From 8614bc4bfc94dd02d48d7c94969a999f5d7f186a Mon Sep 17 00:00:00 2001 From: Roberto Rosario Date: Thu, 4 Feb 2016 15:32:59 -0400 Subject: [PATCH] Remove included login required middleware using django-stronghold instead (http://mikegrouchy.com/django-stronghold/). GitLab Issue #206 --- HISTORY.rst | 1 + .../authentication/middleware/__init__.py | 0 .../middleware/login_required_middleware.py | 35 ------------------- mayan/apps/authentication/views.py | 3 ++ mayan/settings/base.py | 25 ++----------- requirements/base.txt | 1 + 6 files changed, 7 insertions(+), 58 deletions(-) delete mode 100644 mayan/apps/authentication/middleware/__init__.py delete mode 100644 mayan/apps/authentication/middleware/login_required_middleware.py diff --git a/HISTORY.rst b/HISTORY.rst index 331559114b..bf4c85d3ff 100644 --- a/HISTORY.rst +++ b/HISTORY.rst @@ -3,6 +3,7 @@ - Upgrade requirements. - Remove remaining references to Django's User model. Issue #225 - Rename 'Content' search box to 'OCR'. +- Remove included login required middleware using django-stronghold instead (http://mikegrouchy.com/django-stronghold/). 2.0.1 (2016-01-22) ================== diff --git a/mayan/apps/authentication/middleware/__init__.py b/mayan/apps/authentication/middleware/__init__.py deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/mayan/apps/authentication/middleware/login_required_middleware.py b/mayan/apps/authentication/middleware/login_required_middleware.py deleted file mode 100644 index 6dbb0113e2..0000000000 --- a/mayan/apps/authentication/middleware/login_required_middleware.py +++ /dev/null @@ -1,35 +0,0 @@ -from __future__ import unicode_literals - -import re - -from django.http import HttpResponseRedirect -from django.conf import settings -from django.core.urlresolvers import reverse - -EXEMPT_URLS = [re.compile(reverse(settings.LOGIN_URL).lstrip('/'))] -if hasattr(settings, 'LOGIN_EXEMPT_URLS'): - EXEMPT_URLS += [re.compile(expr) for expr in settings.LOGIN_EXEMPT_URLS] - - -class LoginRequiredMiddleware: - """ - Middleware that requires a user to be authenticated to view any page other - than LOGIN_URL. Exemptions to this requirement can optionally be specified - in settings via a list of regular expressions in LOGIN_EXEMPT_URLS (which - you can copy from your urls.py). - - Requires authentication middleware and template context processors to be - loaded. You'll get an error if they aren't. - """ - - def process_request(self, request): - assert hasattr(request, 'user'), "The Login Required middleware\ - requires authentication middleware to be installed. Edit your\ - MIDDLEWARE_CLASSES setting to insert\ - 'django.contrib.auth.middlware.AuthenticationMiddleware'. If that doesn't\ - work, ensure your TEMPLATE_CONTEXT_PROCESSORS setting includes\ - 'django.core.context_processors.auth'." - if not request.user.is_authenticated(): - path = request.path_info.lstrip('/') - if not any(m.match(path) for m in EXEMPT_URLS): - return HttpResponseRedirect(reverse(settings.LOGIN_URL)) diff --git a/mayan/apps/authentication/views.py b/mayan/apps/authentication/views.py index e0316f1a8b..8d21556f7c 100644 --- a/mayan/apps/authentication/views.py +++ b/mayan/apps/authentication/views.py @@ -8,10 +8,13 @@ from django.http import HttpResponseRedirect from django.shortcuts import redirect from django.utils.translation import ugettext_lazy as _ +from stronghold.decorators import public + from .forms import EmailAuthenticationForm from .settings import setting_login_method +@public def login_view(request): """ Control how the use is to be authenticated, options are 'email' and diff --git a/mayan/settings/base.py b/mayan/settings/base.py index 3c845f441d..d805872b4a 100644 --- a/mayan/settings/base.py +++ b/mayan/settings/base.py @@ -62,6 +62,7 @@ INSTALLED_APPS = ( 'rest_framework', 'rest_framework.authtoken', 'solo', + 'stronghold', 'widget_tweaks', # Base generic 'acls', @@ -111,7 +112,7 @@ MIDDLEWARE_CLASSES = ( 'django.middleware.locale.LocaleMiddleware', 'common.middleware.timezone.TimezoneMiddleware', 'common.middleware.strip_spaces_widdleware.SpacelessMiddleware', - 'authentication.middleware.login_required_middleware.LoginRequiredMiddleware', + 'stronghold.middleware.LoginRequiredMiddleware', 'common.middleware.ajax_redirect.AjaxRedirect', ) @@ -215,28 +216,6 @@ COMPRESS_PARSER = 'compressor.parser.HtmlParser' LOGIN_URL = 'authentication:login_view' LOGIN_REDIRECT_URL = 'common:home' INTERNAL_IPS = ('127.0.0.1',) -# -------- LoginRequiredMiddleware ---------- -LOGIN_EXEMPT_URLS = ( - r'^favicon\.ico$', - r'^about\.html$', - r'^legal/', # allow the entire /legal/* subsection - r'^%s-static/' % PROJECT_NAME, - - r'^accounts/register/$', - r'^accounts/register/complete/$', - r'^accounts/register/closed/$', - - r'^accounts/activate/complete/', - r'^accounts/activate/(?P\w+)/$', - - r'^authentication/password/reset/$', - r'^authentication/password/reset/confirm/(?P[0-9A-Za-z]+)-(?P.+)/$', - r'^authentication/password/reset/complete/$', - r'^authentication/password/reset/done/$', - - r'^api/', - r'^docs/', -) # ---------- Django REST framework ----------- REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': ( diff --git a/requirements/base.txt b/requirements/base.txt index 4202489a91..cc68b931b2 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -17,6 +17,7 @@ django-model-utils==2.4 django-mptt==0.8.0 django-qsstats-magic==0.7.2 django-rest-swagger==0.3.4 +django-stronghold==0.2.7 django-suit==0.2.16 django-widget-tweaks==1.4.1 djangorestframework==3.3.2