spejstore/storage/middleware.py

from storage.authentication import has_permission
from django.http import HttpResponseRedirect
from spejstore.settings import STATIC_URL, MEDIA_URL, LOGIN_URL
from django.core.exceptions import PermissionDenied

def is_authorized_or_in_lan_middleware(get_response):
    # One-time configuration and initialization.
    login_paths_to_ignore = [
        "/login",
        LOGIN_URL[:-1],
        STATIC_URL[:-1],
        MEDIA_URL[:-1],
        "/admin/static",
        "/complete",
        "/favicon.ico",
        "/api/1",
    ]

    def middleware(request):
        if request.user.is_authenticated:
            return get_response(request)
        is_within_lan, error_message = has_permission(request)
        if is_within_lan:
            return get_response(request)
        else:
            for login_path in login_paths_to_ignore:
                if request.path.startswith(login_path):
                    return get_response(request)
            else:
                raise PermissionDenied()

    return middleware
django: force auth for all requests 2023-08-25 19:06:01 +00:00			`from storage.authentication import has_permission`
auth: require necessary authentication or in lan middleware was not written properly, now requires authentication or being in lan for readaccess, otherwise redirecting to login page 2023-09-09 13:43:23 +00:00			`from django.http import HttpResponseRedirect`
auth: cleanup 2023-09-09 17:26:36 +00:00			`from spejstore.settings import STATIC_URL, MEDIA_URL, LOGIN_URL`
			`from django.core.exceptions import PermissionDenied`
django: force auth for all requests 2023-08-25 19:06:01 +00:00
			`def is_authorized_or_in_lan_middleware(get_response):`
			`# One-time configuration and initialization.`
auth: fix auth paths 2023-09-09 13:43:23 +00:00			`login_paths_to_ignore = [`
auth: cleanup 2023-09-09 17:26:36 +00:00			`"/login",`
			`LOGIN_URL[:-1],`
			`STATIC_URL[:-1],`
			`MEDIA_URL[:-1],`
auth: require necessary authentication or in lan middleware was not written properly, now requires authentication or being in lan for readaccess, otherwise redirecting to login page 2023-09-09 13:43:23 +00:00			`"/admin/static",`
			`"/complete",`
			`"/favicon.ico",`
auth: cleanup 2023-09-09 17:26:36 +00:00			`"/api/1",`
auth: fix auth paths 2023-09-09 13:43:23 +00:00			`]`
django: force auth for all requests 2023-08-25 19:06:01 +00:00
			`def middleware(request):`
			`if request.user.is_authenticated:`
auth: fix auth paths 2023-09-09 13:43:23 +00:00			`return get_response(request)`
auth: cleanup 2023-09-09 17:26:36 +00:00			`is_within_lan, error_message = has_permission(request)`
django: force auth for all requests 2023-08-25 19:06:01 +00:00			`if is_within_lan:`
auth: fix auth paths 2023-09-09 13:43:23 +00:00			`return get_response(request)`
django: force auth for all requests 2023-08-25 19:06:01 +00:00			`else:`
auth: fix auth paths 2023-09-09 13:43:23 +00:00			`for login_path in login_paths_to_ignore:`
auth: require necessary authentication or in lan middleware was not written properly, now requires authentication or being in lan for readaccess, otherwise redirecting to login page 2023-09-09 13:43:23 +00:00			`if request.path.startswith(login_path):`
auth: fix auth paths 2023-09-09 13:43:23 +00:00			`return get_response(request)`
			`else:`
auth: cleanup 2023-09-09 17:26:36 +00:00			`raise PermissionDenied()`
django: force auth for all requests 2023-08-25 19:06:01 +00:00
			`return middleware`