Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.

{% load humanize %}
{% for bulletin in bulletins %}
<div class="bulletin" id="bulletin-{{ bulletin.id }}">
   <h3>{{ bulletin.title }}</h3>
   <div class="bulletin-text">
      {{ bulletin.text|safe }}
   </div>
   <p class="bulletin-meta">Posted: {{ bulletin.start_date|naturalday|capfirst }}
   {{ bulletin.start_date|date:"H:i" }}.</p>
</div>
{% endfor %}