Run tests behind logged in pages (#162)

* Redirect admin login to Login.gov

* Add logged in scanning to CI

* Fix bug in LOGIN_URL

* Fix linter and tests

* Address PR feedback

* Try quotes

.github/workflows/security-check.yaml

@@ -35,6 +35,17 @@ jobs:
           name: security-check-output
           path: ./src/output.txt
 
+  backdoor-check:
+    name: Ensure custom mods are contained
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out
+        uses: actions/checkout@v3
+      - name: MockUserLogin should not be in settings.MIDDLEWARE
+        run: "! grep -rwn * --exclude-dir=node_modules -e registrar.tests.common.MockUserLogin"
+        working-directory: ./src
+
   owasp-scan:
     name: OWASP security scan
     runs-on: ubuntu-latest
@@ -42,6 +53,15 @@ jobs:
     steps:
       - name: Check out
         uses: actions/checkout@v3
+
+      - name: Disable Login
+        # by adding MockUserLogin to settings.MIDDLEWARE
+        run: |
+          perl -pi \
+          -e 's/"csp.middleware.CSPMiddleware",/$&"registrar.tests.common.MockUserLogin",/' \
+          src/registrar/config/settings.py
+        working-directory: ./src
+
       - name: OWASP scan
         run: docker compose run owasp
         working-directory: ./src

.github/workflows/test.yaml

@@ -35,6 +35,14 @@ jobs:
     steps:
       - uses: actions/checkout@v3
 
+      - name: Disable Login
+        working-directory: ./src
+        # by adding MockUserLogin to settings.MIDDLEWARE
+        run: |
+          perl -pi \
+          -e 's/"csp.middleware.CSPMiddleware",/$&"registrar.tests.common.MockUserLogin",/' \
+          src/registrar/config/settings.py
+
       - name: Accessibility Scan
         working-directory: ./src
         # leverage the docker compose setup that we already have for local development