RPGnotes/common/middlewares.py

from django.contrib.auth.views import redirect_to_login
from django.core.exceptions import PermissionDenied
from django.http import HttpRequest, HttpResponseRedirect
from django.template.response import TemplateResponse

from campaigns.models import Campaign
from rpg_notes.secrets import HOME_DOMAIN_URL
from rpg_notes.settings import DEBUG
from users.models import TenantUser

demo_campaign_id = 4 if DEBUG else 8


class AuthMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request: HttpRequest):
        # Code to be executed for each request before
        # the view (and later middleware) are called.
        current_user: TenantUser = request.user
        tenant: Campaign = request.tenant
        if tenant.pk == 1 \
                or request.path.startswith("/login") \
                or request.path.startswith("/css"):
            return self.get_response(request)
        if tenant.pk == demo_campaign_id:
            if request.method in {"GET", "HEAD"} or request.path.startswith("/i18n/setlang"):
                return self.get_response(request)
            elif not current_user.is_authenticated:
                r = TemplateResponse(request, "common/demo_readonly.jinja", status=405)
                r.render()
                return r
        if tenant.pk != 1 and request.path.startswith("/password_reset/"):
            # password reset should always been done on the main domain
            return HttpResponseRedirect(HOME_DOMAIN_URL + request.path)
        if not current_user.is_authenticated:
            return redirect_to_login(request.get_full_path())
        if not current_user.tenants.filter(pk=tenant.pk).exists():
            raise PermissionDenied()
        return self.get_response(request)
proper login check via middleware 2021-09-06 21:10:55 +02:00			`from django.contrib.auth.views import redirect_to_login`
			`from django.core.exceptions import PermissionDenied`
do password reset on main domain 2023-07-09 18:43:04 +02:00			`from django.http import HttpRequest, HttpResponseRedirect`
add readonly demo and other minor fixes 2022-07-05 20:22:13 +02:00			`from django.template.response import TemplateResponse`
proper login check via middleware 2021-09-06 21:10:55 +02:00
			`from campaigns.models import Campaign`
do password reset on main domain 2023-07-09 18:43:04 +02:00			`from rpg_notes.secrets import HOME_DOMAIN_URL`
add readonly demo and other minor fixes 2022-07-05 20:22:13 +02:00			`from rpg_notes.settings import DEBUG`
proper login check via middleware 2021-09-06 21:10:55 +02:00			`from users.models import TenantUser`

add readonly demo and other minor fixes 2022-07-05 20:22:13 +02:00			`demo_campaign_id = 4 if DEBUG else 8`

proper login check via middleware 2021-09-06 21:10:55 +02:00
			`class AuthMiddleware:`
			`def __init__(self, get_response):`
			`self.get_response = get_response`

			`def __call__(self, request: HttpRequest):`
			`# Code to be executed for each request before`
			`# the view (and later middleware) are called.`
			`current_user: TenantUser = request.user`
			`tenant: Campaign = request.tenant`
			`if tenant.pk == 1 \`
			`or request.path.startswith("/login") \`
			`or request.path.startswith("/css"):`
			`return self.get_response(request)`
add readonly demo and other minor fixes 2022-07-05 20:22:13 +02:00			`if tenant.pk == demo_campaign_id:`
			`if request.method in {"GET", "HEAD"} or request.path.startswith("/i18n/setlang"):`
			`return self.get_response(request)`
			`elif not current_user.is_authenticated:`
improve status code 2023-05-28 13:03:12 +02:00			`r = TemplateResponse(request, "common/demo_readonly.jinja", status=405)`
add readonly demo and other minor fixes 2022-07-05 20:22:13 +02:00			`r.render()`
			`return r`
do password reset on main domain 2023-07-09 18:43:04 +02:00			`if tenant.pk != 1 and request.path.startswith("/password_reset/"):`
			`# password reset should always been done on the main domain`
			`return HttpResponseRedirect(HOME_DOMAIN_URL + request.path)`
proper login check via middleware 2021-09-06 21:10:55 +02:00			`if not current_user.is_authenticated:`
			`return redirect_to_login(request.get_full_path())`
			`if not current_user.tenants.filter(pk=tenant.pk).exists():`
			`raise PermissionDenied()`
			`return self.get_response(request)`