1 from functools
import wraps
3 from django
.http
import Http404
, HttpResponseRedirect
4 from django
.conf
import settings
7 def require_staff(protected_view
):
9 def wrapper(request
, *args
, **kwargs
):
11 staff_token
= settings
.STAFF_TOKEN
12 token_auth
= staff_token
is not None and staff_token
== request
.GET
.get(
16 return protected_view(request
, *args
, **kwargs
)
18 if not request
.user
.is_authenticated
:
19 return HttpResponseRedirect("/login/")
21 if request
.user
.is_staff
:
22 return protected_view(request
, *args
, **kwargs
)