diff options
| author | Tom Flux <tom@tomflux.xyz> | 2026-06-23 20:37:48 +0100 |
|---|---|---|
| committer | Tom Flux <tom@tomflux.xyz> | 2026-06-23 20:37:48 +0100 |
| commit | d92deeab514a52e7c3416baef78f8969ade951cc (patch) | |
| tree | f5c071147ea6f62501dee904a1f381805a1e5941 /kitchen/middleware.py | |
| parent | 682c0f76b85950ad0889e11750dc84e0f00d2807 (diff) | |
Phase 2: session auth for the web UI
Require login for /app/, with a long sliding session so you log in
once per device and effectively stay in.
- AppLoginRequiredMiddleware gates only /app/; /api/ keeps DRF token
auth and /admin/ keeps its own login (a blanket LoginRequired would
break token requests, whose user isn't resolved until the view runs).
- Login page (styled to the dark palette) via django.contrib.auth.urls;
logout control in the nav.
- Session: ~1 year cookie, sliding (saved every request), survives
browser close.
- Dropped every @csrf_exempt now that a real session + CSRF token are
in place (HTMX already sends X-CSRFToken).
- SECRET_KEY and DEBUG now read from the environment (prod-safe
defaults); systemd loads an optional /var/lib/food/.env.
- Tests authenticate, plus new coverage: /app/ redirects when logged
out, login grants access, /api/ is not caught by the app gate.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Diffstat (limited to 'kitchen/middleware.py')
| -rw-r--r-- | kitchen/middleware.py | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/kitchen/middleware.py b/kitchen/middleware.py new file mode 100644 index 0000000..63c2f4f --- /dev/null +++ b/kitchen/middleware.py @@ -0,0 +1,21 @@ +from django.conf import settings +from django.contrib.auth.views import redirect_to_login + + +class AppLoginRequiredMiddleware: + """Require a logged-in session for the /app/ HTMX UI. + + Deliberately scoped to /app/ only: + - /api/ uses DRF token auth (its user isn't resolved until the view runs, + so a blanket login check here would wrongly reject valid tokens). + - /admin/ has its own login. + - the login page and /static/ must stay reachable while logged out. + """ + + def __init__(self, get_response): + self.get_response = get_response + + def __call__(self, request): + if request.path.startswith("/app/") and not request.user.is_authenticated: + return redirect_to_login(request.get_full_path(), settings.LOGIN_URL) + return self.get_response(request) |
