Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent unauthenticated access by using middleware #543

Closed
Tracked by #528
SSPJ opened this issue Apr 26, 2023 · 1 comment · Fixed by #673
Closed
Tracked by #528

Prevent unauthenticated access by using middleware #543

SSPJ opened this issue Apr 26, 2023 · 1 comment · Fixed by #673
Assignees
@neilmb @abroddrick
Labels
dev
Milestone
Sprint 21

Comments

@SSPJ
Copy link
Contributor

SSPJ commented Apr 26, 2023
edited

It is easy to forget @login_required decorators and LoginRequired mixins, so a middlware layer should be installed to ensure only ok-listed routes are accessible when a user is not signed in.

A suitable 3rd party middleware package may not exist, so it may be necessary to write a small middleware. Existing examples in the codebase can be used.

Middleware may also help with bugs like #537 and #405. It could also resolve and close #486.

This work may intersect with #544.
@SSPJ SSPJ mentioned this issue Apr 26, 2023
Closed
@loganmeetsworld loganmeetsworld mentioned this issue Apr 28, 2023
Closed
@loganmeetsworld loganmeetsworld added this to the Sprint 20 milestone Apr 28, 2023
@loganmeetsworld loganmeetsworld mentioned this issue May 1, 2023
Closed
10 tasks
@loganmeetsworld
Copy link
Contributor

As part of this we should also remove the landing page view and only have home be the dashboard (thus requiring authentication for every view in the site)

@loganmeetsworld loganmeetsworld modified the milestones: Sprint 20, Sprint 21 May 11, 2023
@loganmeetsworld loganmeetsworld mentioned this issue May 15, 2023
Closed
8 tasks
@neilmb neilmb self-assigned this Jun 1, 2023
@neilmb neilmb mentioned this issue Jun 1, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@neilmb neilmb

@abroddrick abroddrick

Labels
dev
Projects
.gov Product Board
Archived in project
Milestone
Sprint 21
Development

Successfully merging a pull request may close this issue.

Use login required middleware cisagov/manage.get.gov
4 participants
@neilmb @loganmeetsworld @SSPJ @abroddrick