The meat of django-sudo comes from decorating your views with @sudo_required much in the same way that @login_required works.
Let’s pretend that we have a page on our site that has sensitive information that we want to make extra sure that a user is allowed to see it:
from sudo.decorators import sudo_required @login_required # Make sure they're at least logged in @sudo_required # On top of being logged in, are you in sudo mode? def super_secret_stuff(request): return HttpResponse('your social security number')
That’s it! When a user visits this page and they don’t have the correct permission, they’ll be redirected to a page and prompted for their password. After entering their password, they’ll be redirected back to this page to continue on what they were trying to do.
- class sudo.middleware.SudoMiddleware¶
By default, you just need to add this into your MIDDLEWARE_CLASSES list.
- has_sudo_privileges(self, request)¶
- process_request(self, request)¶
Adds is_sudo() to the request.
- process_response(self, request, response)¶
Controls the behavior of setting and deleting the sudo cookie for the browser.
- sudo.utils.grant_sudo_privileges(request, max_age=SUDO_COOKIE_AGE)¶
Assigns a random token to the user’s session that allows them to have elevated permissions.
from sudo.utils import grant_sudo_privileges token = grant_sudo_privileges(request)
Revoke sudo privileges from a request explicitly
from sudo.utils import revoke_sudo_privileges revoke_sudo_privileges(request)
Check if a request is allowed to perform sudo actions.
from sudo.utils import has_sudo_privileges has_sudo = has_sudo_privileges(request)