No (obvious) way to restrict an entire site to logged in users
|Reported by:||ross@…||Owned by:||jacob|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I have a webapp which I want to restrict access to logged in users only. At the moment my custom views have the @login_required decorator, and I've had to make wrappers for the generic views so that I can decorate those too.
The problem is that as I add views I need to remember to add the decorator, or there is a security hole.
Can there be a trivial way to mark an entire application (or uri space, or something) as login_required?
Change History (4)
comment:1 Changed 8 years ago by mir@…
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Resolution set to invalid
- Status changed from new to closed
comment:2 Changed 8 years ago by Simon G. <dev@…>
- Resolution invalid deleted
- Status changed from closed to reopened
comment:3 Changed 8 years ago by Simon G. <dev@…>
- Resolution set to duplicate
- Status changed from reopened to closed