bgneal@215: """Common middleware for the entire project.""" bgneal@227: import datetime bgneal@370: import logging bgneal@227: bgneal@370: from django.db import IntegrityError bgneal@215: from django.contrib.auth import logout bgneal@227: from django.conf import settings bgneal@227: bgneal@227: from core.models import UserLastVisit bgneal@227: from core.models import AnonLastVisit bgneal@227: from core.functions import get_ip bgneal@227: bgneal@215: bgneal@215: class InactiveUserMiddleware(object): bgneal@215: """ bgneal@215: This middleware ensures users with is_active set to False get their bgneal@215: session destroyed and are treated as logged out. bgneal@215: This middleware should come after the 'django.contrib.auth.middleware. bgneal@215: AuthenticationMiddleware' in settings.py. bgneal@215: Idea taken from: http://djangosnippets.org/snippets/1105/ bgneal@215: """ bgneal@215: bgneal@227: def process_view(self, request, view_func, view_args, view_kwargs): bgneal@215: if request.user.is_authenticated() and not request.user.is_active: bgneal@215: logout(request) bgneal@215: bgneal@227: bgneal@227: ONLINE_COOKIE = 'sg101_online' # online cookie name bgneal@227: ONLINE_TIMEOUT = 10 * 60 # online cookie lifetime in seconds bgneal@227: bgneal@227: class WhosOnline(object): bgneal@227: """ bgneal@227: This middleware class keeps track of which registered users have bgneal@227: been seen recently, and the number of unique unregistered users. bgneal@227: This middleware should come after the authentication middleware, bgneal@227: as we count on the user attribute being attached to the request. bgneal@227: """ bgneal@227: bgneal@227: def process_response(self, request, response): bgneal@227: """ bgneal@227: Keep track of who is online. bgneal@227: """ bgneal@231: # Note that some requests may not have a user attribute bgneal@231: # as these may have been redirected in the middleware chain before bgneal@231: # the auth middleware got a chance to run. If this is the case, just bgneal@231: # bail out. We also ignore AJAX requests. bgneal@231: bgneal@231: if not hasattr(request, 'user') or request.is_ajax(): bgneal@229: return response bgneal@227: bgneal@227: if request.user.is_authenticated(): bgneal@227: if request.COOKIES.get(ONLINE_COOKIE) is None: bgneal@227: # update the last seen timestamp bgneal@227: try: bgneal@227: ulv = UserLastVisit.objects.get(user=request.user) bgneal@227: except UserLastVisit.DoesNotExist: bgneal@227: ulv = UserLastVisit(user=request.user) bgneal@227: bgneal@227: ulv.last_visit = datetime.datetime.now() bgneal@227: ulv.save() bgneal@227: bgneal@227: # set a cookie to expire in 10 minutes or so bgneal@227: response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT) bgneal@227: else: bgneal@227: if request.COOKIES.get(settings.CSRF_COOKIE_NAME) is not None: bgneal@227: # We have a non-authenticated user that has cookies enabled. This bgneal@227: # means we can track them. bgneal@227: if request.COOKIES.get(ONLINE_COOKIE) is None: bgneal@227: # update the timestamp for this anonymous visitor bgneal@227: ip = get_ip(request) bgneal@227: if ip: bgneal@227: try: bgneal@227: alv = AnonLastVisit.objects.get(ip=ip) bgneal@227: except AnonLastVisit.DoesNotExist: bgneal@227: alv = AnonLastVisit(ip=ip) bgneal@227: bgneal@227: alv.last_visit = datetime.datetime.now() bgneal@370: bgneal@370: # There is a race condition and sometimes another thread bgneal@370: # saves a record before we do; just log this if it happens. bgneal@370: try: bgneal@370: alv.save() bgneal@370: except IntegrityError: bgneal@370: logging.exception('WhosOnline.process_response') bgneal@227: bgneal@227: # set a cookie to expire in 10 minutes or so bgneal@227: response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT) bgneal@227: bgneal@227: return response