Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- from django.http import HttpResponseRedirect
- class LoginChecksMiddleware(object):
- """
- A user has to be logged in to access
- any screen other than the login screen
- and password reset screen.
- A logged-in user must have changed their
- password within the required period.
- """
- def process_request(self, request):
- if request.user.is_anonymous():
- #if they're trying to log in, let them
- if request.META['PATH_INFO'].startswith('/login/') or \
- request.META['PATH_INFO'].startswith('/password_reset') or \
- request.META['PATH_INFO'].startswith('/reset/'):
- return None
- #redirect to login
- return HttpResponseRedirect('/login/')
- else:
- #if they're trying to go to the password_change
- #page, let them in any case
- if request.META['PATH_INFO'] == '/password_change/':
- return None
- #if password is expired, redirect
- if request.user.get_profile().password_is_expired():
- return HttpResponseRedirect('/password_change/')
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement