From 3ab9520db8285828a0a740ca351f60ee291e8b6f Mon Sep 17 00:00:00 2001
From: Sean Kelly <kelly@seankelly.biz>
Date: Thu, 12 Oct 2023 10:06:00 -0500
Subject: [PATCH] Fix #232 by adding basic auth support and redir to /

---
 src/edrnsite.policy/src/edrnsite/policy/views.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/edrnsite.policy/src/edrnsite/policy/views.py b/src/edrnsite.policy/src/edrnsite/policy/views.py
index 5709892e..fd999064 100644
--- a/src/edrnsite.policy/src/edrnsite/policy/views.py
+++ b/src/edrnsite.policy/src/edrnsite/policy/views.py
@@ -4,13 +4,22 @@
 
 from django.core.cache import caches
 from django.http import HttpRequest, HttpResponse, HttpResponseRedirect, HttpResponseForbidden
+from edrn.auth.views import logged_in_or_basicauth
 
 
+def _get_referrer(request: HttpRequest) -> str:
+    try:
+        return request.META['HTTP_REFERER']
+    except KeyError:
+        return '/'
+
+
+@logged_in_or_basicauth('edrn')
 def clear_caches(request: HttpRequest) -> HttpResponse:
     '''Clear all caches.'''
     if request.user.is_staff or request.user.is_superuser:
         for cache in caches:
             caches[cache].clear()
-        return HttpResponseRedirect(request.META['HTTP_REFERER'])
+        return HttpResponseRedirect(_get_referrer(request))
     else:
         return HttpResponseForbidden()