bgneal@215: """Common middleware for the entire project.""" bgneal@227: import datetime bgneal@370: import logging bgneal@227: bgneal@370: from django.db import IntegrityError bgneal@215: from django.contrib.auth import logout bgneal@227: from django.conf import settings bgneal@227: bgneal@227: from core.functions import get_ip bgneal@423: from core.whos_online import report_user, report_visitor bgneal@227: bgneal@215: bgneal@215: class InactiveUserMiddleware(object): bgneal@215: """ bgneal@215: This middleware ensures users with is_active set to False get their bgneal@215: session destroyed and are treated as logged out. bgneal@215: This middleware should come after the 'django.contrib.auth.middleware. bgneal@215: AuthenticationMiddleware' in settings.py. bgneal@215: Idea taken from: http://djangosnippets.org/snippets/1105/ bgneal@215: """ bgneal@215: bgneal@227: def process_view(self, request, view_func, view_args, view_kwargs): bgneal@215: if request.user.is_authenticated() and not request.user.is_active: bgneal@215: logout(request) bgneal@215: bgneal@227: bgneal@227: ONLINE_COOKIE = 'sg101_online' # online cookie name bgneal@423: ONLINE_TIMEOUT = 5 * 60 # online cookie lifetime in seconds bgneal@423: bgneal@227: bgneal@227: class WhosOnline(object): bgneal@227: """ bgneal@227: This middleware class keeps track of which registered users have bgneal@227: been seen recently, and the number of unique unregistered users. bgneal@227: This middleware should come after the authentication middleware, bgneal@227: as we count on the user attribute being attached to the request. bgneal@227: """ bgneal@227: bgneal@227: def process_response(self, request, response): bgneal@227: """ bgneal@227: Keep track of who is online. bgneal@227: """ bgneal@231: # Note that some requests may not have a user attribute bgneal@231: # as these may have been redirected in the middleware chain before bgneal@231: # the auth middleware got a chance to run. If this is the case, just bgneal@231: # bail out. We also ignore AJAX requests. bgneal@231: bgneal@231: if not hasattr(request, 'user') or request.is_ajax(): bgneal@229: return response bgneal@227: bgneal@227: if request.user.is_authenticated(): bgneal@227: if request.COOKIES.get(ONLINE_COOKIE) is None: bgneal@423: # report that we've seen the user bgneal@423: report_user(request.user.username) bgneal@227: bgneal@423: # set a cookie to expire bgneal@227: response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT) bgneal@227: else: bgneal@227: if request.COOKIES.get(settings.CSRF_COOKIE_NAME) is not None: bgneal@227: # We have a non-authenticated user that has cookies enabled. This bgneal@227: # means we can track them. bgneal@227: if request.COOKIES.get(ONLINE_COOKIE) is None: bgneal@423: # see if we can get the IP address bgneal@227: ip = get_ip(request) bgneal@227: if ip: bgneal@423: # report that we've seen this visitor bgneal@423: report_visitor(ip) bgneal@227: bgneal@423: # set a cookie to expire bgneal@227: response.set_cookie(ONLINE_COOKIE, '1', max_age=ONLINE_TIMEOUT) bgneal@227: bgneal@227: return response