|
bgneal@215
|
1 """Common middleware for the entire project."""
|
|
bgneal@227
|
2 import datetime
|
|
bgneal@370
|
3 import logging
|
|
bgneal@227
|
4
|
|
bgneal@370
|
5 from django.db import IntegrityError
|
|
bgneal@215
|
6 from django.contrib.auth import logout
|
|
bgneal@227
|
7 from django.conf import settings
|
|
bgneal@227
|
8
|
|
bgneal@227
|
9 from core.functions import get_ip
|
|
bgneal@423
|
10 from core.whos_online import report_user, report_visitor
|
|
bgneal@227
|
11
|
|
bgneal@215
|
12
|
|
bgneal@215
|
13 class InactiveUserMiddleware(object):
|
|
bgneal@215
|
14 """
|
|
bgneal@215
|
15 This middleware ensures users with is_active set to False get their
|
|
bgneal@215
|
16 session destroyed and are treated as logged out.
|
|
bgneal@215
|
17 This middleware should come after the 'django.contrib.auth.middleware.
|
|
bgneal@215
|
18 AuthenticationMiddleware' in settings.py.
|
|
bgneal@215
|
19 Idea taken from: http://djangosnippets.org/snippets/1105/
|
|
bgneal@215
|
20 """
|
|
bgneal@215
|
21
|
|
bgneal@227
|
22 def process_view(self, request, view_func, view_args, view_kwargs):
|
|
bgneal@215
|
23 if request.user.is_authenticated() and not request.user.is_active:
|
|
bgneal@215
|
24 logout(request)
|
|
bgneal@215
|
25
|
|
bgneal@227
|
26
|
|
bgneal@227
|
27 ONLINE_COOKIE = 'sg101_online' # online cookie name
|
|
bgneal@423
|
28 ONLINE_TIMEOUT = 5 * 60 # online cookie lifetime in seconds
|
|
bgneal@423
|
29
|
|
bgneal@227
|
30
|
|
bgneal@227
|
31 class WhosOnline(object):
|
|
bgneal@227
|
32 """
|
|
bgneal@227
|
33 This middleware class keeps track of which registered users have
|
|
bgneal@227
|
34 been seen recently, and the number of unique unregistered users.
|
|
bgneal@227
|
35 This middleware should come after the authentication middleware,
|
|
bgneal@227
|
36 as we count on the user attribute being attached to the request.
|
|
bgneal@227
|
37 """
|
|
bgneal@227
|
38
|
|
bgneal@227
|
39 def process_response(self, request, response):
|
|
bgneal@227
|
40 """
|
|
bgneal@227
|
41 Keep track of who is online.
|
|
bgneal@227
|
42 """
|
|
bgneal@231
|
43 # Note that some requests may not have a user attribute
|
|
bgneal@231
|
44 # as these may have been redirected in the middleware chain before
|
|
bgneal@231
|
45 # the auth middleware got a chance to run. If this is the case, just
|
|
bgneal@231
|
46 # bail out. We also ignore AJAX requests.
|
|
bgneal@231
|
47
|
|
bgneal@231
|
48 if not hasattr(request, 'user') or request.is_ajax():
|
|
bgneal@229
|
49 return response
|
|
bgneal@227
|
50
|
|
bgneal@227
|
51 if request.user.is_authenticated():
|
|
bgneal@227
|
52 if request.COOKIES.get(ONLINE_COOKIE) is None:
|
|
bgneal@423
|
53 # report that we've seen the user
|
|
bgneal@423
|
54 report_user(request.user.username)
|
|
bgneal@227
|
55
|
|
bgneal@423
|
56 # set a cookie to expire
|
|
bgneal@227
|
57 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
|
|
bgneal@227
|
58 else:
|
|
bgneal@227
|
59 if request.COOKIES.get(settings.CSRF_COOKIE_NAME) is not None:
|
|
bgneal@227
|
60 # We have a non-authenticated user that has cookies enabled. This
|
|
bgneal@227
|
61 # means we can track them.
|
|
bgneal@227
|
62 if request.COOKIES.get(ONLINE_COOKIE) is None:
|
|
bgneal@423
|
63 # see if we can get the IP address
|
|
bgneal@227
|
64 ip = get_ip(request)
|
|
bgneal@227
|
65 if ip:
|
|
bgneal@423
|
66 # report that we've seen this visitor
|
|
bgneal@423
|
67 report_visitor(ip)
|
|
bgneal@227
|
68
|
|
bgneal@423
|
69 # set a cookie to expire
|
|
bgneal@227
|
70 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
|
|
bgneal@227
|
71
|
|
bgneal@227
|
72 return response
|
