5 files changed, 18 insertions, 11 deletions

diff --git a/mediagoblin/auth/lib.py b/mediagoblin/auth/lib.py
index 1136a252..ddb58fe6 100644
--- a/mediagoblin/auth/lib.py
+++ b/mediagoblin/auth/lib.py
@@ -42,7 +42,7 @@ def bcrypt_check_password(raw_pass, stored_hash, extra_salt=None):
     if extra_salt:
         raw_pass = u"%s:%s" % (extra_salt, raw_pass)
 
-    hashed_pass = bcrypt.hashpw(raw_pass, stored_hash)
+    hashed_pass = bcrypt.hashpw(raw_pass.encode('utf-8'), stored_hash)
 
     # Reduce risk of timing attacks by hashing again with a random
     # number (thx to zooko on this advice, which I hopefully
@@ -68,7 +68,8 @@ def bcrypt_gen_password_hash(raw_pass, extra_salt=None):
     if extra_salt:
         raw_pass = u"%s:%s" % (extra_salt, raw_pass)
 
-    return unicode(bcrypt.hashpw(raw_pass, bcrypt.gensalt()))
+    return unicode(
+        bcrypt.hashpw(raw_pass.encode('utf-8'), bcrypt.gensalt()))
 
 
 def fake_login_attempt():
diff --git a/mediagoblin/auth/views.py b/mediagoblin/auth/views.py
index e18469b9..46c937b0 100644
--- a/mediagoblin/auth/views.py
+++ b/mediagoblin/auth/views.py
@@ -120,7 +120,7 @@ def login(request):
     login_failed = False
 
     if request.method == 'POST' and login_form.validate():
-        user = request.db.User.one(
+        user = request.db.User.find_one(
             {'username': request.POST['username'].lower()})
 
         if user and user.check_login(request.POST['password']):
diff --git a/mediagoblin/media_types/image/models.py b/mediagoblin/media_types/image/models.py
index 296eca0a..7ffd209b 100644
--- a/mediagoblin/media_types/image/models.py
+++ b/mediagoblin/media_types/image/models.py
@@ -1,18 +1,19 @@
 from mediagoblin.db.sql.models import Base
 
 from sqlalchemy import (
-    Column, Integer, Unicode, UnicodeText, DateTime, Boolean, ForeignKey,
-    UniqueConstraint)
+    Column, Integer, Float, ForeignKey)
 
 
 class ImageData(Base):
     __tablename__ = "image_data"
 
-    id = Column(Integer, primary_key=True)
+    # The primary key *and* reference to the main media_entry
+    media_entry = Column(Integer, ForeignKey('media_entries.id'),
+        primary_key=True)
     width = Column(Integer)
     height = Column(Integer)
-    media_entry = Column(
-        Integer, ForeignKey('media_entries.id'), nullable=False)
+    gps_longitude = Column(Float)
+    gps_latitude = Column(Float)
 
 
 DATA_MODEL = ImageData
diff --git a/mediagoblin/templates/mediagoblin/media_displays/video.html b/mediagoblin/templates/mediagoblin/media_displays/video.html
index 6c2c80e7..cf68b61b 100644
--- a/mediagoblin/templates/mediagoblin/media_displays/video.html
+++ b/mediagoblin/templates/mediagoblin/media_displays/video.html
@@ -30,7 +30,8 @@
     <video class="video-js vjs-default-skin"
 	   width="{{ media.media_data.width }}"
 	   height="{{ media.media_data.height }}"
-	   controls preload="metadata"
+	   controls="controls"
+	   preload="metadata"
 	   data-setup="">
       <source src="{{ request.app.public_store.file_url(
 		   media.media_files['webm_640']) }}" 
diff --git a/mediagoblin/tools/request.py b/mediagoblin/tools/request.py
index a45f716a..ae372c92 100644
--- a/mediagoblin/tools/request.py
+++ b/mediagoblin/tools/request.py
@@ -14,8 +14,12 @@
 # You should have received a copy of the GNU Affero General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+import logging
 from mediagoblin.db.util import ObjectId, InvalidId
 
+_log = logging.getLogger(__name__)
+
+
 def setup_user_in_request(request):
     """
     Examine a request and tack on a request.user parameter if that's
@@ -30,12 +34,12 @@ def setup_user_in_request(request):
     except InvalidId:
         user = None
     else:
-        user = request.db.User.one({'_id': oid})
+        user = request.db.User.find_one({'_id': oid})
 
     if not user:
         # Something's wrong... this user doesn't exist?  Invalidate
         # this session.
-        print "Killing session for %r" % request.session['user_id']
+        _log.warn("Killing session for user id %r", request.session['user_id'])
         request.session.invalidate()
 
     request.user = user