#3784 closed (duplicate)
No (obvious) way to restrict an entire site to logged in users
Reported by: | Owned by: | Jacob | |
---|---|---|---|
Component: | Uncategorized | Version: | 0.95 |
Severity: | Keywords: | ||
Cc: | Triage Stage: | Unreviewed | |
Has patch: | no | Needs documentation: | no |
Needs tests: | no | Patch needs improvement: | no |
Easy pickings: | no | UI/UX: | no |
Description
I have a webapp which I want to restrict access to logged in users only. At the moment my custom views have the @login_required decorator, and I've had to make wrappers for the generic views so that I can decorate those too.
The problem is that as I add views I need to remember to add the decorator, or there is a security hole.
Can there be a trivial way to mark an entire application (or uri space, or something) as login_required?
Change History (4)
comment:1 by , 18 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
comment:2 by , 18 years ago
Resolution: | invalid |
---|---|
Status: | closed → reopened |
comment:3 by , 18 years ago
Resolution: | → duplicate |
---|---|
Status: | reopened → closed |
#3697 is a duplicate feature request.
comment:4 by , 18 years ago
In the meantime, Jared Kuolt's written a middleware which does exactly this. You can get it here: http://superjared.com/entry/requiring-login-entire-django-powered-site-redux/
Please ask at the django-users mailing list; we don't do user support in the ticket system.