#3784 closed (duplicate)
No (obvious) way to restrict an entire site to logged in users
| Reported by: | Owned by: | Jacob | |
|---|---|---|---|
| Component: | Uncategorized | Version: | 0.95 |
| Severity: | Keywords: | ||
| Cc: | Triage Stage: | Unreviewed | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
I have a webapp which I want to restrict access to logged in users only. At the moment my custom views have the @login_required decorator, and I've had to make wrappers for the generic views so that I can decorate those too.
The problem is that as I add views I need to remember to add the decorator, or there is a security hole.
Can there be a trivial way to mark an entire application (or uri space, or something) as login_required?
Change History (4)
comment:1 by , 17 years ago
| Resolution: | → invalid |
|---|---|
| Status: | new → closed |
comment:2 by , 17 years ago
| Resolution: | invalid |
|---|---|
| Status: | closed → reopened |
comment:3 by , 17 years ago
| Resolution: | → duplicate |
|---|---|
| Status: | reopened → closed |
#3697 is a duplicate feature request.
comment:4 by , 17 years ago
In the meantime, Jared Kuolt's written a middleware which does exactly this. You can get it here: http://superjared.com/entry/requiring-login-entire-django-powered-site-redux/
Note:
See TracTickets
for help on using tickets.
Please ask at the django-users mailing list; we don't do user support in the ticket system.