This is one of those many times where I think I have a solution but I don't know if I'm doing something problematic
I have a Wagtail site where I'm using 2FA sent by email and I have private articles that people have to log in to see
Before the fix, when people logged in to the admin panel, everything worked as expected - they were required to enter a code that was emailed to them. But when people logged in to view a private article, they were able to log in without 2FA and once logged in, they could then browse to the admin panel without further challenges
I think I fixed this by adding the following line to my url patterns:
path("_util/login/", RedirectView.as_view(url="/accounts/login/?next=/accounts")),
This works because when someone clicked on an article, they were redirected to _util/login, so the fix was re-redirecting that URL to allauth accounts just like admin/login is redirected
This line follows the similar redirect for admin/login so my urls look like:
urlpatterns = [
path("django-admin/", admin.site.urls),
path("admin/login/", RedirectView.as_view(url="/accounts/login/?next=admin")),
path("_util/login/", RedirectView.as_view(url="/accounts/login/?next=/accounts")),
path("admin/", include(wagtailadmin_urls)),
path("accounts/", include("allauth.urls")),
path("documents/", include(wagtaildocs_urls)),
path("search/", search_views.search, name="search"),
]
But there are two things I'm asking about. First, I don't know how to redirect the visitor back to the article they were trying to view
Second, I don't know if there is anything wrong with this that should be pointed out.
Thanks to anyone willing to provide a helpful comment
Instead of adding a redirect at _util/login/, you can set the WAGTAIL_FRONTEND_LOGIN_URL setting to a URL of your choosing - in this case this would be
WAGTAIL_FRONTEND_LOGIN_URL = "/accounts/login/"
This will take care of passing the URL they came from via the URL parameter next, giving you the ability to redirect back to that URL after logging in.