Internal view decorator

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
import functools
from django.conf import settings
from django.http import HttpResponseForbidden
from django.views.decorators.csrf import csrf_exempt


def internal_view(view):
    '''Decorates a view as accessible from INTERNAL_IPS only.

    As a convenience, the view is also decorated with ``csrf_exempt``.
    '''
    @functools.wraps(view)
    def wrapper_view(request, *args, **kwds):
        remote_addr = request.META.get('HTTP_X_REAL_IP',
                                       request.META.get('REMOTE_ADDR', None))
        if not (settings.DEBUG or remote_addr in settings.INTERNAL_IPS):
            return HttpResponseForbidden('Internal view')
        return view(request, *args, **kwds)
    return csrf_exempt(wrapper_view)

More like this

  1. Support IP ranges in INTERNAL_IPS by jdunck 3 years, 5 months ago
  2. Middleware to prevent access to the admin when user ip not in INTERNAL_IPS by jezdez 2 years, 11 months ago
  3. Globs for INTERNAL_IPS by kcarnold 4 years, 3 months ago
  4. IP Authorisation Decorator by pliskin 2 years, 8 months ago
  5. Redirect view based on GEO by jorjun 3 years, 10 months ago

Comments

(Forgotten your password?)