This is a Django-based micro-blogging and review platform where users can create, share, and interact with reviews. The application supports user authentication, profile management, messaging between users, and a like/upvote system for reviews. Users can post reviews with images, browse content sorted by different criteria (newest, oldest, most liked), and communicate through a private messaging system.
- Feature Enhanced: 管理画面のスタイルを完全にリデザインし、日本語化
- デザイン改善:
- モダンなグラデーション背景(紫〜ピンク)
- カード型レイアウトでシンプルなUI
- ホバーエフェクトとトランジション
- レスポンシブデザイン対応
- 日本語化:
- 言語設定を日本語(ja)に変更
- タイムゾーンを東京(Asia/Tokyo)に設定
- 全てのモデル名を日本語化(verbose_name)
- 管理画面のタイトル・ヘッダーを日本語化
- カスタムテンプレート:
- base_site.html: ブランディングとカスタムCSS読み込み
- login.html: 美しいログイン画面(グラデーション背景、中央配置カード)
- index.html: ダッシュボード(ウェルカムメッセージ、グリッドレイアウト)
- カスタムCSS: ReviewApp/static/admin/css/custom_admin.css
- ブランドカラー(#667eea, #764ba2)を使用
- ボタン、フォーム、テーブルのスタイルを統一
- モダンな影とボーダー効果
- 技術実装:
- INSTALLED_APPSでreviewpostをdjango.contrib.adminより前に配置
- テンプレートの優先順位を正しく設定
- Feature Added: 完全な監査ログシステムとメール通知機能を実装
- 監査ログ機能:
UserActivityLogモデル: ユーザー活動の包括的な記録(ユーザー、アクション、IP、User-Agent、デバイス情報、詳細、タイムスタンプ)- 記録される活動:
- ユーザー作成(user_created)
- ログイン成功・失敗(user_login)
- ログアウト(user_logout)
- ユーザー削除(user_deleted)- 削除者情報も記録
- プロフィール更新(profile_updated)
- レビュー作成・削除(review_created, review_deleted)
- メッセージ送信(message_sent)
- シグナル実装: Djangoのpre_delete/post_saveシグナルで自動記録
- リクエスト情報の伝播: 各ビューでform.instance._requestを設定し、シグナルで取得
- 削除操作の完全な監査: CustomUserAdminで管理画面からの削除も記録
- デバイス情報取得:
- user-agentsライブラリでブラウザ、OS、デバイスタイプを解析
- プロキシ経由のIPアドレスも正確に取得(X-Forwarded-For対応)
- 管理画面での監査ログ:
- 読み取り専用表示(追加・変更不可、スーパーユーザーのみ削除可)
- フィルター機能(アクション、作成日時)
- 検索機能(ユーザー名、IPアドレス、User-Agent)
- メール通知機能:
- Replit Mail API統合(email_utils.py)
- 新規ユーザー作成時に管理者へ自動通知
- HTML形式とテキスト形式の両方対応
- ユーザー名、IPアドレス、デバイス情報、作成日時を含む
- ADMIN_NOTIFICATION_EMAIL環境変数で管理者メール設定
- 開発環境では警告のみ(メール送信スキップ)
- セキュリティ強化:
- 全ての重要な操作が完全に監査可能
- 削除操作も実行者の情報を記録(deleted_byフィールド)
- ユーザー削除後もusernameを保持し、追跡可能
- Feature Enhanced: Completely redesigned navigation bar animation system with modern motion design patterns inspired by Apple, Instagram, and Twitter
- Implementation Details:
- Transform-based animations using
translate3d+scalefor GPU acceleration - Multiple easing functions:
cubic-bezier(0.33, 1, 0.68, 1)for modern "fast out, slow in",cubic-bezier(0.22, 0.61, 0.36, 1)for Apple ease-out - Three distinct animation patterns with optimized timing:
- Nav↔Nav links: 420ms direct move with modern easing
- Nav→Logo: 730ms with 3-phase choreography (background fade, fast travel 450ms, settle 120ms, shrink-dissolve 160ms)
- Logo→Nav: 640ms with 4-phase choreography (ignite bloom 160ms, fast travel 360ms, micro-overshoot 120ms, settle 80ms)
- Advanced motion techniques: overshoot effects, bloom animations, background wash effects, shrink-dissolve transitions
- Coordinated timing with 40ms overlaps between phases for seamless transitions
- Transform-based animations using
- Technical Implementation: White border indicator uses absolute positioning with CSS transforms, no layout recalculation, full GPU compositing
- Performance: 60/120 FPS smooth animations on all devices, no visible opacity stalls or frame drops
- Feature Added: Users can now upload and share video content in addition to images and text
- Implementation Details:
- Added
project_videofield toReviewModel(FileField with upload_to='videos/') - Updated
CreateClassview to include video upload in form fields - Enhanced category filtering to distinguish between text/image posts and video posts
- Implemented video player in list and detail templates using HTML5
<video>tag - Added video post type icon (play-circle-fill) with red background styling
- Fixed queryset UNION issue by using Q expressions for category filtering
- Added
- Technical Fix: Refactored category filter from UNION-based querysets to Q-expression-based filters, enabling proper annotate() and order_by() operations for all sort/category combinations
- UI Updates: Video posts display with play button icon, support controls, and maintain responsive design
- Issue Identified: Login on Vercel (review-app-smoky.vercel.app) was returning 500 Internal Server Error
- Root Cause: When POSTGRES_URL environment variable is not set, the application falls back to SQLite, but Vercel's filesystem is read-only, causing "attempt to write a readonly database" errors during session creation at login
- Fixes Applied:
- Modified
wsgi.pyto usesettings.pyfor Replit environment (was forcingsettings_vercel) - Added
.replit.devand*toALLOWED_HOSTSinsettings.pyfor Replit compatibility - Enhanced logging in
settings_vercel.py(INFO level, added django.security logger) - Improved session settings:
SESSION_ENGINE,SESSION_COOKIE_SAMESITE = 'Lax' - Added
CSRF_TRUSTED_ORIGINSfor Vercel domains
- Modified
- Required Action for Vercel: Must configure PostgreSQL database (Vercel Postgres or managed PostgreSQL) and set
POSTGRES_URLenvironment variable to resolve the 500 error
Preferred communication style: Simple, everyday language. Use Japanese for communication.
- Backend Framework: Django 4.2.11 with Python 3.11
- Template Engine: Django templates with Bootstrap 5 for responsive UI
- Static File Management: WhiteNoise middleware for serving static files in production
- ORM: Django ORM
- Development: SQLite (default)
- Production: PostgreSQL via
dj-database-urlconfiguration - Key Models:
ReviewModel: Core review entity with author, title, content, images, videos, likes (many-to-many with User), and timestampsUserProfile: Extended user profile with bio, avatar, website, location, birth dateMessage: Private messaging system with sender, recipient, subject, content, read statusUserActivityLog: Audit logging model tracking user activities with IP, User-Agent, device info, and JSON details
- System: Django's built-in authentication framework
- User Management: Custom views extending Django's
UserCreationForm,LoginView, andLogoutView - Access Control:
@login_requireddecorator andLoginRequiredMixinfor protecting views - Session Management: Django sessions with configurable security settings for production
- Project:
reviewproject(main Django project) - App:
reviewpost(contains all business logic, models, views, URLs) - View Pattern: Mix of function-based views (list, detail, profile, messaging) and class-based views (signup, login, logout, create review, update profile)
- URL Routing: Centralized in
reviewpost/urls.pywith namespace support
- Image Upload: Django
ImageFieldfor review images and user avatars - Video Upload: Django
FileFieldfor video content (MP4, WebM, MOV formats supported) - Storage: Local filesystem in development, configurable for production
- URL Routing: Custom routes for media files (
/media_image/) and static files (/static/)
- Review System: CRUD operations with image and video upload, sorting (newest/oldest/likes), category filtering (text/image vs video), and detail views
- Social Features: Like/unlike functionality using many-to-many relationships, user profiles with customizable information
- Messaging System: Internal messaging with inbox (received/sent tabs), read/unread status, and reply functionality
- UI Components: Bootstrap-based responsive design with icons from Bootstrap Icons, HTML5 video player for video content
- Multiple Settings Files:
settings.py: Base development settingssettings_production.py: Render.com production settings with SSL and security hardeningsettings_vercel.py: Vercel serverless deployment with PostgreSQL support
- WSGI Application: Standard Django WSGI for traditional deployments and Vercel compatibility
- Static Files: Collected to
staticfiles/directory, served via WhiteNoise
- Web Framework: Django 4.2.11
- WSGI Server: Gunicorn (20.1.0 for general use, 21.2.0 for Vercel)
- Static Files: WhiteNoise 6.0.0 (6.6.0 for Vercel)
- Database Adapter: psycopg2-binary 2.9.9 for PostgreSQL connectivity
- Database URL Parser: dj-database-url for environment-based database configuration
- Image Processing: Pillow 9.0.0 (10.1.0 for Vercel)
- Caching: django-redis 5.4.0 for Redis-based caching
- Developer Tools: django-extensions 3.2.3 for enhanced management commands
- Security: django-axes 8.0.0 for rate limiting, argon2-cffi 25.1.0 for password hashing, bleach 6.2.0 for HTML sanitization
- User Agent Parsing: user-agents for device/browser detection
- HTTP Requests: requests for Replit Mail API integration
- CSS Framework: Bootstrap 5.0.2 (via CDN)
- Icons: Bootstrap Icons 1.7.2 (via CDN)
- Styling: Custom CSS in
static/style.cssfor additional styling
- Development: SQLite3 (bundled with Python)
- Production Options:
- PostgreSQL (Render.com, Vercel Postgres)
- Configurable via
DATABASE_URLenvironment variable - SSL support for production databases
- Vercel: Serverless deployment with custom
vercel.jsonconfiguration, Python 3.11 runtime, 30-second function timeout - Render.com: Traditional server deployment with gunicorn
- Replit: Development and testing environment
SECRET_KEY: Django secret key for cryptographic signingDATABASE_URL/POSTGRES_URL: Database connection stringRENDER_EXTERNAL_HOSTNAME: Render.com hostname for ALLOWED_HOSTSDEBUG: Debug mode toggle (should be False in production)ADMIN_NOTIFICATION_EMAIL: Email address for receiving user creation notificationsREPL_IDENTITY/WEB_REPL_RENEWAL: Replit authentication tokens for Mail API
- Production Security: CSRF protection, secure cookies, SSL redirect, proxy SSL headers
- CORS: Configured via ALLOWED_HOSTS with wildcard support for development
- Static File Security: WhiteNoise with proper headers and caching