Skip to content

Add auth#16

Open
Bouteillebleu wants to merge 6 commits intomainfrom
add-auth
Open

Add auth#16
Bouteillebleu wants to merge 6 commits intomainfrom
add-auth

Conversation

@Bouteillebleu
Copy link
Copy Markdown
Owner

@Bouteillebleu Bouteillebleu commented Jun 20, 2022

Changes in this PR:

  • Include django-allauth
  • Add custom templates (based on the allauth ones) for the account/socialaccount pages we're using
  • Add username and logout link to the nav bar when logged in
  • Make most pages require login (apart from index, about page, and login pages)
  • Configure whether signup is enabled based on an environment variable

The last one I'm very unsure of (as in, whether it does what I hope). This might be a good point to add some tests.

@Bouteillebleu
Initial testing of django-allauth
f94bc79 
Changes are based on https://wsvincent.com/django-allauth-tutorial/.

The /example page loads with the correct CSS, but /accounts/logout
and /accounts/login don't, which isn't surprising as they are using
their default templates.

Next tasks to do:
* Plan what to do with django-invitations next.

There's also some site design I want to do - what are the pages / views
that we're serving? Can we at least have a decent index page after login
for "here are things you might want to do, go and do them"?
I'm going to take inspiration from Aquarion's design for
https://dagon.church/ in that regard.
@Bouteillebleu
Update navbar and index page for login
bb252b8 
Navbar now includes username and logout link when a user is logged in.

Index page now has a Github login link if the user is logged out,
and only displays the links to visions if the user is logged in.

example.html has been deleted because it was just used as part of the
initial auth demo.
@Bouteillebleu
Add custom templates for login and logout pages
fc6299f 
Login is only available via Github at the moment, so the template
that needs copying is socialaccount/login.html.

The logout template that needs copying is account/logout.html.
@Bouteillebleu
Add login_required decorator to plain text endpoints
1a7df16 
In order to make this work we also need to add a custom
template for account/login.html.

This is a good temporary fix, I think, but it would make more sense
to default most of the website to requiring login and only make
a few pages available if you're logged out.
@Bouteillebleu
Use django-login-required-middleware for most endpoints
5f2fd53 
This means that when we add more endpoints we won't accidentally
forget to put them behind a login.

LOGIN_REQUIRED_IGNORE_PATHS in settings.py needed some additions to
make our login flow with Github OAuth work, but it seems to be okay
now.
@Bouteillebleu
Allow us to turn off signups with an environment variable
cd4b7b8
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Bouteillebleu