annotate core/middleware.py @ 1107:977e76f7f736

POTD converted to V3 design.
author Brian Neal <bgneal@gmail.com>
date Wed, 06 Jul 2016 21:41:16 -0500
parents ee87ea74d46b
children
rev   line source
bgneal@215 1 """Common middleware for the entire project."""
bgneal@227 2 import datetime
bgneal@370 3 import logging
bgneal@227 4
bgneal@370 5 from django.db import IntegrityError
bgneal@215 6 from django.contrib.auth import logout
bgneal@227 7 from django.conf import settings
bgneal@227 8
bgneal@227 9 from core.functions import get_ip
bgneal@423 10 from core.whos_online import report_user, report_visitor
bgneal@227 11
bgneal@215 12
bgneal@215 13 class InactiveUserMiddleware(object):
bgneal@215 14 """
bgneal@215 15 This middleware ensures users with is_active set to False get their
bgneal@215 16 session destroyed and are treated as logged out.
bgneal@215 17 This middleware should come after the 'django.contrib.auth.middleware.
bgneal@215 18 AuthenticationMiddleware' in settings.py.
bgneal@215 19 Idea taken from: http://djangosnippets.org/snippets/1105/
bgneal@215 20 """
bgneal@215 21
bgneal@227 22 def process_view(self, request, view_func, view_args, view_kwargs):
bgneal@215 23 if request.user.is_authenticated() and not request.user.is_active:
bgneal@215 24 logout(request)
bgneal@215 25
bgneal@227 26
bgneal@227 27 ONLINE_COOKIE = 'sg101_online' # online cookie name
bgneal@423 28 ONLINE_TIMEOUT = 5 * 60 # online cookie lifetime in seconds
bgneal@423 29
bgneal@227 30
bgneal@227 31 class WhosOnline(object):
bgneal@227 32 """
bgneal@227 33 This middleware class keeps track of which registered users have
bgneal@227 34 been seen recently, and the number of unique unregistered users.
bgneal@227 35 This middleware should come after the authentication middleware,
bgneal@227 36 as we count on the user attribute being attached to the request.
bgneal@227 37 """
bgneal@227 38
bgneal@227 39 def process_response(self, request, response):
bgneal@227 40 """
bgneal@227 41 Keep track of who is online.
bgneal@227 42 """
bgneal@231 43 # Note that some requests may not have a user attribute
bgneal@231 44 # as these may have been redirected in the middleware chain before
bgneal@231 45 # the auth middleware got a chance to run. If this is the case, just
bgneal@231 46 # bail out. We also ignore AJAX requests.
bgneal@231 47
bgneal@231 48 if not hasattr(request, 'user') or request.is_ajax():
bgneal@229 49 return response
bgneal@227 50
bgneal@227 51 if request.user.is_authenticated():
bgneal@227 52 if request.COOKIES.get(ONLINE_COOKIE) is None:
bgneal@423 53 # report that we've seen the user
bgneal@423 54 report_user(request.user.username)
bgneal@227 55
bgneal@423 56 # set a cookie to expire
bgneal@227 57 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
bgneal@227 58 else:
bgneal@227 59 if request.COOKIES.get(settings.CSRF_COOKIE_NAME) is not None:
bgneal@227 60 # We have a non-authenticated user that has cookies enabled. This
bgneal@227 61 # means we can track them.
bgneal@227 62 if request.COOKIES.get(ONLINE_COOKIE) is None:
bgneal@423 63 # see if we can get the IP address
bgneal@227 64 ip = get_ip(request)
bgneal@227 65 if ip:
bgneal@423 66 # report that we've seen this visitor
bgneal@423 67 report_visitor(ip)
bgneal@227 68
bgneal@423 69 # set a cookie to expire
bgneal@227 70 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
bgneal@227 71
bgneal@227 72 return response