forked from wiktor/spejstore-new
auth: require necessary authentication or in lan
middleware was not written properly, now requires authentication or being in lan for readaccess, otherwise redirecting to login page
This commit is contained in:
parent
3c3ba16811
commit
f8b3dd6bf7
|
@ -65,7 +65,7 @@ class LanAuthentication(SessionAuthentication):
|
||||||
is_session_authorized = super().authenticate(request)
|
is_session_authorized = super().authenticate(request)
|
||||||
if is_session_authorized:
|
if is_session_authorized:
|
||||||
return is_session_authorized
|
return is_session_authorized
|
||||||
is_authorized = self.has_permission(request)
|
is_authorized = has_permission(request)
|
||||||
if is_authorized:
|
if is_authorized:
|
||||||
user = getattr(request._request, "user", None)
|
user = getattr(request._request, "user", None)
|
||||||
return (user, "authorized")
|
return (user, "authorized")
|
||||||
|
|
|
@ -1,12 +1,16 @@
|
||||||
from django.core.exceptions import PermissionDenied
|
|
||||||
from storage.authentication import has_permission
|
from storage.authentication import has_permission
|
||||||
|
from django.http import HttpResponseRedirect
|
||||||
|
|
||||||
|
|
||||||
def is_authorized_or_in_lan_middleware(get_response):
|
def is_authorized_or_in_lan_middleware(get_response):
|
||||||
# One-time configuration and initialization.
|
# One-time configuration and initialization.
|
||||||
login_paths_to_ignore = [
|
login_paths_to_ignore = [
|
||||||
'/admin/login/'
|
"/admin/login",
|
||||||
'/complete/'
|
"/static",
|
||||||
|
"/admin/static",
|
||||||
|
"/complete",
|
||||||
|
"/favicon.ico",
|
||||||
|
"/api",
|
||||||
]
|
]
|
||||||
|
|
||||||
def middleware(request):
|
def middleware(request):
|
||||||
|
@ -20,6 +24,6 @@ def is_authorized_or_in_lan_middleware(get_response):
|
||||||
if request.path.startswith(login_path):
|
if request.path.startswith(login_path):
|
||||||
return get_response(request)
|
return get_response(request)
|
||||||
else:
|
else:
|
||||||
raise PermissionDenied()
|
return HttpResponseRedirect("/admin/login")
|
||||||
|
|
||||||
return middleware
|
return middleware
|
||||||
|
|
|
@ -136,6 +136,7 @@ class ItemImage(models.Model):
|
||||||
return "{}".format(self.image.name)
|
return "{}".format(self.image.name)
|
||||||
|
|
||||||
|
|
||||||
|
# Deprecated, left in db due to legacy reasons
|
||||||
class Label(models.Model):
|
class Label(models.Model):
|
||||||
id = models.CharField(max_length=64, primary_key=True)
|
id = models.CharField(max_length=64, primary_key=True)
|
||||||
item = models.ForeignKey(Item, related_name="labels", on_delete=models.CASCADE)
|
item = models.ForeignKey(Item, related_name="labels", on_delete=models.CASCADE)
|
||||||
|
|
Loading…
Reference in New Issue