URL Patterns to have login_required or equiv to force authentication on any of the url's in that pattern

[root.lastnode@…]

I found that protecting views from unauthorized access can become cumbersom when your building lots of protected pages.

Decorating a view with login_required to force authentication works perfectly, but is not DRY when decorating every view in an app.

In combination with generic views, there are a few problems here and there with generics that are not accepting login_required. (see ticket #1071)

If the url patterns had a way to set login_required on the entire list of expressions, one could protect an entire part of the site
with one simple statement. Mixing protected/unprotected patterns would still allow flexibility designing urlpatterns.

example:

from django.conf.urls.defaults import *

urlpatterns = patterns('myproject.myapp.views',
    (r'^$', 'index'),
)

urlpatterns += auth_patterns('', some_options?,
    (r'^list_protected/$', 'django.views.generic.list_detail.object_list', dict(mydict)),
    (r'^add_protected/$', 'django.views.generic.create_update.create_object', dict(mydict)),
    (r'^update_protected/$', 'django.views.generic.create_update.update_object', dict(mydict)),
    (r'^delete_protected/$', 'django.views.generic.create_update.delete_object', dict(mydict)),
)

[Adrian Holovaty]

I'm marking this as a wontfix now, because as of [3554], URLconfs can take any callable. That means you can pass login_required(my_generic_view) directly to the URLconf.