Point '^accounts/login/$' or whatever your custom login path is to the 'negotiate_ntlm' view.
This allows you to keep anonymous authentication enabled on IIS and easily lock down just the parts of the site you need to (e.g. admin).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | """auth.py"""
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect
class HttpResponseNotAuthorized(HttpResponse):
status_code = 401
def __init__(self, *args, **kwargs):
HttpResponse.__init__(self, *args, **kwargs)
self['WWW-Authenticate'] = 'NegotiateNTLM'
def negotiate_ntlm(request,
content='You are not authorized to access this website.',
redirect_field_name=REDIRECT_FIELD_NAME):
redirect_to = request.REQUEST.get(redirect_field_name, '/')
if request.user.is_authenticated():
return HttpResponseRedirect(redirect_to)
else:
return HttpResponseNotAuthorized(content)
|
More like this
- Django Settings Assignment Expressions aka Walrus Operator example by webology 2 weeks, 5 days ago
- codigo alto nivel by MrRocklion 2 months, 2 weeks ago
- Load template from specific app by Krzysiek555 3 months, 1 week ago
- PostgreSQL JSON subqueries by dolamroth 3 months, 1 week ago
- "Magic Link" Management Command by webology 8 months, 1 week ago
Comments
Please login first before commenting.