Consider adding django-stronghold #124
Labels
Done pending update
Fixed in the book, will close this when we send an update to readers
Comments
pydanny
added
the
Done pending update
|
🚢 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When we develop systems and not public websites, we always want that almost every page needs authentication to be accessed, but the fact that developers can make mistakes and forget to include
login_requiredorLoginRequiredMixinon some views can often be dangerous in terms of security.The
django-strongholdtries to solve this problem by following the same logic used in many firewalls: Everything is blocked by default (that is, required authentication) and the things that must be accessible and public must be explicitly defined.https://github.com/mgrouchy/django-stronghold
For the project that uses django-allauth:
mgrouchy/django-stronghold#71 (comment)
Note: I don't know what level of compatibility with Django> = 3.0
The text was updated successfully, but these errors were encountered: