asadiqbal08/api-address-based-restriction:API Security: IP address based restriction added MCKIN-1108

uncomment the code

Includes:
* Initial API implementation
* API_KEY header fix
* Fixed indentation error
* move api from common to lms
* Course-Group Relationships
* wip
* add parsing of overview content blob
* initial implementation
* get course updates API method
* get course static tabs API methods
* add unit tests
* fix some merge conflicts and remove some extra print statements picked up in rebase
* better constrain some of the course url regexs to expect a triple for courseId
* add ability to enroll users into courses
* wip
* add queryable group lists
* add a GET endpoint to /api/groups/{groupid}/courses to get the list of courses associated with the group (program)
* return the display names when listing all courses in a group (program)
* create optimized course tree query API endpoint
* make sure group profile data is properly serialized and deserialized. There appears to be a difference between how the Django test client handles things. Disabling unit test for now to unblock UI devs
* null guard
* fix broken unit test
* add GET endpoint to group/user relationships
* Added Security to session api as requested in #785
* Storing passoword history of user and validation for user's email and username
* Moved security tests to lms also
* add two FEATURE flag overrides to enable the security features
* remove unnecessary settings overrides (because they are 'feature flags')
* Adding ratelimiting on login api
* Migrated from Function-Based Views to Class-Based-Views
* Create new Account/Login Audit Log
* The API should provide for an audit log when a user creates a new account or logs into the system.
* UserList.post() now creates UserProfile, UserPreference records
* Group Profile fix
* Filter group subgroups by group type
* Application reorganization
* Name is now required during group creation
* Added null check for profile name
* User must reset password functionality added
* User must reset password dunctionality added
* Added user password reset functionality
* Add password reset api and implemented Password history
* Remove unused imports, password reset message text

Add cohorted_threads_privacy cohort setting: a user that is not in any cohort will only see non-cohorted threads.

Add ENABLE_DISCUSSION_EMAIL_DIGEST feature, to enable discussion emails digest by default for all users

Included commits:
* xblock-external-ui: Include CSRF token in the API answer
* xblock-external-ui: Adds support for CORS headers (cross-domain request)
* xblock-external-ui: Include full path when building local_url
* xblock-external-ui: Fix TestHandleXBlockCallback & bok_choy, add tests
* xblock-external-ui: Only return `instance` in `_invoke_xblock_handler()`
* xblock-external-ui: Group resources by hash tag to avoid duplicate loads
* xblock-external-ui: Alternate referer check for CORS requests
* session-cookie-httponly: Allow to disable httponly on session cookies
* remove errant log message
* xblock-no-anonymous: Fail early if the XBlock view is called anonymously

TNL-1146

TNL-1146

PLAT-420

Fix recommenders' bugs: template_lookup initialization, syntax error, and the incompatibility of the underscore library

TNL-1240

TNL-1304

get the raw DescriptorSystem, not the CombinedSystem when instantiating xmodules (TNL-1226)

quality fixes

remove trailing comma

TNL-1351

TNL-1244

TNL-1362

This will help with rollout of TE-720 and any future new shards.

Fix link stylings in LMS and CMS footers

[OPEN-444]

[OPEN-444]

(optionally use a proxy process to spawn subprocesses)

ECOM-963

update copy in tests

This reverts commit 66b949b7.

modulestore, in order to separate serializable block data from
out-of-band, non-saved, temporary metadata.

Eliminate the deepcopy causing performance problems with import/export.

https://openedx.atlassian.net/browse/PLAT-416

This fixes two bugs:
1. All statuses were listed as "Unknown"
2. Non-ASCII characters in a header column translation resulted in a 500