Restrict the access of anonymous users
This plugins restricts the access of anonymous users to your GNU MediaGoblin instance. You can choose between denying the access - and allowing as needed some route paths - or allowing it by default - and denying some route paths.
Install this Python package from PyPi.
$ pip install mediagoblin-private
Or if you’ve checked out this plugin, you should be able to build and install it in the same virtual environment than MediaGoblin. Let’s say it’s in the same parent directory, you can execute:
$ ../mediagoblin/bin/python setup.py build $ ../mediagoblin/bin/python setup.py install
Enable the mediagoblin-private plugin by adding the following line to the [plugins] section of your MediaGoblin configuration file.
Restart the MediaGoblin instance for the configuration file changes to be effective.
You should first set deny_access value to define if the access must be denied - e.g. true, the default - or allowed - e.g. false - to anonymous users.
You can also define some route paths exceptions to reverse the restriction behaviour. It could be useful if you want to deny the access of your instance but keep some public pages, for example. You would also want to keep an open MediaGoblin instance but deny the access of anonymous users to some pages or media. Anyway, you can set the following to define your exceptions:
Note that route path which starts with /auth/ will always be allowed.
As an example, the following deny the access of anonymous users to your MediaGoblin instance except for the homepage - e.g. /, an about page at /about/ and route paths which starts with /public/:
[[mediagoblin_private]] deny_access = true path_exceptions = '/', '/about/' path_regex_exceptions = '/public/.*',
Do not forget the trailing comma in case of a single item in the path_exceptions or path_regex_exceptions list!