|
|
@@ -20,17 +20,20 @@ class LoginRequiredMiddleware(object):
|
|
|
self.get_response = get_response
|
|
|
|
|
|
def __call__(self, request):
|
|
|
+ # Redirect unauthenticated requests (except those exempted) to the login page if LOGIN_REQUIRED is true
|
|
|
if settings.LOGIN_REQUIRED and not request.user.is_authenticated:
|
|
|
- # Redirect unauthenticated requests to the login page. API requests are exempt from redirection as the API
|
|
|
- # performs its own authentication. Also metrics can be read without login.
|
|
|
- api_path = reverse('api-root')
|
|
|
- if not request.path_info.startswith((api_path, '/metrics')) and request.path_info != settings.LOGIN_URL:
|
|
|
- return HttpResponseRedirect(
|
|
|
- '{}?next={}'.format(
|
|
|
- settings.LOGIN_URL,
|
|
|
- parse.quote(request.get_full_path_info())
|
|
|
- )
|
|
|
- )
|
|
|
+ # Determine exempt paths
|
|
|
+ exempt_paths = [
|
|
|
+ reverse('api-root')
|
|
|
+ ]
|
|
|
+ if settings.METRICS_ENABLED:
|
|
|
+ exempt_paths.append(reverse('prometheus-django-metrics'))
|
|
|
+
|
|
|
+ # Redirect unauthenticated requests
|
|
|
+ if not request.path_info.startswith(tuple(exempt_paths)) and request.path_info != settings.LOGIN_URL:
|
|
|
+ login_url = f'{settings.LOGIN_URL}?next={parse.quote(request.get_full_path_info())}'
|
|
|
+ return HttpResponseRedirect(login_url)
|
|
|
+
|
|
|
return self.get_response(request)
|
|
|
|
|
|
|
jeremystretch