Mercurial > public > sg101

annotate core/middleware.py @ 661:15dbe0ccda95

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Prevent exceptions when viewing downloads in the admin when the file doesn't exist on the filesystem. This is usually seen in development but can also happen in production if the file is missing.
author Brian Neal <bgneal@gmail.com>
date Tue, 14 May 2013 21:02:47 -0500
parents ee87ea74d46b
children
rev   line source
bgneal@215 1 """Common middleware for the entire project."""
bgneal@227 2 import datetime
bgneal@370 3 import logging
bgneal@227 4
bgneal@370 5 from django.db import IntegrityError
bgneal@215 6 from django.contrib.auth import logout
bgneal@227 7 from django.conf import settings
bgneal@227 8
bgneal@227 9 from core.functions import get_ip
bgneal@423 10 from core.whos_online import report_user, report_visitor
bgneal@227 11
bgneal@215 12
bgneal@215 13 class InactiveUserMiddleware(object):
bgneal@215 14 """
bgneal@215 15 This middleware ensures users with is_active set to False get their
bgneal@215 16 session destroyed and are treated as logged out.
bgneal@215 17 This middleware should come after the 'django.contrib.auth.middleware.
bgneal@215 18 AuthenticationMiddleware' in settings.py.
bgneal@215 19 Idea taken from: http://djangosnippets.org/snippets/1105/
bgneal@215 20 """
bgneal@215 21
bgneal@227 22 def process_view(self, request, view_func, view_args, view_kwargs):
bgneal@215 23 if request.user.is_authenticated() and not request.user.is_active:
bgneal@215 24 logout(request)
bgneal@215 25
bgneal@227 26
bgneal@227 27 ONLINE_COOKIE = 'sg101_online' # online cookie name
bgneal@423 28 ONLINE_TIMEOUT = 5 * 60 # online cookie lifetime in seconds
bgneal@423 29
bgneal@227 30
bgneal@227 31 class WhosOnline(object):
bgneal@227 32 """
bgneal@227 33 This middleware class keeps track of which registered users have
bgneal@227 34 been seen recently, and the number of unique unregistered users.
bgneal@227 35 This middleware should come after the authentication middleware,
bgneal@227 36 as we count on the user attribute being attached to the request.
bgneal@227 37 """
bgneal@227 38
bgneal@227 39 def process_response(self, request, response):
bgneal@227 40 """
bgneal@227 41 Keep track of who is online.
bgneal@227 42 """
bgneal@231 43 # Note that some requests may not have a user attribute
bgneal@231 44 # as these may have been redirected in the middleware chain before
bgneal@231 45 # the auth middleware got a chance to run. If this is the case, just
bgneal@231 46 # bail out. We also ignore AJAX requests.
bgneal@231 47
bgneal@231 48 if not hasattr(request, 'user') or request.is_ajax():
bgneal@229 49 return response
bgneal@227 50
bgneal@227 51 if request.user.is_authenticated():
bgneal@227 52 if request.COOKIES.get(ONLINE_COOKIE) is None:
bgneal@423 53 # report that we've seen the user
bgneal@423 54 report_user(request.user.username)
bgneal@227 55
bgneal@423 56 # set a cookie to expire
bgneal@227 57 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
bgneal@227 58 else:
bgneal@227 59 if request.COOKIES.get(settings.CSRF_COOKIE_NAME) is not None:
bgneal@227 60 # We have a non-authenticated user that has cookies enabled. This
bgneal@227 61 # means we can track them.
bgneal@227 62 if request.COOKIES.get(ONLINE_COOKIE) is None:
bgneal@423 63 # see if we can get the IP address
bgneal@227 64 ip = get_ip(request)
bgneal@227 65 if ip:
bgneal@423 66 # report that we've seen this visitor
bgneal@423 67 report_visitor(ip)
bgneal@227 68
bgneal@423 69 # set a cookie to expire
bgneal@227 70 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
bgneal@227 71
bgneal@227 72 return response