auth: require necessary authentication or in lan

middleware was not written properly, now requires authentication or
being in lan for readaccess, otherwise redirecting to login page

storage/authentication.py

@@ -65,7 +65,7 @@ class LanAuthentication(SessionAuthentication):
         is_session_authorized = super().authenticate(request)
         if is_session_authorized:
             return is_session_authorized
-        is_authorized = self.has_permission(request)
+        is_authorized = has_permission(request)
         if is_authorized:
             user = getattr(request._request, "user", None)
             return (user, "authorized")

storage/middleware.py

@@ -1,12 +1,16 @@
-from django.core.exceptions import PermissionDenied
 from storage.authentication import has_permission
+from django.http import HttpResponseRedirect
 
 
 def is_authorized_or_in_lan_middleware(get_response):
     # One-time configuration and initialization.
     login_paths_to_ignore = [
-          '/admin/login/'
-          '/complete/'
+        "/admin/login",
+        "/static",
+        "/admin/static",
+        "/complete",
+        "/favicon.ico",
+        "/api",
     ]
 
     def middleware(request):
@@ -17,9 +21,9 @@ def is_authorized_or_in_lan_middleware(get_response):
             return get_response(request)
         else:
             for login_path in login_paths_to_ignore:
-             if request.path.startswith(login_path):
+                if request.path.startswith(login_path):
                     return get_response(request)
             else:
-                raise PermissionDenied()
+                return HttpResponseRedirect("/admin/login")
 
     return middleware

storage/models.py

@@ -136,6 +136,7 @@ class ItemImage(models.Model):
         return "{}".format(self.image.name)
 
 
+# Deprecated, left in db due to legacy reasons
 class Label(models.Model):
     id = models.CharField(max_length=64, primary_key=True)
     item = models.ForeignKey(Item, related_name="labels", on_delete=models.CASCADE)