From 80da7be559dd4fe15a982111e8eb0d9b23626092 Mon Sep 17 00:00:00 2001
From: badbl0cks <4161747+badbl0cks@users.noreply.github.com>
Date: Wed, 26 Feb 2025 17:05:36 -0800
Subject: [PATCH] fix auto-login debugging middleware to only apply to
 localhost or 127.0.0.1

---
 django_project/middleware.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/django_project/middleware.py b/django_project/middleware.py
index ac60a3c..ac93aa2 100644
--- a/django_project/middleware.py
+++ b/django_project/middleware.py
@@ -11,7 +11,7 @@ class AutoLoginMiddleware:
 
     def __call__(self, request):
         # Only perform auto-login if in DEBUG mode and user is not authenticated.
-        if settings.DEBUG and not request.user.is_authenticated:
+        if settings.DEBUG and not request.user.is_authenticated and request.host in ['pocket-trade.fly.dev', 'localhost', '127.0.0.1']:
             user = CustomUser.objects.get(email='rob@badblocks.email')
             login(request, user, backend='django.contrib.auth.backends.ModelBackend')