Conversation
There was a problem hiding this comment.
Pull request overview
This pull request implements authentication requirements across the application by adding login protection to views, creating a standalone login page, and simplifying the logout process. The changes support the goal of moving the main site content behind authentication while maintaining a clean user experience.
Changes:
- Added
@login_requireddecorators to 16 function-based views andLoginRequiredMixinto theeditProfileclass-based view - Created a new standalone login page using Bootstrap styling to replace the previous modal-based login
- Removed the "Are you sure?" logout confirmation dialog and implemented direct one-click logout via POST form
- Removed the home_toast.html template that was used to prompt unauthenticated users to login
- Updated header to hide Entities button from unauthenticated users and changed logout to use a POST form
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
| bluepages/app/views.py | Added authentication decorators to protect 16 function-based views and 1 class-based view from unauthenticated access |
| bluepages/app/templates/registration/login.html | Replaced modal-based login with a standalone Bootstrap-styled login page |
| bluepages/app/templates/home_toast.html | Removed toast notification that prompted unauthenticated users to login |
| bluepages/app/templates/header.html | Updated to hide Entities button from unauthenticated users and replaced logout link with POST form |
| bluepages/app/static/app/js/app/src/app.js | Removed the logout confirmation dialog function |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| <p>Don't have an account? <a href="#" onclick="app.loadRegistrationForm()">Register for a free account</a></p> | ||
| <p>Forgot your username or password? <a href="#" onclick="app.loadForgotCredentials()">Reclaim your account</a></p> |
There was a problem hiding this comment.
The login page uses JavaScript functions app.loadRegistrationForm() and app.loadForgotCredentials() which are designed to load content into a modal dialog. However, this is now a standalone login page, not a modal. These links will open modal dialogs on top of the login page, which may not provide the desired user experience. Consider either: 1) Creating standalone registration and password reset pages, or 2) Ensuring these modal functions work correctly when called from a standalone page context.
| <p>Don't have an account? <a href="#" onclick="app.loadRegistrationForm()">Register for a free account</a></p> | |
| <p>Forgot your username or password? <a href="#" onclick="app.loadForgotCredentials()">Reclaim your account</a></p> | |
| <p>Don't have an account? <a href="{% url 'registration_register' %}">Register for a free account</a></p> | |
| <p>Forgot your username or password? <a href="{% url 'password_reset' %}">Reclaim your account</a></p> |
There was a problem hiding this comment.
I think modals are still fine here.
| </form> | ||
|
|
||
| <div class="mt-3 text-center"> | ||
| <p>Don't have an account? <a href="#" onclick="app.loadRegistrationForm()">Register for a free account</a></p> |
There was a problem hiding this comment.
The login page includes a link to register for a free account, but REGISTRATION_OPEN is set to False in settings.py. Users who click this link will not be able to complete registration. Consider either removing this link from the login page or updating the link text to indicate that registration is currently closed and provide instructions for requesting access.
| <p>Don't have an account? <a href="#" onclick="app.loadRegistrationForm()">Register for a free account</a></p> | |
| <p>Registration for new accounts is currently closed. If you need access, please contact your system administrator.</p> |
There was a problem hiding this comment.
I think this should come in a follow up PR!
asana task
Description