Bug#778602: ITP: django-stronghold -- Django app to make all views default login_required
Package: wnpp
Severity: wishlist
Owner: Sunil Mohan Adapa <sunil@medhas.org>
* Package name : django-stronghold
Version : 0.2.7
Upstream Author : Mike Grouchy <mgrouchy@gmail.com>
* URL : https://github.com/mgrouchy/django-stronghold
* License : Expat
Programming Lang: Python
Description : Django app to make all views default login_required
Stronghold is a very small and easy to use Django app that makes all
your Django project default to require login for all of your views.
Motivation:
FreedomBox's administration web interface uses Django. A couple of time
we found ourselves with code missing the @login_required decorator. If
such mistake ever goes public it is a serious security error allow people
to modify their system without login. We decided make login_required the
default rather the opposite. At first we wrote a small custom solution
but after seeing a need to improve it and find this Django app we decided
to use it. There is currently a merge request pending needs this package.
Similar packages:
As far as I have looked, there is no upstream or Debian package providing
similar functionality.
Maintenance plan:
I plan to maintain it as part of the collab-maint team. This package will
also be cared for as part of the FreedomBox effort as it will be used
there. I contacted the upstream author with a patch to provide Python 3
and Django 1.7 support. I got an immediate merge of patch, new release
and an offer to help in case the Debian packaging effort requires any.
There is small (expected for a small project like this) but recent
activity on the upstream project indicating its good health.
Reply to: