Replace login_required decorator with a validating one

This one will validate that the url is under /accounts/, which is
the only part we are going to be excluding from caching once we
move the website to https-only.

pgweb/account/views.py

@@ -2,7 +2,7 @@ from django.contrib.auth.models import User
 import django.contrib.auth.views as authviews
 from django.http import HttpResponseRedirect, Http404, HttpResponse
 from django.shortcuts import render_to_response, get_object_or_404
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 from django.utils.encoding import force_bytes
 from django.utils.http import urlsafe_base64_encode
 from django.contrib.auth.tokens import default_token_generator

pgweb/core/views.py

@@ -2,7 +2,8 @@ from django.shortcuts import render_to_response
 from django.http import HttpResponse, Http404, HttpResponseRedirect
 from django.http import HttpResponseNotModified
 from django.template import TemplateDoesNotExist, loader
-from django.contrib.auth.decorators import login_required, user_passes_test
+from django.contrib.auth.decorators import user_passes_test
+from pgweb.util.decorators import login_required
 from django.contrib import messages
 from django.views.decorators.csrf import csrf_exempt
 from django.db.models import Count

pgweb/docs/views.py

@@ -2,7 +2,7 @@ from django.shortcuts import render_to_response, get_object_or_404
 from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect
 from django.http import Http404
 from django.template.context import RequestContext
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 from django.db.models import Q
 from django.conf import settings
 

pgweb/downloads/views.py

@@ -1,6 +1,6 @@
 from django.shortcuts import render_to_response, get_object_or_404
 from django.http import HttpResponse, Http404, HttpResponseRedirect
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 from django.views.decorators.csrf import csrf_exempt
 from django.db import transaction
 from django.conf import settings

pgweb/events/views.py

@@ -1,6 +1,6 @@
 from django.shortcuts import render_to_response, get_object_or_404
 from django.http import Http404
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 
 from datetime import date
 

pgweb/misc/views.py

@@ -1,5 +1,5 @@
 from django.shortcuts import render_to_response
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 from django.http import HttpResponse
 from django.db import connection
 from django.conf import settings

pgweb/news/views.py

@@ -1,6 +1,6 @@
 from django.shortcuts import render_to_response, get_object_or_404
 from django.http import Http404
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 
 from pgweb.util.contexts import NavContext
 from pgweb.util.helpers import simple_form

pgweb/profserv/views.py

@@ -1,6 +1,6 @@
 from django.shortcuts import render_to_response
 from django.http import Http404
-from django.contrib.auth.decorators import login_required
+from pgweb.util.decorators import login_required
 
 from pgweb.util.contexts import NavContext
 from pgweb.util.helpers import simple_form

pgweb/util/decorators.py

@@ -1,5 +1,6 @@
 import datetime
 from functools import wraps
+from django.contrib.auth.decorators import login_required as django_login_required
 
 def nocache(fn):
 	def _nocache(request, *_args, **_kwargs):
@@ -18,3 +19,16 @@ def cache(days=0, hours=0, minutes=0, seconds=0):
 			return resp
 		return __cache
 	return _cache
+
+from django.utils.decorators import available_attrs
+
+# A wrapped version of login_required that throws an exception if it's
+# used on a path that's not under /account/.
+def login_required(f):
+	@wraps(f)
+	def wrapper(*args, **kwargs):
+		request = args[0]
+		if not request.path.startswith('/account/'):
+			raise Exception("Login required in bad path, aborting with exception.")
+		return django_login_required(f)(*args, **kwargs)
+	return wrapper