From cabbfc06ab4ab3be1005e50d9ca2260e6f34c167 Mon Sep 17 00:00:00 2001 From: mortezaei Date: Sun, 8 Feb 2026 13:41:02 +0330 Subject: [PATCH] Refactor admin access redirection logic in middleware - Removed dependency on `get_admin_namespace` and replaced it with direct language-based URL redirection for admin login in both `AdminAccessMiddleware` and `enhanced_auth_middleware`. - Improved code clarity by utilizing Django's `get_language` to dynamically construct the redirect URL based on the user's language preference. - Enhanced user experience by ensuring consistent access to the admin login page across different languages. --- apps/account/middleware/admin_access.py | 14 ++++++++------ config/enhanced_auth_middleware.py | 6 +++--- 2 files changed, 11 insertions(+), 9 deletions(-) diff --git a/apps/account/middleware/admin_access.py b/apps/account/middleware/admin_access.py index 73c2817..6eb8440 100644 --- a/apps/account/middleware/admin_access.py +++ b/apps/account/middleware/admin_access.py @@ -5,7 +5,6 @@ from django.shortcuts import redirect from django.urls import reverse from django.contrib import messages from django.utils.translation import gettext_lazy as _ -from config.middleware import get_admin_namespace class AdminAccessMiddleware: @@ -94,11 +93,11 @@ class AdminAccessMiddleware: def handle_restricted_access(self, request): """مدیریت دسترسی محدود شده""" - # Get the correct admin namespace based on domain - admin_namespace = get_admin_namespace(request) - if not request.user.is_authenticated: - return redirect(f'{admin_namespace}:login') + # Redirect to admin login page using direct URL path + from django.utils.translation import get_language + language = get_language() or 'en' + return redirect(f'/{language}/admin/login/?next={request.path}') # اگر کاربر استاد است، در همان admin panel می‌ماند if request.user.is_authenticated and request.user.has_role('professor'): @@ -115,4 +114,7 @@ class AdminAccessMiddleware: request, _('You do not have permission to access this page.') ) - return redirect(f'{admin_namespace}:login') + # Redirect to admin login page using direct URL path + from django.utils.translation import get_language + language = get_language() or 'en' + return redirect(f'/{language}/admin/login/?next={request.path}') diff --git a/config/enhanced_auth_middleware.py b/config/enhanced_auth_middleware.py index c2da2bc..bd82db4 100644 --- a/config/enhanced_auth_middleware.py +++ b/config/enhanced_auth_middleware.py @@ -3,7 +3,6 @@ from django.contrib.auth import get_user_model from django.shortcuts import redirect from django.urls import reverse from django.contrib import messages -from config.middleware import get_admin_namespace User = get_user_model() @@ -51,9 +50,10 @@ def enhanced_auth_middleware(get_response): # For swagger-auth paths, allow access (they handle their own auth) if '/swagger-auth/' not in request.path: # Redirect to admin login for other protected paths - admin_namespace = get_admin_namespace(request) messages.warning(request, 'You must be logged in as a staff member to access API documentation.') - return redirect(f"{reverse(f'{admin_namespace}:login')}?next={request.path}") + from django.utils.translation import get_language + language = get_language() or 'en' + return redirect(f"/{language}/admin/login/?next={request.path}") # For non-protected API paths, handle normal authentication elif "/admin/" not in request.path and request.META.get('HTTP_AUTHORIZATION') is None: