Wouldn't it make sense to add in SETTINGS.py AUTH_REQUIRED = True/False # default False for backward compatibility
Then use an @auth_not_required decorator on the few pages it isn't? Does DJANGO SECURE have such a setting? On Saturday, July 13, 2013 6:56:24 AM UTC-4, Some Developer wrote: > > I make heavy use the login_required decorator and for the most part it > is extremely easy to use when using FBVs but when using CBVs one either > has to add a dispatch method to the class calling the super classes > dispatch method or you need to put the login_required in the url > configuration which feels rather nasty. > > Is there a better way to handle the login_required decorator when using > CBVs at all? > > Forgetting to add the login_required decorator to an important view > could result in a large security hole as well. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. For more options, visit https://groups.google.com/groups/opt_out.
