close #203 : Add workaround for private settings and fix 500 error

2025-11-13 16:45:41 +01:00 · 2020-05-31 13:38:27 +08:00
parent 14b31cd808
commit de0a1fa74b
1 changed files with 8 additions and 9 deletions
--- a/users/middleware.py
+++ b/users/middleware.py
@@ -1,16 +1,15 @@
 from django.conf import settings
-from django.http import HttpResponseRedirect
-from django.core.urlresolvers import reverse
+from django.http import HttpResponseForbidden


 class Public(object):

+    acceptable_paths = (
+        "/api/v2/profile/",
+    )
+
    def process_request(self, request):
        if settings.PUBLIC is False and not request.user.is_authenticated():
-            acceptable_paths = [
-                '/login/',
-                '/private/',
-                '/register/',
-            ]
-            if request.path not in acceptable_paths:
-                return HttpResponseRedirect(reverse('users:private'))
+            for path in self.acceptable_paths:
+                if not request.path.startswith(path):
+                    return HttpResponseForbidden()