Django-Doorkeeper is a pluggable Django middleware that forces every visitor to a site to enter a password before viewing any pages. The password is the same for every user. Doorkeeper status is stored in a cookie and does not need to be re-entered on subsequent pageviews.
Doorkeeper IS NOT SECURE and should not be used for security purposes. Its intent is to protect a site from casual lookie-loos and stray bots. Under some circumstances you might do this with .htaccess and HTTP Basic Auth if your site is fronted with Nginx / Apache / etc. When it's not, this is a simple substitute.
Individual views can be exempted from the password prompt. See configuration documentation for more information.
pip install django-doorkeeperThen configure as documented.
See configuration documentation.
This repository includes a demo application to showcase Doorkeeper's functionality. To run the demo:
-
Navigate to the example directory:
cd example -
Install Django and doorkeeper:
pip install django pip install django-doorkeeper
-
Run migrations and start the demo server:
python manage.py migrate python manage.py runserver
-
Visit http://127.0.0.1:8000/ in your browser. You'll be prompted for the password (default: "demo_password").
-
To see a page that bypasses Doorkeeper, visit http://127.0.0.1:8000/public/
python runtests.pyDoorkeeper has been tested with Python 3.13 and Django 5.1 but will almost certainly work on many earlier and later versions. Maybe if anyone ever uses this, someday I'll get around to adding Tox and a test matrix.