feature/enforce_login (#32)

Co-authored-by: Tim Lorsbach <tim@lorsba.ch> Reviewed-on: enviPath/enviPy#32
2025-07-23 07:27:57 +12:00
parent df896878f1
commit 43c95e3da7
8 changed files with 126 additions and 76 deletions
--- a/epdb/middleware/init.py
+++ b/epdb/middleware/init.py
--- a/epdb/middleware/login_required_middleware.py
+++ b/epdb/middleware/login_required_middleware.py
@ -0,0 +1,21 @@
+from django.conf import settings
+from django.shortcuts import redirect
+from django.urls import reverse
+
+
+class LoginRequiredMiddleware:
+    def __init__(self, get_response):
+        self.get_response = get_response
+        self.exempt_urls = [
+                               reverse('login'),
+                               reverse('logout'),
+                               reverse('admin:login'),
+                               reverse('admin:index'),
+                           ] + getattr(settings, 'LOGIN_EXEMPT_URLS', [])
+
+    def __call__(self, request):
+        if not request.user.is_authenticated:
+            path = request.path_info
+            if not any(path.startswith(url) for url in self.exempt_urls):
+                return redirect(settings.LOGIN_URL)
+        return self.get_response(request)