summaryrefslogtreecommitdiff
path: root/kitchen/middleware.py
diff options
context:
space:
mode:
Diffstat (limited to 'kitchen/middleware.py')
-rw-r--r--kitchen/middleware.py21
1 files changed, 21 insertions, 0 deletions
diff --git a/kitchen/middleware.py b/kitchen/middleware.py
new file mode 100644
index 0000000..63c2f4f
--- /dev/null
+++ b/kitchen/middleware.py
@@ -0,0 +1,21 @@
+from django.conf import settings
+from django.contrib.auth.views import redirect_to_login
+
+
+class AppLoginRequiredMiddleware:
+ """Require a logged-in session for the /app/ HTMX UI.
+
+ Deliberately scoped to /app/ only:
+ - /api/ uses DRF token auth (its user isn't resolved until the view runs,
+ so a blanket login check here would wrongly reject valid tokens).
+ - /admin/ has its own login.
+ - the login page and /static/ must stay reachable while logged out.
+ """
+
+ def __init__(self, get_response):
+ self.get_response = get_response
+
+ def __call__(self, request):
+ if request.path.startswith("/app/") and not request.user.is_authenticated:
+ return redirect_to_login(request.get_full_path(), settings.LOGIN_URL)
+ return self.get_response(request)