summaryrefslogtreecommitdiff
path: root/kitchen/middleware.py
blob: 63c2f4f1c2e90c65d4b14fc574f20d02f2d3c4c2 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
from django.conf import settings
from django.contrib.auth.views import redirect_to_login


class AppLoginRequiredMiddleware:
    """Require a logged-in session for the /app/ HTMX UI.

    Deliberately scoped to /app/ only:
      - /api/ uses DRF token auth (its user isn't resolved until the view runs,
        so a blanket login check here would wrongly reject valid tokens).
      - /admin/ has its own login.
      - the login page and /static/ must stay reachable while logged out.
    """

    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        if request.path.startswith("/app/") and not request.user.is_authenticated:
            return redirect_to_login(request.get_full_path(), settings.LOGIN_URL)
        return self.get_response(request)