diff --git a/.gitignore b/.gitignore index 7a51187..c338a5f 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,4 @@ db.sqlite3 .DS_Store pxy_city_digital_twins/__backup__/ Dockerfile.dev +docker-compose.override.yml diff --git a/polisplexity/settings.py b/polisplexity/settings.py index 3ac8643..2c5d5e9 100644 --- a/polisplexity/settings.py +++ b/polisplexity/settings.py @@ -60,7 +60,7 @@ INSTALLED_APPS = [ CRISPY_ALLOWED_TEMPLATE_PACKS = "bootstrap5" CRISPY_TEMPLATE_PACK = "bootstrap5" -SITE_ID = 1 +SITE_ID = 2 AUTHENTICATION_BACKENDS = [ "django.contrib.auth.backends.ModelBackend", # default @@ -77,7 +77,8 @@ MIDDLEWARE = [ "django.middleware.common.CommonMiddleware", "django.middleware.csrf.CsrfViewMiddleware", "django.contrib.auth.middleware.AuthenticationMiddleware", - "allauth.account.middleware.AccountMiddleware", # ← Add this line + "allauth.account.middleware.AccountMiddleware", + "pxy_dashboard.middleware.LoginRequiredMiddleware", "django.contrib.messages.middleware.MessageMiddleware", "django.middleware.clickjacking.XFrameOptionsMiddleware", ] diff --git a/pxy_dashboard/middleware.py b/pxy_dashboard/middleware.py new file mode 100644 index 0000000..7336d3d --- /dev/null +++ b/pxy_dashboard/middleware.py @@ -0,0 +1,31 @@ +# pxy_dashboard/middleware.py +import re +from django.conf import settings +from django.shortcuts import redirect +from django.urls import reverse +from django.utils.deprecation import MiddlewareMixin + +EXEMPT_URLS = [ + reverse("account_login"), + reverse("account_logout"), + reverse("account_signup"), + reverse("account_reset_password"), + reverse("account_reset_password_done"), + # These can't be reversed without args + "/accounts/password/reset/key/done/", +] +EXEMPT_URLS += [re.compile(r"^accounts/password/reset/key/.+$")] +EXEMPT_URLS += [re.compile(expr) for expr in [ + r"^admin/", + r"^accounts/", + r"^static/", + r"^media/", +]] + + +class LoginRequiredMiddleware(MiddlewareMixin): + def process_request(self, request): + if not request.user.is_authenticated: + path = request.path_info.lstrip("/") + if not any(url.match(path) if hasattr(url, 'match') else path == url.lstrip("/") for url in EXEMPT_URLS): + return redirect(settings.LOGIN_URL)