Remove included login required middleware using django-stronghold instead (http://mikegrouchy.com/django-stronghold/). GitLab Issue #206
This commit is contained in:
Roberto Rosario
@@ -3,6 +3,7 @@
|
||||
- Upgrade requirements.
|
||||
- Remove remaining references to Django's User model. Issue #225
|
||||
- Rename 'Content' search box to 'OCR'.
|
||||
- Remove included login required middleware using django-stronghold instead (http://mikegrouchy.com/django-stronghold/).
|
||||
|
||||
2.0.1 (2016-01-22)
|
||||
==================
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
from __future__ import unicode_literals
|
||||
|
||||
import re
|
||||
|
||||
from django.http import HttpResponseRedirect
|
||||
from django.conf import settings
|
||||
from django.core.urlresolvers import reverse
|
||||
|
||||
EXEMPT_URLS = [re.compile(reverse(settings.LOGIN_URL).lstrip('/'))]
|
||||
if hasattr(settings, 'LOGIN_EXEMPT_URLS'):
|
||||
EXEMPT_URLS += [re.compile(expr) for expr in settings.LOGIN_EXEMPT_URLS]
|
||||
|
||||
|
||||
class LoginRequiredMiddleware:
|
||||
"""
|
||||
Middleware that requires a user to be authenticated to view any page other
|
||||
than LOGIN_URL. Exemptions to this requirement can optionally be specified
|
||||
in settings via a list of regular expressions in LOGIN_EXEMPT_URLS (which
|
||||
you can copy from your urls.py).
|
||||
|
||||
Requires authentication middleware and template context processors to be
|
||||
loaded. You'll get an error if they aren't.
|
||||
"""
|
||||
|
||||
def process_request(self, request):
|
||||
assert hasattr(request, 'user'), "The Login Required middleware\
|
||||
requires authentication middleware to be installed. Edit your\
|
||||
MIDDLEWARE_CLASSES setting to insert\
|
||||
'django.contrib.auth.middlware.AuthenticationMiddleware'. If that doesn't\
|
||||
work, ensure your TEMPLATE_CONTEXT_PROCESSORS setting includes\
|
||||
'django.core.context_processors.auth'."
|
||||
if not request.user.is_authenticated():
|
||||
path = request.path_info.lstrip('/')
|
||||
if not any(m.match(path) for m in EXEMPT_URLS):
|
||||
return HttpResponseRedirect(reverse(settings.LOGIN_URL))
|
||||
@@ -8,10 +8,13 @@ from django.http import HttpResponseRedirect
|
||||
from django.shortcuts import redirect
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
||||
from stronghold.decorators import public
|
||||
|
||||
from .forms import EmailAuthenticationForm
|
||||
from .settings import setting_login_method
|
||||
|
||||
|
||||
@public
|
||||
def login_view(request):
|
||||
"""
|
||||
Control how the use is to be authenticated, options are 'email' and
|
||||
|
||||
@@ -62,6 +62,7 @@ INSTALLED_APPS = (
|
||||
'rest_framework',
|
||||
'rest_framework.authtoken',
|
||||
'solo',
|
||||
'stronghold',
|
||||
'widget_tweaks',
|
||||
# Base generic
|
||||
'acls',
|
||||
@@ -111,7 +112,7 @@ MIDDLEWARE_CLASSES = (
|
||||
'django.middleware.locale.LocaleMiddleware',
|
||||
'common.middleware.timezone.TimezoneMiddleware',
|
||||
'common.middleware.strip_spaces_widdleware.SpacelessMiddleware',
|
||||
'authentication.middleware.login_required_middleware.LoginRequiredMiddleware',
|
||||
'stronghold.middleware.LoginRequiredMiddleware',
|
||||
'common.middleware.ajax_redirect.AjaxRedirect',
|
||||
)
|
||||
|
||||
@@ -215,28 +216,6 @@ COMPRESS_PARSER = 'compressor.parser.HtmlParser'
|
||||
LOGIN_URL = 'authentication:login_view'
|
||||
LOGIN_REDIRECT_URL = 'common:home'
|
||||
INTERNAL_IPS = ('127.0.0.1',)
|
||||
# -------- LoginRequiredMiddleware ----------
|
||||
LOGIN_EXEMPT_URLS = (
|
||||
r'^favicon\.ico$',
|
||||
r'^about\.html$',
|
||||
r'^legal/', # allow the entire /legal/* subsection
|
||||
r'^%s-static/' % PROJECT_NAME,
|
||||
|
||||
r'^accounts/register/$',
|
||||
r'^accounts/register/complete/$',
|
||||
r'^accounts/register/closed/$',
|
||||
|
||||
r'^accounts/activate/complete/',
|
||||
r'^accounts/activate/(?P<activation_key>\w+)/$',
|
||||
|
||||
r'^authentication/password/reset/$',
|
||||
r'^authentication/password/reset/confirm/(?P<uidb36>[0-9A-Za-z]+)-(?P<token>.+)/$',
|
||||
r'^authentication/password/reset/complete/$',
|
||||
r'^authentication/password/reset/done/$',
|
||||
|
||||
r'^api/',
|
||||
r'^docs/',
|
||||
)
|
||||
# ---------- Django REST framework -----------
|
||||
REST_FRAMEWORK = {
|
||||
'DEFAULT_AUTHENTICATION_CLASSES': (
|
||||
|
||||
@@ -17,6 +17,7 @@ django-model-utils==2.4
|
||||
django-mptt==0.8.0
|
||||
django-qsstats-magic==0.7.2
|
||||
django-rest-swagger==0.3.4
|
||||
django-stronghold==0.2.7
|
||||
django-suit==0.2.16
|
||||
django-widget-tweaks==1.4.1
|
||||
djangorestframework==3.3.2
|
||||
|
||||
Reference in New Issue
Block a user