSpanExporter(endpoint=otlp_endpoint)
+                span_processor = BatchSpanProcessor(otlp_exporter)
+                tracer_provider.add_span_processor(span_processor)
+                logger.info(
+                    f"OpenTelemetry tracing configured with OTLP endpoint: {otlp_endpoint}"
+                )
+            else:
+                logger.info("OpenTelemetry tracing configured without OTLP endpoint")
+
+        except Exception as e:
+            logger.error(f"Failed to setup OpenTelemetry tracing: {e}")
+            # Don't disable OpenTelemetry entirely - metrics and instrumentation can still work
+
+    def setup_metrics(self) -> None:
+        """Set up OpenTelemetry metrics."""
+        try:
+            # Configure metric readers based on environment
+            metric_readers = []
+
+            # Configure OTLP exporter if export is enabled and endpoint is provided
+            if self.export_enabled:
+                otlp_endpoint = os.environ.get("OTEL_EXPORTER_OTLP_ENDPOINT")
+                if otlp_endpoint:
+                    otlp_exporter = OTLPMetricExporter(endpoint=otlp_endpoint)
+                    metric_reader = PeriodicExportingMetricReader(otlp_exporter)
+                    metric_readers.append(metric_reader)
+                    logger.info(
+                        f"OpenTelemetry metrics configured with OTLP endpoint: {otlp_endpoint}"
+                    )
+
+            # For development/local testing, also configure Prometheus HTTP server
+            # In production, metrics are scraped by external Prometheus server
+            prometheus_endpoint = os.environ.get("OTEL_PROMETHEUS_ENDPOINT")
+            if prometheus_endpoint:
+                prometheus_reader = PrometheusMetricReader()
+                metric_readers.append(prometheus_reader)
+
+            # Set up meter provider with readers
+            meter_provider = MeterProvider(
+                resource=self.resource, metric_readers=metric_readers
+            )
+
+            # Only set meter provider if it's not already set
+            try:
+                metrics.set_meter_provider(meter_provider)
+            except Exception as e:
+                if "Overriding of current MeterProvider is not allowed" in str(e):
+                    logger.warning("MeterProvider already set, using existing provider")
+                    # Get the existing meter provider and add our readers
+                    existing_provider = metrics.get_meter_provider()
+                    if hasattr(existing_provider, "add_metric_reader"):
+                        for reader in metric_readers:
+                            existing_provider.add_metric_reader(reader)
+                else:
+                    raise
+
+            # Start Prometheus HTTP server for local development (if configured)
+            if prometheus_endpoint:
+                self._start_prometheus_server(prometheus_reader, prometheus_endpoint)
+                logger.info(
+                    f"OpenTelemetry metrics configured with Prometheus endpoint: {prometheus_endpoint}"
+                )
+
+            if not metric_readers:
+                logger.warning(
+                    "No metric readers configured - metrics will not be exported"
+                )
+
+        except Exception as e:
+            logger.error(f"Failed to setup OpenTelemetry metrics: {e}")
+            # Don't disable OpenTelemetry entirely - tracing and instrumentation can still work
+
+    def _start_prometheus_server(
+        self, prometheus_reader: PrometheusMetricReader, endpoint: str
+    ) -> None:
+        """Start Prometheus HTTP server for metrics endpoint."""
+        try:
+            from prometheus_client import start_http_server, REGISTRY
+
+            # Parse endpoint to get host and port
+            if ":" in endpoint:
+                host, port = endpoint.split(":", 1)
+                port = int(port)
+            else:
+                host = "0.0.0.0"
+                port = int(endpoint)
+
+            # Register the PrometheusMetricReader collector with prometheus_client
+            REGISTRY.register(prometheus_reader._collector)
+
+            # Start HTTP server
+            start_http_server(port, addr=host)
+
+            logger.info(f"Prometheus metrics server started on {host}:{port}")
+
+        except OSError as e:
+            if e.errno == 98:  # Address already in use
+                logger.warning(
+                    f"Prometheus metrics server already running on {endpoint}"
+                )
+            else:
+                logger.error(f"Failed to start Prometheus metrics server: {e}")
+                # Don't disable OpenTelemetry entirely - metrics can still be exported via OTLP
+        except Exception as e:
+            logger.error(f"Failed to start Prometheus metrics server: {e}")
+            # Don't disable OpenTelemetry entirely - metrics can still be exported via OTLP
+
+    def setup_instrumentation(self) -> None:
+        """Set up OpenTelemetry instrumentation for various libraries."""
+        try:
+            # Django instrumentation - TEMPORARILY DISABLED TO TEST HEADER ISSUE
+            # DjangoInstrumentor().instrument()
+            # logger.info("Django instrumentation enabled")
+
+            # Database instrumentation
+            Psycopg2Instrumentor().instrument()
+            PyMySQLInstrumentor().instrument()
+            logger.info("Database instrumentation enabled")
+
+            # HTTP client instrumentation
+            RequestsInstrumentor().instrument()
+            URLLib3Instrumentor().instrument()
+            logger.info("HTTP client instrumentation enabled")
+
+            # Note: Memcached instrumentation not available in OpenTelemetry Python
+            # Cache operations will be traced through Django instrumentation
+
+        except Exception as e:
+            logger.error(f"Failed to setup OpenTelemetry instrumentation: {e}")
+            # Don't disable OpenTelemetry entirely - tracing and metrics can still work
+
+    def get_tracer(self, name: str) -> trace.Tracer:
+        """Get a tracer instance."""
+        return trace.get_tracer(name)
+
+    def get_meter(self, name: str) -> metrics.Meter:
+        """Get a meter instance."""
+        return metrics.get_meter(name)
+
+
+# Global OpenTelemetry configuration instance (lazy-loaded)
+_ot_config = None
+_ot_initialized = False
+
+
+def get_ot_config():
+    """Get the global OpenTelemetry configuration instance."""
+    global _ot_config
+    if _ot_config is None:
+        _ot_config = OpenTelemetryConfig()
+    return _ot_config
+
+
+def setup_opentelemetry() -> None:
+    """
+    Set up OpenTelemetry for the ivatar application.
+
+    This function should be called during Django application startup.
+    """
+    global _ot_initialized
+
+    if _ot_initialized:
+        logger.debug("OpenTelemetry already initialized, skipping setup")
+        return
+
+    logger.info("Setting up OpenTelemetry...")
+
+    ot_config = get_ot_config()
+    ot_config.setup_tracing()
+    ot_config.setup_metrics()
+    ot_config.setup_instrumentation()
+
+    if ot_config.enabled:
+        if ot_config.export_enabled:
+            logger.info("OpenTelemetry setup completed successfully (export enabled)")
+        else:
+            logger.info("OpenTelemetry setup completed successfully (export disabled)")
+        _ot_initialized = True
+    else:
+        logger.info("OpenTelemetry setup failed")
+
+
+def get_tracer(name: str) -> trace.Tracer:
+    """Get a tracer instance for the given name."""
+    return get_ot_config().get_tracer(name)
+
+
+def get_meter(name: str) -> metrics.Meter:
+    """Get a meter instance for the given name."""
+    return get_ot_config().get_meter(name)
+
+
+def is_enabled() -> bool:
+    """Check if OpenTelemetry is enabled (always True now)."""
+    return True
+
+
+def is_export_enabled() -> bool:
+    """Check if OpenTelemetry data export is enabled."""
+    return get_ot_config().export_enabled

ivatar/opentelemetry_middleware.py

@@ -0,0 +1,418 @@
+"""
+OpenTelemetry middleware and custom instrumentation for ivatar.
+
+This module provides custom OpenTelemetry instrumentation for avatar-specific
+operations, including metrics and tracing for avatar generation, file uploads,
+and authentication flows.
+"""
+
+import logging
+import time
+from functools import wraps
+
+from django.http import HttpRequest, HttpResponse
+from django.utils.deprecation import MiddlewareMixin
+
+from opentelemetry import trace
+from opentelemetry.trace import Status, StatusCode
+
+from ivatar.opentelemetry_config import get_tracer, get_meter, is_enabled
+
+logger = logging.getLogger("ivatar")
+
+
+class OpenTelemetryMiddleware(MiddlewareMixin):
+    """
+    Custom OpenTelemetry middleware for ivatar-specific metrics and tracing.
+
+    This middleware adds custom attributes and metrics to OpenTelemetry spans
+    for avatar-related operations.
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+        # Don't get metrics instance here - get it lazily in __call__
+
+    def __call__(self, request):
+        # Get metrics instance lazily
+        if not hasattr(self, "metrics"):
+            self.metrics = get_avatar_metrics()
+
+        # Process request to start tracing
+        self.process_request(request)
+
+        response = self.get_response(request)
+
+        # Process response to complete tracing
+        self.process_response(request, response)
+
+        return response
+
+    def process_request(self, request: HttpRequest) -> None:
+        """Process incoming request and start tracing."""
+        # Start span for the request
+        span_name = f"{request.method} {request.path}"
+        span = get_tracer("ivatar.middleware").start_span(span_name)
+
+        # Add request attributes
+        span.set_attributes(
+            {
+                "http.method": request.method,
+                "http.url": request.build_absolute_uri(),
+                "http.user_agent": request.META.get("HTTP_USER_AGENT", ""),
+                "http.remote_addr": self._get_client_ip(request),
+                "ivatar.path": request.path,
+            }
+        )
+
+        # Check if this is an avatar request
+        if self._is_avatar_request(request):
+            span.set_attribute("ivatar.request_type", "avatar")
+            self._add_avatar_attributes(span, request)
+
+        # Store span in request for later use
+        request._ot_span = span
+
+        # Record request start time
+        request._ot_start_time = time.time()
+
+    def process_response(
+        self, request: HttpRequest, response: HttpResponse
+    ) -> HttpResponse:
+        """Process response and complete tracing."""
+        span = getattr(request, "_ot_span", None)
+        if not span:
+            return response
+
+        try:
+            # Calculate request duration
+            start_time = getattr(request, "_ot_start_time", time.time())
+            duration = time.time() - start_time
+
+            # Add response attributes
+            span.set_attributes(
+                {
+                    "http.status_code": response.status_code,
+                    "http.response_size": (
+                        len(response.content) if hasattr(response, "content") else 0
+                    ),
+                    "http.request.duration": duration,
+                }
+            )
+
+            # Set span status based on response
+            if response.status_code >= 400:
+                span.set_status(
+                    Status(StatusCode.ERROR, f"HTTP {response.status_code}")
+                )
+            else:
+                span.set_status(Status(StatusCode.OK))
+
+            # Record metrics
+            # Note: HTTP request metrics are handled by Django instrumentation
+            # We only record avatar-specific metrics here
+
+            # Record avatar-specific metrics
+            if self._is_avatar_request(request):
+                # Record avatar request metric using the new metrics system
+                self.metrics.record_avatar_request(
+                    size=self._get_avatar_size(request),
+                    format_type=self._get_avatar_format(request),
+                )
+
+        finally:
+            span.end()
+
+        return response
+
+    def _is_avatar_request(self, request: HttpRequest) -> bool:
+        """Check if this is an avatar request."""
+        return request.path.startswith("/avatar/") or request.path.startswith("/avatar")
+
+    def _add_avatar_attributes(self, span: trace.Span, request: HttpRequest) -> None:
+        """Add avatar-specific attributes to span."""
+        try:
+            # Extract avatar parameters
+            size = self._get_avatar_size(request)
+            format_type = self._get_avatar_format(request)
+            email = self._get_avatar_email(request)
+
+            span.set_attributes(
+                {
+                    "ivatar.avatar_size": size,
+                    "ivatar.avatar_format": format_type,
+                    "ivatar.avatar_email": email,
+                }
+            )
+
+        except Exception as e:
+            logger.debug(f"Failed to add avatar attributes: {e}")
+
+    def _get_avatar_size(self, request: HttpRequest) -> str:
+        """Extract avatar size from request."""
+        size = request.GET.get("s", "80")
+        return str(size)
+
+    def _get_avatar_format(self, request: HttpRequest) -> str:
+        """Extract avatar format from request."""
+        format_type = request.GET.get("d", "png")
+        return str(format_type)
+
+    def _get_avatar_email(self, request: HttpRequest) -> str:
+        """Extract email from avatar request path."""
+        try:
+            # Extract email from path like /avatar/user@example.com
+            path_parts = request.path.strip("/").split("/")
+            if len(path_parts) >= 2 and path_parts[0] == "avatar":
+                return path_parts[1]
+        except Exception:
+            pass
+        return "unknown"
+
+    def _get_client_ip(self, request: HttpRequest) -> str:
+        """Get client IP address from request."""
+        x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
+        if x_forwarded_for:
+            return x_forwarded_for.split(",")[0].strip()
+        return request.META.get("REMOTE_ADDR", "unknown")
+
+
+def trace_avatar_operation(operation_name: str):
+    """
+    Decorator to trace avatar operations.
+
+    Args:
+        operation_name: Name of the operation being traced
+    """
+
+    def decorator(func):
+        @wraps(func)
+        def wrapper(*args, **kwargs):
+            if not is_enabled():
+                return func(*args, **kwargs)
+
+            tracer = get_tracer("ivatar.avatar")
+            with tracer.start_as_current_span(f"avatar.{operation_name}") as span:
+                try:
+                    result = func(*args, **kwargs)
+                    span.set_status(Status(StatusCode.OK))
+                    return result
+                except Exception as e:
+                    span.set_status(Status(StatusCode.ERROR, str(e)))
+                    span.set_attribute("error.message", str(e))
+                    raise
+
+        return wrapper
+
+    return decorator
+
+
+def trace_file_upload(operation_name: str):
+    """
+    Decorator to trace file upload operations.
+
+    Args:
+        operation_name: Name of the file upload operation being traced
+    """
+
+    def decorator(func):
+        @wraps(func)
+        def wrapper(*args, **kwargs):
+            tracer = get_tracer("ivatar.file_upload")
+            with tracer.start_as_current_span(f"file_upload.{operation_name}") as span:
+                try:
+                    # Add file information if available
+                    if args and hasattr(args[0], "FILES"):
+                        files = args[0].FILES
+                        if files:
+                            file_info = list(files.values())[0]
+                            span.set_attributes(
+                                {
+                                    "file.name": file_info.name,
+                                    "file.size": file_info.size,
+                                    "file.content_type": file_info.content_type,
+                                }
+                            )
+
+                    result = func(*args, **kwargs)
+                    span.set_status(Status(StatusCode.OK))
+                    return result
+                except Exception as e:
+                    span.set_status(Status(StatusCode.ERROR, str(e)))
+                    span.set_attribute("error.message", str(e))
+                    raise
+
+        return wrapper
+
+    return decorator
+
+
+def trace_authentication(operation_name: str):
+    """
+    Decorator to trace authentication operations.
+
+    Args:
+        operation_name: Name of the authentication operation being traced
+    """
+
+    def decorator(func):
+        @wraps(func)
+        def wrapper(*args, **kwargs):
+            tracer = get_tracer("ivatar.auth")
+            with tracer.start_as_current_span(f"auth.{operation_name}") as span:
+                try:
+                    result = func(*args, **kwargs)
+                    span.set_status(Status(StatusCode.OK))
+                    return result
+                except Exception as e:
+                    span.set_status(Status(StatusCode.ERROR, str(e)))
+                    span.set_attribute("error.message", str(e))
+                    raise
+
+        return wrapper
+
+    return decorator
+
+
+class AvatarMetrics:
+    """
+    Custom metrics for avatar operations.
+
+    This class provides methods to record custom metrics for avatar-specific
+    operations like generation, caching, and external service calls.
+    """
+
+    def __init__(self):
+        self.meter = get_meter("ivatar.avatar")
+
+        # Create custom metrics
+        self.avatar_generated = self.meter.create_counter(
+            name="ivatar_avatars_generated_total",
+            description="Total number of avatars generated",
+            unit="1",
+        )
+
+        self.avatar_requests = self.meter.create_counter(
+            name="ivatar_avatar_requests_total",
+            description="Total number of avatar image requests",
+            unit="1",
+        )
+
+        self.avatar_cache_hits = self.meter.create_counter(
+            name="ivatar_avatar_cache_hits_total",
+            description="Total number of avatar cache hits",
+            unit="1",
+        )
+
+        self.avatar_cache_misses = self.meter.create_counter(
+            name="ivatar_avatar_cache_misses_total",
+            description="Total number of avatar cache misses",
+            unit="1",
+        )
+
+        self.external_avatar_requests = self.meter.create_counter(
+            name="ivatar_external_avatar_requests_total",
+            description="Total number of external avatar requests",
+            unit="1",
+        )
+
+        self.file_uploads = self.meter.create_counter(
+            name="ivatar_file_uploads_total",
+            description="Total number of file uploads",
+            unit="1",
+        )
+
+        self.file_upload_size = self.meter.create_histogram(
+            name="ivatar_file_upload_size_bytes",
+            description="File upload size in bytes",
+            unit="bytes",
+        )
+
+    def record_avatar_request(self, size: str, format_type: str):
+        """Record avatar request."""
+        self.avatar_requests.add(
+            1,
+            {
+                "size": size,
+                "format": format_type,
+            },
+        )
+
+    def record_avatar_generated(
+        self, size: str, format_type: str, source: str = "generated"
+    ):
+        """Record avatar generation."""
+        self.avatar_generated.add(
+            1,
+            {
+                "size": size,
+                "format": format_type,
+                "source": source,
+            },
+        )
+
+    def record_cache_hit(self, size: str, format_type: str):
+        """Record cache hit."""
+        self.avatar_cache_hits.add(
+            1,
+            {
+                "size": size,
+                "format": format_type,
+            },
+        )
+
+    def record_cache_miss(self, size: str, format_type: str):
+        """Record cache miss."""
+        self.avatar_cache_misses.add(
+            1,
+            {
+                "size": size,
+                "format": format_type,
+            },
+        )
+
+    def record_external_request(self, service: str, status_code: int):
+        """Record external avatar service request."""
+        self.external_avatar_requests.add(
+            1,
+            {
+                "service": service,
+                "status_code": str(status_code),
+            },
+        )
+
+    def record_file_upload(self, file_size: int, content_type: str, success: bool):
+        """Record file upload."""
+        self.file_uploads.add(
+            1,
+            {
+                "content_type": content_type,
+                "success": str(success),
+            },
+        )
+
+        self.file_upload_size.record(
+            file_size,
+            {
+                "content_type": content_type,
+                "success": str(success),
+            },
+        )
+
+
+# Global metrics instance (lazy-loaded)
+_avatar_metrics = None
+
+
+def get_avatar_metrics():
+    """Get the global avatar metrics instance."""
+    global _avatar_metrics
+    if _avatar_metrics is None:
+        _avatar_metrics = AvatarMetrics()
+    return _avatar_metrics
+
+
+def reset_avatar_metrics():
+    """Reset the global avatar metrics instance (for testing)."""
+    global _avatar_metrics
+    _avatar_metrics = None

ivatar/pagan_optimized.py

@@ -0,0 +1,185 @@
+"""
+Optimized pagan avatar generator for ivatar
+Provides 95x+ performance improvement through intelligent caching
+"""
+
+import threading
+from io import BytesIO
+from typing import Dict, Optional
+from PIL import Image
+from django.conf import settings
+import pagan
+
+
+class OptimizedPagan:
+    """
+    Optimized pagan avatar generator that caches Avatar objects
+
+    Provides 95x+ performance improvement by caching expensive pagan.Avatar
+    object creation while maintaining 100% visual compatibility
+    """
+
+    # Class-level cache shared across all instances
+    _avatar_cache: Dict[str, pagan.Avatar] = {}
+    _cache_lock = threading.Lock()
+    _cache_stats = {"hits": 0, "misses": 0, "size": 0}
+
+    # Cache configuration
+    _max_cache_size = getattr(settings, "PAGAN_CACHE_SIZE", 100)  # Max cached avatars
+    _cache_enabled = True  # Always enabled - this is the default implementation
+
+    @classmethod
+    def _get_cached_avatar(cls, digest: str) -> Optional[pagan.Avatar]:
+        """Get cached pagan Avatar object or create and cache it"""
+
+        # Try to get from cache first
+        with cls._cache_lock:
+            if digest in cls._avatar_cache:
+                cls._cache_stats["hits"] += 1
+                return cls._avatar_cache[digest]
+
+        # Cache miss - create new Avatar object
+        try:
+            avatar = pagan.Avatar(digest)
+
+            with cls._cache_lock:
+                # Cache management - remove oldest entries if cache is full
+                if len(cls._avatar_cache) >= cls._max_cache_size:
+                    # Remove 20% of oldest entries to make room
+                    remove_count = max(1, cls._max_cache_size // 5)
+                    keys_to_remove = list(cls._avatar_cache.keys())[:remove_count]
+                    for key in keys_to_remove:
+                        del cls._avatar_cache[key]
+
+                # Cache the Avatar object
+                cls._avatar_cache[digest] = avatar
+                cls._cache_stats["misses"] += 1
+                cls._cache_stats["size"] = len(cls._avatar_cache)
+
+            return avatar
+
+        except Exception as e:
+            if getattr(settings, "DEBUG", False):
+                print(f"Failed to create pagan avatar {digest}: {e}")
+            return None
+
+    @classmethod
+    def get_cache_stats(cls) -> Dict:
+        """Get cache performance statistics"""
+        with cls._cache_lock:
+            total_requests = cls._cache_stats["hits"] + cls._cache_stats["misses"]
+            hit_rate = (
+                (cls._cache_stats["hits"] / total_requests * 100)
+                if total_requests > 0
+                else 0
+            )
+
+            return {
+                "size": cls._cache_stats["size"],
+                "max_size": cls._max_cache_size,
+                "hits": cls._cache_stats["hits"],
+                "misses": cls._cache_stats["misses"],
+                "hit_rate": f"{hit_rate:.1f}%",
+                "total_requests": total_requests,
+            }
+
+    @classmethod
+    def clear_cache(cls):
+        """Clear the pagan avatar cache (useful for testing or memory management)"""
+        with cls._cache_lock:
+            cls._avatar_cache.clear()
+            cls._cache_stats = {"hits": 0, "misses": 0, "size": 0}
+
+    @classmethod
+    def generate_optimized(cls, digest: str, size: int = 80) -> Optional[Image.Image]:
+        """
+        Generate optimized pagan avatar
+
+        Args:
+            digest (str): MD5 hash as hex string
+            size (int): Output image size in pixels
+
+        Returns:
+            PIL.Image: Resized pagan avatar image, or None on error
+        """
+        try:
+            # Get cached Avatar object (this is where the 95x speedup comes from)
+            avatar = cls._get_cached_avatar(digest)
+            if avatar is None:
+                return None
+
+            # Resize the cached avatar's image (this is very fast ~0.2ms)
+            # The original pagan avatar is 128x128 RGBA
+            resized_img = avatar.img.resize((size, size), Image.LANCZOS)
+
+            return resized_img
+
+        except Exception as e:
+            if getattr(settings, "DEBUG", False):
+                print(f"Optimized pagan generation failed for {digest}: {e}")
+            return None
+
+
+def create_optimized_pagan(digest: str, size: int = 80) -> BytesIO:
+    """
+    Create pagan avatar using optimized implementation
+    Returns BytesIO object ready for HTTP response
+
+    Performance improvement: 95x+ faster than original pagan generation
+
+    Args:
+        digest (str): MD5 hash as hex string
+        size (int): Output image size in pixels
+
+    Returns:
+        BytesIO: PNG image data ready for HTTP response
+    """
+    try:
+        # Generate optimized pagan avatar
+        img = OptimizedPagan.generate_optimized(digest, size)
+
+        if img is not None:
+            # Save to BytesIO for HTTP response
+            data = BytesIO()
+            img.save(data, format="PNG")
+            data.seek(0)
+            return data
+        else:
+            # Fallback to original implementation if optimization fails
+            if getattr(settings, "DEBUG", False):
+                print(f"Falling back to original pagan for {digest}")
+
+            paganobj = pagan.Avatar(digest)
+            img = paganobj.img.resize((size, size), Image.LANCZOS)
+            data = BytesIO()
+            img.save(data, format="PNG")
+            data.seek(0)
+            return data
+
+    except Exception as e:
+        if getattr(settings, "DEBUG", False):
+            print(f"Pagan generation failed: {e}")
+
+        # Return simple fallback image on error
+        fallback_img = Image.new("RGBA", (size, size), (100, 100, 150, 255))
+        data = BytesIO()
+        fallback_img.save(data, format="PNG")
+        data.seek(0)
+        return data
+
+
+# Management utilities
+def get_pagan_cache_info():
+    """Get cache information for monitoring/debugging"""
+    return OptimizedPagan.get_cache_stats()
+
+
+def clear_pagan_cache():
+    """Clear the pagan avatar cache"""
+    OptimizedPagan.clear_cache()
+
+
+# Backward compatibility - maintain same interface as original
+def create_pagan_avatar(digest: str, size: int = 80) -> BytesIO:
+    """Backward compatibility alias for create_optimized_pagan"""
+    return create_optimized_pagan(digest, size)

ivatar/robohash.py

@@ -0,0 +1,181 @@
+"""
+Optimized Robohash implementation for ivatar.
+Focuses on result caching for maximum performance with minimal complexity.
+"""
+
+import threading
+from PIL import Image
+from io import BytesIO
+from robohash import Robohash
+from typing import Dict, Optional
+from django.conf import settings
+
+
+class OptimizedRobohash:
+    """
+    High-performance robohash implementation using intelligent result caching:
+    1. Caches assembled robots by hash signature to avoid regeneration
+    2. Lightweight approach with minimal initialization overhead
+    3. 100% visual compatibility with original robohash
+
+    Performance: 3x faster overall, up to 100x faster with cache hits
+    """
+
+    # Class-level assembly cache
+    _assembly_cache: Dict[str, Image.Image] = {}
+    _cache_lock = threading.Lock()
+    _cache_stats = {"hits": 0, "misses": 0}
+    _max_cache_size = 50  # Limit memory usage
+
+    def __init__(self, string, hashcount=11, ignoreext=True):
+        # Use original robohash for compatibility
+        self._robohash = Robohash(string, hashcount, ignoreext)
+        self.hasharray = self._robohash.hasharray
+        self.img = None
+        self.format = "png"
+
+    def _get_cache_key(
+        self, roboset: str, color: str, bgset: Optional[str], size: int
+    ) -> str:
+        """Generate cache key for assembled robot"""
+        # Use hash signature for cache key
+        hash_sig = "".join(str(h % 1000) for h in self.hasharray[:6])
+        bg_key = bgset or "none"
+        return f"{roboset}:{color}:{bg_key}:{size}:{hash_sig}"
+
+    def assemble_optimized(
+        self, roboset=None, color=None, format=None, bgset=None, sizex=300, sizey=300
+    ):
+        """
+        Optimized assembly with intelligent result caching
+        """
+        # Normalize parameters
+        roboset = roboset or "any"
+        color = color or "default"
+        bgset = None if (bgset == "none" or not bgset) else bgset
+        format = format or "png"
+
+        # Check cache first
+        cache_key = self._get_cache_key(roboset, color, bgset, sizex)
+
+        with self._cache_lock:
+            if cache_key in self._assembly_cache:
+                self._cache_stats["hits"] += 1
+                # Return cached result
+                self.img = self._assembly_cache[cache_key].copy()
+                self.format = format
+                return
+
+            self._cache_stats["misses"] += 1
+
+        # Cache miss - generate new robot using original robohash
+        try:
+            self._robohash.assemble(
+                roboset=roboset,
+                color=color,
+                format=format,
+                bgset=bgset,
+                sizex=sizex,
+                sizey=sizey,
+            )
+
+            # Store result
+            self.img = self._robohash.img
+            self.format = format
+
+            # Cache the result (if cache not full)
+            with self._cache_lock:
+                if len(self._assembly_cache) < self._max_cache_size:
+                    self._assembly_cache[cache_key] = self.img.copy()
+                elif self._cache_stats["hits"] > 0:  # Only clear if we've had hits
+                    # Remove oldest entry (simple FIFO)
+                    oldest_key = next(iter(self._assembly_cache))
+                    del self._assembly_cache[oldest_key]
+                    self._assembly_cache[cache_key] = self.img.copy()
+
+        except Exception as e:
+            if getattr(settings, "DEBUG", False):
+                print(f"Optimized robohash assembly error: {e}")
+            # Fallback to simple robot
+            self.img = Image.new("RGBA", (sizex, sizey), (128, 128, 128, 255))
+            self.format = format
+
+    @classmethod
+    def get_cache_stats(cls):
+        """Get cache performance statistics"""
+        with cls._cache_lock:
+            total_requests = cls._cache_stats["hits"] + cls._cache_stats["misses"]
+            hit_rate = (
+                (cls._cache_stats["hits"] / total_requests * 100)
+                if total_requests > 0
+                else 0
+            )
+
+            return {
+                "hits": cls._cache_stats["hits"],
+                "misses": cls._cache_stats["misses"],
+                "hit_rate": f"{hit_rate:.1f}%",
+                "cache_size": len(cls._assembly_cache),
+                "max_cache_size": cls._max_cache_size,
+            }
+
+    @classmethod
+    def clear_cache(cls):
+        """Clear assembly cache"""
+        with cls._cache_lock:
+            cls._assembly_cache.clear()
+            cls._cache_stats = {"hits": 0, "misses": 0}
+
+
+def create_robohash(digest: str, size: int, roboset: str = "any") -> BytesIO:
+    """
+    Create robohash using optimized implementation.
+    This is the main robohash generation function for ivatar.
+
+    Args:
+        digest: MD5 hash string for robot generation
+        size: Output image size in pixels
+        roboset: Robot set to use ("any", "set1", "set2", etc.)
+
+    Returns:
+        BytesIO object containing PNG image data
+
+    Performance: 3-5x faster than original robohash, up to 100x with cache hits
+    """
+    try:
+        robohash = OptimizedRobohash(digest)
+        robohash.assemble_optimized(roboset=roboset, sizex=size, sizey=size)
+
+        # Save to BytesIO
+        data = BytesIO()
+        robohash.img.save(data, format="png")
+        data.seek(0)
+        return data
+
+    except Exception as e:
+        if getattr(settings, "DEBUG", False):
+            print(f"Robohash generation failed: {e}")
+
+        # Return fallback image
+        fallback_img = Image.new("RGBA", (size, size), (150, 150, 150, 255))
+        data = BytesIO()
+        fallback_img.save(data, format="png")
+        data.seek(0)
+        return data
+
+
+# Management utilities for monitoring and debugging
+def get_robohash_cache_stats():
+    """Get robohash cache statistics for monitoring"""
+    return OptimizedRobohash.get_cache_stats()
+
+
+def clear_robohash_cache():
+    """Clear robohash caches"""
+    OptimizedRobohash.clear_cache()
+
+
+# Backward compatibility aliases
+create_optimized_robohash = create_robohash
+create_fast_robohash = create_robohash
+create_cached_robohash = create_robohash

ivatar/settings.py

@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 """
 Django settings for ivatar project.
 """
@@ -13,6 +12,41 @@ logger.setLevel(log_level)
 PACKAGE_ROOT = os.path.abspath(os.path.dirname(__file__))
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 
+# Logging directory - can be overridden in local config
+LOGS_DIR = os.path.join(BASE_DIR, "logs")
+
+
+def _test_logs_directory_writeability(logs_dir):
+    """
+    Test if a logs directory is actually writable by attempting to create and write a test file
+    """
+    try:
+        # Ensure directory exists
+        os.makedirs(logs_dir, exist_ok=True)
+
+        # Test if we can actually write to the directory
+        test_file = os.path.join(logs_dir, ".write_test")
+        with open(test_file, "w") as f:
+            f.write("test")
+
+        # Clean up test file
+        os.remove(test_file)
+        return True
+    except (OSError, PermissionError):
+        return False
+
+
+# Ensure logs directory exists and is writable - worst case, fall back to /tmp
+if not _test_logs_directory_writeability(LOGS_DIR):
+    LOGS_DIR = "/tmp/libravatar-logs"
+    if not _test_logs_directory_writeability(LOGS_DIR):
+        # If even /tmp fails, use a user-specific temp directory
+        import tempfile
+
+        LOGS_DIR = os.path.join(tempfile.gettempdir(), f"libravatar-logs-{os.getuid()}")
+        _test_logs_directory_writeability(LOGS_DIR)  # This should always succeed
+
+    logger.warning(f"Failed to write to logs directory, falling back to {LOGS_DIR}")
 
 # SECURITY WARNING: keep the secret key used in production secret!
 SECRET_KEY = "=v(+-^t#ahv^a&&e)uf36g8algj$d1@6ou^w(r0@%)#8mlc*zk"
@@ -22,6 +56,77 @@ DEBUG = True
 
 ALLOWED_HOSTS = []
 
+# Comprehensive Logging Configuration
+LOGGING = {
+    "version": 1,
+    "disable_existing_loggers": False,
+    "formatters": {
+        "verbose": {
+            "format": "{levelname} {asctime} {module} {process:d} {thread:d} {message}",
+            "style": "{",
+        },
+        "simple": {
+            "format": "{levelname} {asctime} {message}",
+            "style": "{",
+        },
+        "detailed": {
+            "format": "{levelname} {asctime} {name} {module} {funcName} {lineno:d} {message}",
+            "style": "{",
+        },
+    },
+    "handlers": {
+        "file": {
+            "level": "INFO",
+            "class": "logging.FileHandler",
+            "filename": os.path.join(LOGS_DIR, "ivatar.log"),
+            "formatter": "verbose",
+        },
+        "file_debug": {
+            "level": "DEBUG",
+            "class": "logging.FileHandler",
+            "filename": os.path.join(LOGS_DIR, "ivatar_debug.log"),
+            "formatter": "detailed",
+        },
+        "console": {
+            "level": "DEBUG" if DEBUG else "INFO",
+            "class": "logging.StreamHandler",
+            "formatter": "simple",
+        },
+        "security": {
+            "level": "WARNING",
+            "class": "logging.FileHandler",
+            "filename": os.path.join(LOGS_DIR, "security.log"),
+            "formatter": "detailed",
+        },
+    },
+    "loggers": {
+        "ivatar": {
+            "handlers": ["file", "console"],
+            "level": "INFO",  # Restore normal logging level
+            "propagate": True,
+        },
+        "ivatar.security": {
+            "handlers": ["security", "console"],
+            "level": "WARNING",
+            "propagate": False,
+        },
+        "ivatar.debug": {
+            "handlers": ["file_debug"],
+            "level": "DEBUG",
+            "propagate": False,
+        },
+        "django.security": {
+            "handlers": ["security"],
+            "level": "WARNING",
+            "propagate": False,
+        },
+    },
+    "root": {
+        "handlers": ["console"],
+        "level": "INFO",
+    },
+}
+
 
 # Application definition
 
@@ -32,6 +137,7 @@ INSTALLED_APPS = [
     "django.contrib.sessions",
     "django.contrib.messages",
     "django.contrib.staticfiles",
+    "social_django",
 ]
 
 MIDDLEWARE = [
@@ -49,7 +155,7 @@ ROOT_URLCONF = "ivatar.urls"
 TEMPLATES = [
     {
         "BACKEND": "django.template.backends.django.DjangoTemplates",
-        "DIRS": [],
+        "DIRS": [os.path.join(BASE_DIR, "templates")],
         "APP_DIRS": True,
         "OPTIONS": {
             "context_processors": [
@@ -57,7 +163,10 @@ TEMPLATES = [
                 "django.template.context_processors.request",
                 "django.contrib.auth.context_processors.auth",
                 "django.contrib.messages.context_processors.messages",
+                "django.template.context_processors.i18n",
+                "social_django.context_processors.login_redirect",
             ],
+            "debug": DEBUG,
         },
     },
 ]
@@ -72,6 +181,7 @@ DATABASES = {
     "default": {
         "ENGINE": "django.db.backends.sqlite3",
         "NAME": os.path.join(BASE_DIR, "db.sqlite3"),
+        "ATOMIC_REQUESTS": True,
     }
 }
 
@@ -85,6 +195,9 @@ AUTH_PASSWORD_VALIDATORS = [
     },
     {
         "NAME": "django.contrib.auth.password_validation.MinimumLengthValidator",  # noqa
+        "OPTIONS": {
+            "min_length": 6,
+        },
     },
     {
         "NAME": "django.contrib.auth.password_validation.CommonPasswordValidator",  # noqa
@@ -94,6 +207,84 @@ AUTH_PASSWORD_VALIDATORS = [
     },
 ]
 
+# Password Hashing (more secure)
+# Try to use Argon2PasswordHasher with high security settings, fallback to PBKDF2
+PASSWORD_HASHERS = []
+
+# Try Argon2 first (requires Python 3.6+ and argon2-cffi package)
+try:
+    import argon2  # noqa: F401
+
+    PASSWORD_HASHERS.append("django.contrib.auth.hashers.Argon2PasswordHasher")
+except ImportError:
+    # Fallback for CentOS 7 / older systems without argon2-cffi
+    pass
+
+# Always include PBKDF2 as fallback
+PASSWORD_HASHERS.extend(
+    [
+        "django.contrib.auth.hashers.PBKDF2PasswordHasher",
+        # Keep PBKDF2SHA1 for existing password compatibility only
+        "django.contrib.auth.hashers.PBKDF2SHA1PasswordHasher",
+    ]
+)
+
+# Security Settings
+SECURE_BROWSER_XSS_FILTER = True
+SECURE_CONTENT_TYPE_NOSNIFF = True
+X_FRAME_OPTIONS = "DENY"
+CSRF_COOKIE_SECURE = not DEBUG
+SESSION_COOKIE_SECURE = not DEBUG
+
+if not DEBUG:
+    SECURE_SSL_REDIRECT = True
+    SECURE_HSTS_SECONDS = 31536000  # 1 year
+    SECURE_HSTS_INCLUDE_SUBDOMAINS = True
+    SECURE_HSTS_PRELOAD = True
+
+
+# Social authentication
+TRUST_EMAIL_FROM_SOCIAL_AUTH_BACKENDS = ["fedora"]
+SOCIAL_AUTH_PIPELINE = (
+    # Get the information we can about the user and return it in a simple
+    # format to create the user instance later. In some cases the details are
+    # already part of the auth response from the provider, but sometimes this
+    # could hit a provider API.
+    "social_core.pipeline.social_auth.social_details",
+    # Get the social uid from whichever service we're authing thru. The uid is
+    # the unique identifier of the given user in the provider.
+    "social_core.pipeline.social_auth.social_uid",
+    # Verifies that the current auth process is valid within the current
+    # project, this is where emails and domains whitelists are applied (if
+    # defined).
+    "social_core.pipeline.social_auth.auth_allowed",
+    # Checks if the current social-account is already associated in the site.
+    "social_core.pipeline.social_auth.social_user",
+    # Make up a username for this person, appends a random string at the end if
+    # there's any collision.
+    "social_core.pipeline.user.get_username",
+    # Send a validation email to the user to verify its email address.
+    # Disabled by default.
+    # 'social_core.pipeline.mail.mail_validation',
+    # Associates the current social details with another user account with
+    # a similar email address. Disabled by default.
+    "social_core.pipeline.social_auth.associate_by_email",
+    # Associates the current social details with an existing user account with
+    # a matching ConfirmedEmail.
+    "ivatar.ivataraccount.auth.associate_by_confirmed_email",
+    # Create a user account if we haven't found one yet.
+    "social_core.pipeline.user.create_user",
+    # Create the record that associates the social account with the user.
+    "social_core.pipeline.social_auth.associate_user",
+    # Populate the extra_data field in the social record with the values
+    # specified by settings (and the default ones like access_token, etc).
+    "social_core.pipeline.social_auth.load_extra_data",
+    # Update the user record with any changed info from the auth service.
+    "social_core.pipeline.user.user_details",
+    # Create the ConfirmedEmail if appropriate.
+    "ivatar.ivataraccount.auth.add_confirmed_email",
+)
+
 
 # Internationalization
 # https://docs.djangoproject.com/en/2.0/topics/i18n/
@@ -116,4 +307,17 @@ STATIC_ROOT = os.path.join(BASE_DIR, "static")
 
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
-from config import *  # pylint: disable=wildcard-import,wrong-import-position,unused-wildcard-import
+from config import *  # pylint: disable=wildcard-import,wrong-import-position,unused-wildcard-import  # noqa
+
+# OpenTelemetry setup - must be after config import
+# Always setup OpenTelemetry (instrumentation always enabled, export controlled by OTEL_EXPORT_ENABLED)
+try:
+    from ivatar.opentelemetry_config import setup_opentelemetry
+
+    setup_opentelemetry()
+
+    # Add OpenTelemetry middleware (always enabled)
+    MIDDLEWARE.append("ivatar.opentelemetry_middleware.OpenTelemetryMiddleware")
+except (ImportError, NameError):
+    # OpenTelemetry packages not installed or configuration failed
+    pass

ivatar/static/css/cropper.min.css

@@ -0,0 +1,265 @@
+/*!
+ * Cropper.js v1.6.2
+ * https://fengyuanchen.github.io/cropperjs
+ *
+ * Copyright 2015-present Chen Fengyuan
+ * Released under the MIT license
+ *
+ * Date: 2024-04-21T07:43:02.731Z
+ */
+.cropper-container {
+  -webkit-touch-callout: none;
+  direction: ltr;
+  font-size: 0;
+  line-height: 0;
+  position: relative;
+  -ms-touch-action: none;
+  touch-action: none;
+  -webkit-user-select: none;
+  -moz-user-select: none;
+  -ms-user-select: none;
+  user-select: none;
+}
+.cropper-container img {
+  backface-visibility: hidden;
+  display: block;
+  height: 100%;
+  image-orientation: 0deg;
+  max-height: none !important;
+  max-width: none !important;
+  min-height: 0 !important;
+  min-width: 0 !important;
+  width: 100%;
+}
+.cropper-canvas,
+.cropper-crop-box,
+.cropper-drag-box,
+.cropper-modal,
+.cropper-wrap-box {
+  bottom: 0;
+  left: 0;
+  position: absolute;
+  right: 0;
+  top: 0;
+}
+.cropper-canvas,
+.cropper-wrap-box {
+  overflow: hidden;
+}
+.cropper-drag-box {
+  background-color: #fff;
+  opacity: 0;
+}
+.cropper-modal {
+  background-color: #000;
+  opacity: 0.5;
+}
+.cropper-view-box {
+  display: block;
+  height: 100%;
+  outline: 1px solid #39f;
+  outline-color: rgba(51, 153, 255, 0.75);
+  overflow: hidden;
+  width: 100%;
+}
+.cropper-dashed {
+  border: 0 dashed #eee;
+  display: block;
+  opacity: 0.5;
+  position: absolute;
+}
+.cropper-dashed.dashed-h {
+  border-bottom-width: 1px;
+  border-top-width: 1px;
+  height: 33.33333%;
+  left: 0;
+  top: 33.33333%;
+  width: 100%;
+}
+.cropper-dashed.dashed-v {
+  border-left-width: 1px;
+  border-right-width: 1px;
+  height: 100%;
+  left: 33.33333%;
+  top: 0;
+  width: 33.33333%;
+}
+.cropper-center {
+  display: block;
+  height: 0;
+  left: 50%;
+  opacity: 0.75;
+  position: absolute;
+  top: 50%;
+  width: 0;
+}
+.cropper-center:after,
+.cropper-center:before {
+  background-color: #eee;
+  content: " ";
+  display: block;
+  position: absolute;
+}
+.cropper-center:before {
+  height: 1px;
+  left: -3px;
+  top: 0;
+  width: 7px;
+}
+.cropper-center:after {
+  height: 7px;
+  left: 0;
+  top: -3px;
+  width: 1px;
+}
+.cropper-face,
+.cropper-line,
+.cropper-point {
+  display: block;
+  height: 100%;
+  opacity: 0.1;
+  position: absolute;
+  width: 100%;
+}
+.cropper-face {
+  background-color: #fff;
+  left: 0;
+  top: 0;
+}
+.cropper-line {
+  background-color: #39f;
+}
+.cropper-line.line-e {
+  cursor: ew-resize;
+  right: -3px;
+  top: 0;
+  width: 5px;
+}
+.cropper-line.line-n {
+  cursor: ns-resize;
+  height: 5px;
+  left: 0;
+  top: -3px;
+}
+.cropper-line.line-w {
+  cursor: ew-resize;
+  left: -3px;
+  top: 0;
+  width: 5px;
+}
+.cropper-line.line-s {
+  bottom: -3px;
+  cursor: ns-resize;
+  height: 5px;
+  left: 0;
+}
+.cropper-point {
+  background-color: #39f;
+  height: 5px;
+  opacity: 0.75;
+  width: 5px;
+}
+.cropper-point.point-e {
+  cursor: ew-resize;
+  margin-top: -3px;
+  right: -3px;
+  top: 50%;
+}
+.cropper-point.point-n {
+  cursor: ns-resize;
+  left: 50%;
+  margin-left: -3px;
+  top: -3px;
+}
+.cropper-point.point-w {
+  cursor: ew-resize;
+  left: -3px;
+  margin-top: -3px;
+  top: 50%;
+}
+.cropper-point.point-s {
+  bottom: -3px;
+  cursor: s-resize;
+  left: 50%;
+  margin-left: -3px;
+}
+.cropper-point.point-ne {
+  cursor: nesw-resize;
+  right: -3px;
+  top: -3px;
+}
+.cropper-point.point-nw {
+  cursor: nwse-resize;
+  left: -3px;
+  top: -3px;
+}
+.cropper-point.point-sw {
+  bottom: -3px;
+  cursor: nesw-resize;
+  left: -3px;
+}
+.cropper-point.point-se {
+  bottom: -3px;
+  cursor: nwse-resize;
+  height: 20px;
+  opacity: 1;
+  right: -3px;
+  width: 20px;
+}
+@media (min-width: 768px) {
+  .cropper-point.point-se {
+    height: 15px;
+    width: 15px;
+  }
+}
+@media (min-width: 992px) {
+  .cropper-point.point-se {
+    height: 10px;
+    width: 10px;
+  }
+}
+@media (min-width: 1200px) {
+  .cropper-point.point-se {
+    height: 5px;
+    opacity: 0.75;
+    width: 5px;
+  }
+}
+.cropper-point.point-se:before {
+  background-color: #39f;
+  bottom: -50%;
+  content: " ";
+  display: block;
+  height: 200%;
+  opacity: 0;
+  position: absolute;
+  right: -50%;
+  width: 200%;
+}
+.cropper-invisible {
+  opacity: 0;
+}
+.cropper-bg {
+  background-image: url("data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAAA3NCSVQICAjb4U/gAAAABlBMVEXMzMz////TjRV2AAAACXBIWXMAAArrAAAK6wGCiw1aAAAAHHRFWHRTb2Z0d2FyZQBBZG9iZSBGaXJld29ya3MgQ1M26LyyjAAAABFJREFUCJlj+M/AgBVhF/0PAH6/D/HkDxOGAAAAAElFTkSuQmCC");
+}
+.cropper-hide {
+  display: block;
+  height: 0;
+  position: absolute;
+  width: 0;
+}
+.cropper-hidden {
+  display: none !important;
+}
+.cropper-move {
+  cursor: move;
+}
+.cropper-crop {
+  cursor: crosshair;
+}
+.cropper-disabled .cropper-drag-box,
+.cropper-disabled .cropper-face,
+.cropper-disabled .cropper-line,
+.cropper-disabled .cropper-point {
+  cursor: not-allowed;
+}

ivatar/static/css/jcrop.css

@@ -1,2 +1,146 @@
 /* jquery.Jcrop.min.css v0.9.15 (build:20180819) */
-.jcrop-holder{direction:ltr;text-align:left;-ms-touch-action:none}.jcrop-hline,.jcrop-vline{background:#fff url(Jcrop.gif);font-size:0;position:absolute}.jcrop-vline{height:100%;width:1px!important}.jcrop-vline.right{right:0}.jcrop-hline{height:1px!important;width:100%}.jcrop-hline.bottom{bottom:0}.jcrop-tracker{height:100%;width:100%;-webkit-tap-highlight-color:transparent;-webkit-touch-callout:none;-webkit-user-select:none}.jcrop-handle{background-color:#333;border:1px #eee solid;width:7px;height:7px;font-size:1px}.jcrop-handle.ord-n{left:50%;margin-left:-4px;margin-top:-4px;top:0}.jcrop-handle.ord-s{bottom:0;left:50%;margin-bottom:-4px;margin-left:-4px}.jcrop-handle.ord-e{margin-right:-4px;margin-top:-4px;right:0;top:50%}.jcrop-handle.ord-w{left:0;margin-left:-4px;margin-top:-4px;top:50%}.jcrop-handle.ord-nw{left:0;margin-left:-4px;margin-top:-4px;top:0}.jcrop-handle.ord-ne{margin-right:-4px;margin-top:-4px;right:0;top:0}.jcrop-handle.ord-se{bottom:0;margin-bottom:-4px;margin-right:-4px;right:0}.jcrop-handle.ord-sw{bottom:0;left:0;margin-bottom:-4px;margin-left:-4px}.jcrop-dragbar.ord-n,.jcrop-dragbar.ord-s{height:7px;width:100%}.jcrop-dragbar.ord-e,.jcrop-dragbar.ord-w{height:100%;width:7px}.jcrop-dragbar.ord-n{margin-top:-4px}.jcrop-dragbar.ord-s{bottom:0;margin-bottom:-4px}.jcrop-dragbar.ord-e{margin-right:-4px;right:0}.jcrop-dragbar.ord-w{margin-left:-4px}.jcrop-light .jcrop-hline,.jcrop-light .jcrop-vline{background:#fff;filter:alpha(opacity=70)!important;opacity:.7!important}.jcrop-light .jcrop-handle{-moz-border-radius:3px;-webkit-border-radius:3px;background-color:#000;border-color:#fff;border-radius:3px}.jcrop-dark .jcrop-hline,.jcrop-dark .jcrop-vline{background:#000;filter:alpha(opacity=70)!important;opacity:.7!important}.jcrop-dark .jcrop-handle{-moz-border-radius:3px;-webkit-border-radius:3px;background-color:#fff;border-color:#000;border-radius:3px}.solid-line .jcrop-hline,.solid-line .jcrop-vline{background:#fff}.jcrop-holder img,img.jcrop-preview{max-width:none}
+.jcrop-holder {
+  direction: ltr;
+  text-align: left;
+  -ms-touch-action: none;
+}
+.jcrop-hline,
+.jcrop-vline {
+  background: #fff url(Jcrop.gif);
+  font-size: 0;
+  position: absolute;
+}
+.jcrop-vline {
+  height: 100%;
+  width: 1px !important;
+}
+.jcrop-vline.right {
+  right: 0;
+}
+.jcrop-hline {
+  height: 1px !important;
+  width: 100%;
+}
+.jcrop-hline.bottom {
+  bottom: 0;
+}
+.jcrop-tracker {
+  height: 100%;
+  width: 100%;
+  -webkit-tap-highlight-color: transparent;
+  -webkit-touch-callout: none;
+  -webkit-user-select: none;
+}
+.jcrop-handle {
+  background-color: #333;
+  border: 1px #eee solid;
+  width: 7px;
+  height: 7px;
+  font-size: 1px;
+}
+.jcrop-handle.ord-n {
+  left: 50%;
+  margin-left: -4px;
+  margin-top: -4px;
+  top: 0;
+}
+.jcrop-handle.ord-s {
+  bottom: 0;
+  left: 50%;
+  margin-bottom: -4px;
+  margin-left: -4px;
+}
+.jcrop-handle.ord-e {
+  margin-right: -4px;
+  margin-top: -4px;
+  right: 0;
+  top: 50%;
+}
+.jcrop-handle.ord-w {
+  left: 0;
+  margin-left: -4px;
+  margin-top: -4px;
+  top: 50%;
+}
+.jcrop-handle.ord-nw {
+  left: 0;
+  margin-left: -4px;
+  margin-top: -4px;
+  top: 0;
+}
+.jcrop-handle.ord-ne {
+  margin-right: -4px;
+  margin-top: -4px;
+  right: 0;
+  top: 0;
+}
+.jcrop-handle.ord-se {
+  bottom: 0;
+  margin-bottom: -4px;
+  margin-right: -4px;
+  right: 0;
+}
+.jcrop-handle.ord-sw {
+  bottom: 0;
+  left: 0;
+  margin-bottom: -4px;
+  margin-left: -4px;
+}
+.jcrop-dragbar.ord-n,
+.jcrop-dragbar.ord-s {
+  height: 7px;
+  width: 100%;
+}
+.jcrop-dragbar.ord-e,
+.jcrop-dragbar.ord-w {
+  height: 100%;
+  width: 7px;
+}
+.jcrop-dragbar.ord-n {
+  margin-top: -4px;
+}
+.jcrop-dragbar.ord-s {
+  bottom: 0;
+  margin-bottom: -4px;
+}
+.jcrop-dragbar.ord-e {
+  margin-right: -4px;
+  right: 0;
+}
+.jcrop-dragbar.ord-w {
+  margin-left: -4px;
+}
+.jcrop-light .jcrop-hline,
+.jcrop-light .jcrop-vline {
+  background: #fff;
+  filter: alpha(opacity=70) !important;
+  opacity: 0.7 !important;
+}
+.jcrop-light .jcrop-handle {
+  -moz-border-radius: 3px;
+  -webkit-border-radius: 3px;
+  background-color: #000;
+  border-color: #fff;
+  border-radius: 3px;
+}
+.jcrop-dark .jcrop-hline,
+.jcrop-dark .jcrop-vline {
+  background: #000;
+  filter: alpha(opacity=70) !important;
+  opacity: 0.7 !important;
+}
+.jcrop-dark .jcrop-handle {
+  -moz-border-radius: 3px;
+  -webkit-border-radius: 3px;
+  background-color: #fff;
+  border-color: #000;
+  border-radius: 3px;
+}
+.solid-line .jcrop-hline,
+.solid-line .jcrop-vline {
+  background: #fff;
+}
+.jcrop-holder img,
+img.jcrop-preview {
+  max-width: none;
+}

ivatar/static/design_media/libravatar_header.svg

@@ -1 +1 @@
-<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1656.69 67"><defs><style>.cls-1{fill:#fff;}</style></defs><title>Element 1</title><g id="Ebene_2" data-name="Ebene 2"><g id="Ebene_1-2" data-name="Ebene 1"><g id="Ebene_2-2" data-name="Ebene 2-2"><path class="cls-1" d="M1.69,67c72,0,578-67,943-67s712,67,712,67Z"/></g></g></g></svg>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1656.69 67"><defs><style>.cls-1{fill:#fff;}</style></defs><title>Element 1</title><g id="Ebene_2" data-name="Ebene 2"><g id="Ebene_1-2" data-name="Ebene 1"><g id="Ebene_2-2" data-name="Ebene 2-2"><path class="cls-1" d="M1.69,67c72,0,578-67,943-67s712,67,712,67Z"/></g></g></g></svg>