Merge pull request #45 from mypetyak/master

Handle unauthenticated users trying to access in-beta views
joshuakarjala · Apr 9, 2014 · f5cd038 · f5cd038
2 parents 6a1c1bb + 19a2258
commit f5cd038
Show file tree

Hide file tree

Showing 4 changed files with 5 additions and 2 deletions.
diff --git a/hunger/middleware.py b/hunger/middleware.py
@@ -83,7 +83,8 @@ def process_view(self, request, view_func, view_args, view_kwargs):
             return
 
         if not request.user.is_authenticated():
-            return redirect(self.redirect)
+            # Ask anonymous user to log in if trying to access in-beta view
+            return redirect(setting('LOGIN_URL'))
 
         if request.user.is_staff:
             return

diff --git a/tests/templates/registration/login.html b/tests/templates/registration/login.html
diff --git a/tests/tests.py b/tests/tests.py
@@ -54,8 +54,9 @@ def test_always_allow_module(self):
         self.assertEqual(response.status_code, 200)
 
     def test_garden_when_not_invited(self):
+        """Confirm that an unauthenticated user is redirected to login"""
         response = self.client.get(reverse('invited_only'))
-        self.assertRedirects(response, reverse(self.redirect))
+        self.assertRedirects(response, setting('LOGIN_URL'))
 
     def test_using_invite(self):
         cary = User.objects.create_user('cary', '[email protected]', 'secret')

diff --git a/tests/urls.py b/tests/urls.py
@@ -8,4 +8,5 @@
         name='always_allow_module'),
     url(r'^not-allowed/$', 'tests.views.rejection', name='rejection'),
     url(r'^hunger/', include('hunger.urls')),
+    url(r'^accounts/', include('django.contrib.auth.urls'))
 )