auth: fix auth paths
This commit is contained in:
parent
daea8dda22
commit
f1335f0565
|
@ -63,9 +63,9 @@ MIDDLEWARE = [
|
||||||
"django.middleware.security.SecurityMiddleware",
|
"django.middleware.security.SecurityMiddleware",
|
||||||
"whitenoise.middleware.WhiteNoiseMiddleware",
|
"whitenoise.middleware.WhiteNoiseMiddleware",
|
||||||
"django.middleware.cache.UpdateCacheMiddleware",
|
"django.middleware.cache.UpdateCacheMiddleware",
|
||||||
"storage.middleware.is_authorized_or_in_lan_middleware",
|
|
||||||
"django.middleware.gzip.GZipMiddleware",
|
"django.middleware.gzip.GZipMiddleware",
|
||||||
"django.contrib.sessions.middleware.SessionMiddleware",
|
"django.contrib.sessions.middleware.SessionMiddleware",
|
||||||
|
"storage.middleware.is_authorized_or_in_lan_middleware",
|
||||||
"django.middleware.common.CommonMiddleware",
|
"django.middleware.common.CommonMiddleware",
|
||||||
"django.middleware.csrf.CsrfViewMiddleware",
|
"django.middleware.csrf.CsrfViewMiddleware",
|
||||||
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
"django.contrib.auth.middleware.AuthenticationMiddleware",
|
||||||
|
|
|
@ -4,21 +4,22 @@ from storage.authentication import has_permission
|
||||||
|
|
||||||
def is_authorized_or_in_lan_middleware(get_response):
|
def is_authorized_or_in_lan_middleware(get_response):
|
||||||
# One-time configuration and initialization.
|
# One-time configuration and initialization.
|
||||||
|
login_paths_to_ignore = [
|
||||||
|
'/admin/login/'
|
||||||
|
'/complete/'
|
||||||
|
]
|
||||||
|
|
||||||
def middleware(request):
|
def middleware(request):
|
||||||
# Code to be executed for each request before
|
|
||||||
# the view (and later middleware) are called.
|
|
||||||
|
|
||||||
response = get_response(request)
|
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
return response
|
return get_response(request)
|
||||||
is_within_lan = has_permission(request)
|
is_within_lan = has_permission(request)
|
||||||
if is_within_lan:
|
if is_within_lan:
|
||||||
return response
|
return get_response(request)
|
||||||
|
else:
|
||||||
|
for login_path in login_paths_to_ignore:
|
||||||
|
if request.path.startswith(login_path):
|
||||||
|
return get_response(request)
|
||||||
else:
|
else:
|
||||||
raise PermissionDenied()
|
raise PermissionDenied()
|
||||||
|
|
||||||
# Code to be executed for each request/response after
|
|
||||||
# the view is called.
|
|
||||||
|
|
||||||
return middleware
|
return middleware
|
||||||
|
|
Loading…
Reference in New Issue