Login

IP Authorization Decorator with IP list

Author:
jansta
Posted:
February 16, 2011
Language:
Python
Version:
Not specified
Score:
1 (after 1 ratings)

Improved version of http://djangosnippets.org/snippets/2205/

Example simple code: ` from django.http import HttpResponse IP_LIST = ['192.168.101.100', '192.168.101.220', '127.0.0.1', '127.0.1.1']

@ip_auth(IP_LIST) def get_parameter(request,name): parameter = get_object_or_404(Parameter,short_name=short_name) return HttpResponse(parameter.value)

`

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
from django.http import HttpResponse

def ip_auth(authorised_ips):
    def inner(f):
        def authorization(*args,**kwargs):
            request = args[0]
            request_ip = request.META['REMOTE_ADDR']
            if request_ip not in authorised_ips:
                return HttpResponse(status=401)
            else:
                return f(*args, **kwargs)
        return authorization
    return inner

More like this

  1. Template tag - list punctuation for a list of items by shapiromatron 9 months, 3 weeks ago
  2. JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 10 months ago
  3. Serializer factory with Django Rest Framework by julio 1 year, 4 months ago
  4. Image compression before saving the new model / work with JPG, PNG by Schleidens 1 year, 5 months ago
  5. Help text hyperlinks by sa2812 1 year, 6 months ago

Comments

darek (on February 16, 2011):

More generic:

def ip_auth(authorised_ips=None, banned_ips=None):
    def inner(f):
        def authorization(request, *args,**kwargs):
            authorised_ips = authorised_ips or getattr(settings, 'AUTHORISED_IPS', [])
            banned_ips = banned_ips or getattr(settings, 'BANNED_IPS', [])
            ip = request.META['REMOTE_ADDR']
            is_authorised = ip in authorised_ips if authorised_ips else True
            is_banned = ip in banned_ips
            if not is_authorised or is_banned:
                return HttpResponse(status=401)
            else:
                return f(request, *args, **kwargs)
        return authorization
    return inner

#

Please login first before commenting.