Comment out django-basic-auth-ip-whitelist

wagtail · Jan 5, 2024 · 1aa968c · 1aa968c
1 parent 4049ec2
commit 1aa968c
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 21 deletions.
diff --git a/bakerydemo/settings/production.py b/bakerydemo/settings/production.py
@@ -225,26 +225,28 @@
 # Basic authentication settings
 # These are settings to configure the third-party library:
 # https://gitlab.com/tmkn/django-basic-auth-ip-whitelist
-if os.environ.get("BASIC_AUTH_ENABLED", "false").lower().strip() == "true":
- # Insert basic auth as a first middleware to be checked first, before
- # anything else.
- MIDDLEWARE.insert(0, "baipw.middleware.BasicAuthIPWhitelistMiddleware")
-
- # This is the credentials users will have to use to access the site.
- BASIC_AUTH_LOGIN = os.environ.get("BASIC_AUTH_LOGIN", "wagtail")
- BASIC_AUTH_PASSWORD = os.environ.get("BASIC_AUTH_PASSWORD", "wagtail")
-
- # Wagtail requires Authorization header to be present for the previews
- BASIC_AUTH_DISABLE_CONSUMING_AUTHORIZATION_HEADER = True
-
- # This is the list of hosts that website can be accessed without basic auth
- # check.
- if "BASIC_AUTH_WHITELISTED_HTTP_HOSTS" in os.environ:
- BASIC_AUTH_WHITELISTED_HTTP_HOSTS = os.environ[
- "BASIC_AUTH_WHITELISTED_HTTP_HOSTS"
- ].split(",")
-
- BASIC_AUTH_RESPONSE_TEMPLATE = "base/basic_auth.html"
+# Commented out until django-basic-auth-ip-whitelist supports Django 5.0.
+# See https://github.com/tm-kn/django-basic-auth-ip-whitelist/pull/15.
+# if os.environ.get("BASIC_AUTH_ENABLED", "false").lower().strip() == "true":
+# # Insert basic auth as a first middleware to be checked first, before
+# # anything else.
+# MIDDLEWARE.insert(0, "baipw.middleware.BasicAuthIPWhitelistMiddleware")
+
+# # This is the credentials users will have to use to access the site.
+# BASIC_AUTH_LOGIN = os.environ.get("BASIC_AUTH_LOGIN", "wagtail")
+# BASIC_AUTH_PASSWORD = os.environ.get("BASIC_AUTH_PASSWORD", "wagtail")
+
+# # Wagtail requires Authorization header to be present for the previews
+# BASIC_AUTH_DISABLE_CONSUMING_AUTHORIZATION_HEADER = True
+
+# # This is the list of hosts that website can be accessed without basic auth
+# # check.
+# if "BASIC_AUTH_WHITELISTED_HTTP_HOSTS" in os.environ:
+# BASIC_AUTH_WHITELISTED_HTTP_HOSTS = os.environ[
+# "BASIC_AUTH_WHITELISTED_HTTP_HOSTS"
+# ].split(",")
+
+# BASIC_AUTH_RESPONSE_TEMPLATE = "base/basic_auth.html"
 
 
 # Force HTTPS redirect (enabled by default!)

diff --git a/requirements/production.txt b/requirements/production.txt
@@ -11,4 +11,6 @@ django-storages==1.14.2
 botocore>=1.12.33,<1.13
 aws-requests-auth==0.4.3
 django-redis==5.4.0
-django-basic-auth-ip-whitelist==0.5
+# Commented out until django-basic-auth-ip-whitelist supports Django 5.0.
+# See https://github.com/tm-kn/django-basic-auth-ip-whitelist/pull/15.
+# django-basic-auth-ip-whitelist==0.5