From de0a1fa74b353a9870cf7fbd651e03f881414066 Mon Sep 17 00:00:00 2001
From: winkidney <winkidney@gmail.com>
Date: Sun, 31 May 2020 13:38:27 +0800
Subject: [PATCH] close #203 : Add workaround for private settings and fix 500
 error

---
 users/middleware.py | 17 ++++++++---------
 1 file changed, 8 insertions(+), 9 deletions(-)

diff --git a/users/middleware.py b/users/middleware.py
index e2dbdcf..93f5daa 100644
--- a/users/middleware.py
+++ b/users/middleware.py
@@ -1,16 +1,15 @@
 from django.conf import settings
-from django.http import HttpResponseRedirect
-from django.core.urlresolvers import reverse
+from django.http import HttpResponseForbidden
 
 
 class Public(object):
 
+    acceptable_paths = (
+        "/api/v2/profile/",
+    )
+
     def process_request(self, request):
         if settings.PUBLIC is False and not request.user.is_authenticated():
-            acceptable_paths = [
-                '/login/',
-                '/private/',
-                '/register/',
-            ]
-            if request.path not in acceptable_paths:
-                return HttpResponseRedirect(reverse('users:private'))
+            for path in self.acceptable_paths:
+                if not request.path.startswith(path):
+                    return HttpResponseForbidden()