bgneal@215: """Common middleware for the entire project."""
bgneal@227: import datetime
bgneal@227: 
bgneal@215: from django.contrib.auth import logout
bgneal@227: from django.conf import settings
bgneal@227: 
bgneal@227: from core.models import UserLastVisit
bgneal@227: from core.models import AnonLastVisit
bgneal@227: from core.functions import get_ip
bgneal@227: 
bgneal@215: 
bgneal@215: class InactiveUserMiddleware(object):
bgneal@215:     """
bgneal@215:     This middleware ensures users with is_active set to False get their
bgneal@215:     session destroyed and are treated as logged out.
bgneal@215:     This middleware should come after the 'django.contrib.auth.middleware.
bgneal@215:     AuthenticationMiddleware' in settings.py.
bgneal@215:     Idea taken from: http://djangosnippets.org/snippets/1105/
bgneal@215:     """
bgneal@215: 
bgneal@227:     def process_view(self, request, view_func, view_args, view_kwargs):
bgneal@215:         if request.user.is_authenticated() and not request.user.is_active:
bgneal@215:             logout(request)
bgneal@215: 
bgneal@227: 
bgneal@227: ONLINE_COOKIE = 'sg101_online'  # online cookie name
bgneal@227: ONLINE_TIMEOUT = 10 * 60        # online cookie lifetime in seconds
bgneal@227: 
bgneal@227: class WhosOnline(object):
bgneal@227:     """
bgneal@227:     This middleware class keeps track of which registered users have
bgneal@227:     been seen recently, and the number of unique unregistered users.
bgneal@227:     This middleware should come after the authentication middleware,
bgneal@227:     as we count on the user attribute being attached to the request.
bgneal@227:     """
bgneal@227: 
bgneal@227:     def process_response(self, request, response):
bgneal@227:         """
bgneal@227:         Keep track of who is online.
bgneal@227:         """
bgneal@231:         # Note that some requests may not have a user attribute
bgneal@231:         # as these may have been redirected in the middleware chain before
bgneal@231:         # the auth middleware got a chance to run. If this is the case, just
bgneal@231:         # bail out. We also ignore AJAX requests.
bgneal@231: 
bgneal@231:         if not hasattr(request, 'user') or request.is_ajax():
bgneal@229:             return response
bgneal@227: 
bgneal@227:         if request.user.is_authenticated():
bgneal@227:             if request.COOKIES.get(ONLINE_COOKIE) is None:
bgneal@227:                 # update the last seen timestamp
bgneal@227:                 try:
bgneal@227:                     ulv = UserLastVisit.objects.get(user=request.user)
bgneal@227:                 except UserLastVisit.DoesNotExist:
bgneal@227:                     ulv = UserLastVisit(user=request.user)
bgneal@227: 
bgneal@227:                 ulv.last_visit = datetime.datetime.now()
bgneal@227:                 ulv.save()
bgneal@227: 
bgneal@227:                 # set a cookie to expire in 10 minutes or so
bgneal@227:                 response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
bgneal@227:         else:
bgneal@227:             if request.COOKIES.get(settings.CSRF_COOKIE_NAME) is not None:
bgneal@227:                 # We have a non-authenticated user that has cookies enabled. This
bgneal@227:                 # means we can track them.
bgneal@227:                 if request.COOKIES.get(ONLINE_COOKIE) is None:
bgneal@227:                     # update the timestamp for this anonymous visitor
bgneal@227:                     ip = get_ip(request)
bgneal@227:                     if ip:
bgneal@227:                         try:
bgneal@227:                             alv = AnonLastVisit.objects.get(ip=ip)
bgneal@227:                         except AnonLastVisit.DoesNotExist:
bgneal@227:                             alv = AnonLastVisit(ip=ip)
bgneal@227: 
bgneal@227:                         alv.last_visit = datetime.datetime.now()
bgneal@227:                         alv.save()
bgneal@227: 
bgneal@227:                         # set a cookie to expire in 10 minutes or so
bgneal@227:                         response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT)
bgneal@227: 
bgneal@227:         return response