Django snippets: SSL Decorator

SSL Decorator

import urlparse
from django.conf import settings
from django.http import HttpResponseRedirect


def ssl_required(view_func):
    def _checkssl(request, *args, **kwargs):
        if not settings.DEBUG and not request.is_secure():
            if hasattr(settings, 'SSL_DOMAIN'):
                url_str = urlparse.urljoin(
                    settings.SSL_DOMAIN,
                    request.get_full_path()
                )
            else:
                url_str = request.build_absolute_uri()
            url_str = url_str.replace('http://', 'https://')
            return HttpResponseRedirect(url_str)

        return view_func(request, *args, **kwargs)
    return _checkssl

More like this

Securely Signed S3 Links With Expiration by pjs 4 years, 6 months ago
SSL / HTTPS Middleware for Redirection and href Rewriting by DrMeers 3 years ago
SSL Middleware for Webfaction by parlar 6 years ago
Security: Sideband information cover traffic middleware by jdunck 3 years, 2 months ago
KMZMiddleware by giovabal 5 years, 1 month ago

Wrote this some time ago when I couldn't find one already completed. Came up in the IRC channel so I decided to post it.

Easy enough to use.

from ssldecorator import ssl_required

@ssl_required def your_view(request): ''' your code here '''

You can place a variable in your settings.py to change the SSL domain (ie, if you have SSL running on secure.yourdomain.com instead of www.yourdomain.com)..

SSL_DOMAIN = 'https://secure.yourdomain.com'

Note: please include a proper URL. If https isn't used, the decorator will add it.

Author:: pjs
Posted:: March 2, 2009
Language:: Python
Django Version:: 1.0
Tags:: ssl decorator
Score:: 2 (after 2 ratings)

Tools

Comments