Skip to content

Commit

Permalink
restrict access to all routes (except /_nicegui)
Browse files Browse the repository at this point in the history
  • Loading branch information
rodja committed Jul 31, 2024
1 parent ddb95e1 commit 72f3395
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions examples/authentication/main.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
from fastapi.responses import RedirectResponse
from starlette.middleware.base import BaseHTTPMiddleware

from nicegui import Client, app, ui
from nicegui import app, ui

# in reality users passwords would obviously need to be hashed
passwords = {'user1': 'pass1', 'user2': 'pass2'}
Expand All @@ -27,7 +27,7 @@ class AuthMiddleware(BaseHTTPMiddleware):

async def dispatch(self, request: Request, call_next):
if not app.storage.user.get('authenticated', False):
if request.url.path in Client.page_routes.values() and request.url.path not in unrestricted_page_routes:
if not request.url.path.startswith('/_nicegui') and request.url.path not in unrestricted_page_routes:
app.storage.user['referrer_path'] = request.url.path # remember where the user wanted to go
return RedirectResponse('/login')
return await call_next(request)
Expand Down

0 comments on commit 72f3395

Please sign in to comment.