mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-05 02:42:26 -05:00
Merge pull request #63 from alphagov/require_login
Add login_required for all endpoints where it makes sense.
This commit is contained in:
Adam Shimali
@@ -1,5 +1,6 @@
|
||||
from flask import render_template
|
||||
from app.main import main
|
||||
from flask_login import login_required
|
||||
|
||||
|
||||
@main.route('/')
|
||||
@@ -7,51 +8,43 @@ def index():
|
||||
return render_template('views/signedout.html')
|
||||
|
||||
|
||||
@main.route("/govuk")
|
||||
def govuk():
|
||||
return render_template('views/govuk_template.html')
|
||||
|
||||
|
||||
@main.route("/register-from-invite")
|
||||
@login_required
|
||||
def registerfrominvite():
|
||||
return render_template('views/register-from-invite.html')
|
||||
|
||||
|
||||
@main.route("/verify-mobile")
|
||||
@login_required
|
||||
def verifymobile():
|
||||
return render_template('views/verify-mobile.html')
|
||||
|
||||
|
||||
@main.route("/send-email")
|
||||
@login_required
|
||||
def sendemail():
|
||||
return render_template('views/send-email.html')
|
||||
|
||||
|
||||
@main.route("/check-email")
|
||||
@login_required
|
||||
def checkemail():
|
||||
return render_template('views/check-email.html')
|
||||
|
||||
|
||||
@main.route("/user-profile")
|
||||
@login_required
|
||||
def userprofile():
|
||||
return render_template('views/user-profile.html')
|
||||
|
||||
|
||||
@main.route("/manage-users")
|
||||
@login_required
|
||||
def manageusers():
|
||||
return render_template('views/manage-users.html')
|
||||
|
||||
|
||||
@main.route("/api-keys")
|
||||
@login_required
|
||||
def apikeys():
|
||||
return render_template('views/api-keys.html')
|
||||
|
||||
|
||||
@main.route("/manage-templates")
|
||||
def managetemplates():
|
||||
return render_template('views/manage-templates.html')
|
||||
|
||||
|
||||
@main.route("/edit-template")
|
||||
def edittemplate():
|
||||
return render_template('views/edit-template.html')
|
||||
|
||||
@@ -2,6 +2,8 @@
|
||||
|
||||
import time
|
||||
from flask import render_template
|
||||
from flask_login import login_required
|
||||
|
||||
from app.main import main
|
||||
|
||||
from ._jobs import jobs
|
||||
@@ -41,6 +43,7 @@ messages = [
|
||||
|
||||
|
||||
@main.route("/jobs")
|
||||
@login_required
|
||||
def showjobs():
|
||||
return render_template(
|
||||
'views/jobs.html',
|
||||
@@ -49,6 +52,7 @@ def showjobs():
|
||||
|
||||
|
||||
@main.route("/jobs/job")
|
||||
@login_required
|
||||
def showjob():
|
||||
return render_template(
|
||||
'views/job.html',
|
||||
@@ -71,6 +75,7 @@ def showjob():
|
||||
|
||||
|
||||
@main.route("/jobs/job/notification/<string:notification_id>")
|
||||
@login_required
|
||||
def shownotification(notification_id):
|
||||
return render_template(
|
||||
'views/notification.html',
|
||||
|
||||
@@ -12,6 +12,7 @@ service = {
|
||||
|
||||
|
||||
@main.route("/service-settings")
|
||||
@login_required
|
||||
def service_settings():
|
||||
return render_template(
|
||||
'views/service-settings.html',
|
||||
@@ -20,6 +21,7 @@ def service_settings():
|
||||
|
||||
|
||||
@main.route("/service-settings/name", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def name():
|
||||
|
||||
form = ServiceNameForm()
|
||||
@@ -36,6 +38,7 @@ def name():
|
||||
|
||||
|
||||
@main.route("/service-settings/name/confirm", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def confirm_name_change():
|
||||
|
||||
form = ConfirmPasswordForm()
|
||||
@@ -51,6 +54,7 @@ def confirm_name_change():
|
||||
|
||||
|
||||
@main.route("/service-settings/request-to-go-live", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def request_to_go_live():
|
||||
if request.method == 'GET':
|
||||
return render_template(
|
||||
@@ -62,6 +66,7 @@ def request_to_go_live():
|
||||
|
||||
|
||||
@main.route("/service-settings/status", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def status():
|
||||
if request.method == 'GET':
|
||||
return render_template(
|
||||
@@ -73,6 +78,7 @@ def status():
|
||||
|
||||
|
||||
@main.route("/service-settings/status/confirm", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def confirm_status_change():
|
||||
|
||||
form = ConfirmPasswordForm()
|
||||
@@ -89,6 +95,7 @@ def confirm_status_change():
|
||||
|
||||
|
||||
@main.route("/service-settings/delete", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def delete():
|
||||
if request.method == 'GET':
|
||||
return render_template(
|
||||
@@ -100,6 +107,7 @@ def delete():
|
||||
|
||||
|
||||
@main.route("/service-settings/delete/confirm", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def confirm_delete():
|
||||
|
||||
form = ConfirmPasswordForm()
|
||||
|
||||
@@ -1,15 +1,18 @@
|
||||
from flask import request, render_template, redirect, url_for
|
||||
from flask_login import login_required
|
||||
|
||||
from app.main import main
|
||||
from app.main.forms import TemplateForm
|
||||
|
||||
|
||||
@main.route("/templates")
|
||||
@login_required
|
||||
def manage_templates():
|
||||
return render_template('views/manage-templates.html')
|
||||
|
||||
|
||||
@main.route("/templates/template", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def add_template():
|
||||
|
||||
form = TemplateForm()
|
||||
@@ -28,6 +31,7 @@ def add_template():
|
||||
|
||||
|
||||
@main.route("/templates/template/add", methods=['GET', 'POST'])
|
||||
@login_required
|
||||
def edit_template():
|
||||
|
||||
form = TemplateForm()
|
||||
|
||||
Reference in New Issue
Block a user