Point '^accounts/login/$' or whatever your custom login path is to the 'negotiate_ntlm' view.
This allows you to keep anonymous authentication enabled on IIS and easily lock down just the parts of the site you need to (e.g. admin).
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | """auth.py"""
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.http import HttpResponse, HttpResponseRedirect
class HttpResponseNotAuthorized(HttpResponse):
status_code = 401
def __init__(self, *args, **kwargs):
HttpResponse.__init__(self, *args, **kwargs)
self['WWW-Authenticate'] = 'NegotiateNTLM'
def negotiate_ntlm(request,
content='You are not authorized to access this website.',
redirect_field_name=REDIRECT_FIELD_NAME):
redirect_to = request.REQUEST.get(redirect_field_name, '/')
if request.user.is_authenticated():
return HttpResponseRedirect(redirect_to)
else:
return HttpResponseNotAuthorized(content)
|
More like this
- Template tag - list punctuation for a list of items by shapiromatron 3 months ago
- JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 3 months, 1 week ago
- Serializer factory with Django Rest Framework by julio 10 months, 1 week ago
- Image compression before saving the new model / work with JPG, PNG by Schleidens 10 months, 3 weeks ago
- Help text hyperlinks by sa2812 11 months, 3 weeks ago
Comments
Please login first before commenting.