diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2017-11-15 21:55:10 +0300 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2017-11-15 21:55:10 +0300 |
commit | 75ff057d44defd9725df3e175b303b878eb57a4d (patch) | |
tree | 4d3dcece18a8425c3c1401b686df62d244ca750e | |
parent | 5dba0b6610864e3262a4d9b0058914627f3f5ca8 (diff) |
use normal login form for admin3.0.1
-rw-r--r-- | CHANGELOG.md | 6 | ||||
-rw-r--r-- | nextcloudappstore/urls.py | 4 |
2 files changed, 9 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 2218a87870..2e2fdc2c86 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ ## [Unreleased] +## [3.0.1] - 2017-11-15 + +### Security + +- Require admin users to log in over the rate limited default login form + ## [3.0.0] - 2017-11-15 ### Security diff --git a/nextcloudappstore/urls.py b/nextcloudappstore/urls.py index 857ef751fb..878f05e2a5 100644 --- a/nextcloudappstore/urls.py +++ b/nextcloudappstore/urls.py @@ -5,8 +5,8 @@ from django.conf import settings from django.conf.urls import url, include from django.conf.urls.i18n import i18n_patterns from django.contrib import admin +from django.contrib.auth.decorators import login_required from django.views.decorators.http import etag -from django.views.generic import RedirectView from nextcloudappstore.core.caching import app_rating_etag from nextcloudappstore.core.feeds import AppReleaseAtomFeed, AppReleaseRssFeed @@ -15,6 +15,8 @@ from nextcloudappstore.core.views import CategoryAppListView, AppDetailView, \ AppRegisterView from nextcloudappstore.scaffolding.views import AppScaffoldingView +admin.site.login = login_required(admin.site.login) + urlpatterns = [ url(r'^$', CategoryAppListView.as_view(), {'id': None}, name='home'), url(r"^signup/$", csp_update(**settings.CSP_SIGNUP)(signup), |