mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2025-10-31 10:26:01 +01:00
1f3d5afe6a
- Updated settings.py to include PhpMyAdminAccessMiddleware for enhanced access control. - Modified phpmyadminsignin.php to check user session and redirect to the login page if not authenticated.
33 lines
1.0 KiB
Python
33 lines
1.0 KiB
Python
# -*- coding: utf-8 -*-
|
|
"""
|
|
phpMyAdmin Access Control Middleware
|
|
|
|
This middleware checks if users are trying to access phpMyAdmin directly
|
|
without being logged into CyberPanel and redirects them to the login page.
|
|
"""
|
|
|
|
from django.shortcuts import redirect
|
|
from django.http import HttpResponseRedirect
|
|
from django.urls import reverse
|
|
|
|
|
|
class PhpMyAdminAccessMiddleware:
|
|
"""
|
|
Middleware to control phpMyAdmin access and redirect unauthenticated users to login page.
|
|
"""
|
|
|
|
def __init__(self, get_response):
|
|
self.get_response = get_response
|
|
|
|
def __call__(self, request):
|
|
# Check if the request is for phpMyAdmin
|
|
if request.path.startswith('/phpmyadmin/'):
|
|
# Check if user is authenticated (has session)
|
|
if 'userID' not in request.session:
|
|
# Redirect to CyberPanel login page
|
|
login_url = '/base/'
|
|
return HttpResponseRedirect(login_url)
|
|
|
|
response = self.get_response(request)
|
|
return response
|