I’m about to put a beta version of the site I’m working on up on the web. It needs to have a beta code to restrict access. The site is written in django.
I don’t want to change the fundamental Auth system to accommodate a beta code, and I don’t care particularly that the security of the beta code is iron-clad, just that it’s a significant stumbling block.
How should I do this? It’s a fairly large project, so adding code to every view is far from ideal.
That solution works well. The Middleware Class I ended up with this this:
from django.http import HttpResponseRedirect class BetaMiddleware(object): ''' Require beta code session key in order to view any page. ''' def process_request(self, request): if request.path != '/beta/' and not request.session.get('in_beta'): return HttpResponseRedirect('%s?next=%s' % ('/beta/', request.path))
Start with this Django snippet, but modify it to check
request.session['has_beta_access']. If they don’t have it, then have it return a redirect to a ‘enter beta code’ page that, when posted to with the right code, sets that session variable toTrue.Making it a public beta then just consists of removing that middleware from your
MIDDLEWARE_CLASSESsetting.