def test_get_ip_address(self): r = Mock(META={}) self.assertEqual(get_ip_address(r), None) r = Mock(META={'REMOTE_ADDR': '2001:0DB8:0:CD30::'}) self.assertEqual(get_ip_address(r), '2001:0DB8:0:CD30::') r = Mock(META={'HTTP_X_CLUSTERED_CLIENT_IP': '10.0.0.1, 10.1.1.1'}) self.assertEqual(get_ip_address(r), '10.0.0.1')
def _refresh_cookie_visitor(self, user, request, visit_time): # A Visitor row is unique by cookie_key key = "ask_for_login_or_newsletter" cookie_key = request.COOKIES.get(key, None) session_key = request.session.session_key if not cookie_key: return time_on_site = 1 expiry_age = request.session.get_expiry_age() expiry_time = request.session.get_expiry_date() # grab the latest User-Agent and store it user_agent = request.META.get('HTTP_USER_AGENT', None) if user_agent: user_agent = smart_text(user_agent, encoding='latin-1', errors='ignore') ip_address = get_ip_address(request) obj = Visitor.objects.create(session_key=session_key, ip_address=ip_address, cookie_key=cookie_key, time_on_site=time_on_site, expiry_age=expiry_age, expiry_time=expiry_time, user_agent=user_agent) obj.save() return obj
def _refresh_visitor(self, user, request, visit_time): # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the field # `default` value ip_address = get_ip_address(request) visitor = Visitor(pk=session_key, ip_address=ip_address) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user_id = user.id # update some session expiration details visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # grab the latest User-Agent and store it user_agent = request.META.get('HTTP_USER_AGENT', None) if user_agent: visitor.user_agent = smart_text(user_agent, encoding='latin-1', errors='ignore') # grab the source param and store it source = request.GET.get('source', None) if source: visitor.source = source # grab the medium param and store it medium = request.GET.get('medium', None) if medium: visitor.medium = medium time_on_site = 0 if visitor.start_time: time_on_site = total_seconds(visit_time - visitor.start_time) visitor.time_on_site = int(time_on_site) try: with transaction.atomic(): visitor.save() except IntegrityError: # there is a small chance a second response has saved this # Visitor already and a second save() at the same time (having # failed to UPDATE anything) will attempt to INSERT the same # session key (pk) again causing an IntegrityError # If this happens we'll just grab the "winner" and use that! visitor = Visitor.objects.get(pk=session_key) return visitor
def process_response(self, request, response): if not hasattr(request, "session"): return response # Do not track AJAX requests.. if request.is_ajax() and not TRACK_AJAX_REQUESTS: return response # If dealing with a non-authenticated user, we still should track the # session since if authentication happens, the `session_key` carries # over, thus having a more accurate start time of session user = getattr(request, "user", None) # We cannot do anything with Anonymous users if user and not user.is_authenticated(): user = None # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(session_key=session_key) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user = user except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the # field `default` value visitor = Visitor( session_key=session_key, ip_address=get_ip_address(request), user_agent=request.META.get("HTTP_USER_AGENT", None), ) visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # Be conservative with the determining time on site since simply # increasing the session timeout could greatly skew results. This # is the only time we can guarantee. time_on_site = 0 if visitor.start_time: time_on_site = (datetime.now() - visitor.start_time).seconds visitor.time_on_site = time_on_site visitor.save() return response
def _refresh_visitor(self, user, request, visit_time): # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the field # `default` value ip_address = get_ip_address(request) visitor = Visitor(pk=session_key, ip_address=ip_address) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user_id = user.id # update some session expiration details visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # grab the latest User-Agent and store it user_agent = request.META.get('HTTP_USER_AGENT', None) if user_agent: visitor.user_agent = smart_text( user_agent, encoding='latin-1', errors='ignore') time_on_site = 0 if visitor.start_time: time_on_site = total_seconds(visit_time - visitor.start_time) visitor.time_on_site = int(time_on_site) try: with transaction.atomic(): visitor.save() except IntegrityError: # there is a small chance a second response has saved this # Visitor already and a second save() at the same time (having # failed to UPDATE anything) will attempt to INSERT the same # session key (pk) again causing an IntegrityError # If this happens we'll just grab the "winner" and use that! visitor = Visitor.objects.get(pk=session_key) return visitor
def _refresh_visitor(self, user, request, visit_time): # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the field # `default` value ip_address = get_ip_address(request) visitor = Visitor(pk=session_key, ip_address=ip_address) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user = user # update some session expiration details visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # grab the latest User-Agent and store it user_agent = request.META.get('HTTP_USER_AGENT', None) if user_agent: visitor.user_agent = smart_text(user_agent, encoding='latin-1', errors='ignore') time_on_site = 0 if visitor.start_time: time_on_site = total_seconds(visit_time - visitor.start_time) visitor.time_on_site = int(time_on_site) visitor.save() return visitor
def _refresh_cookie_visitor(self, user, request, visit_time): # A Visitor row is unique by cookie_key key = "ask_for_login_or_newsletter" cookie_key = request.COOKIES.get(key, None) session_key = request.session.session_key if not cookie_key: return time_on_site = 1 expiry_age = request.session.get_expiry_age() expiry_time = request.session.get_expiry_date() # grab the latest User-Agent and store it user_agent = request.META.get('HTTP_USER_AGENT', None) if user_agent: user_agent = smart_text( user_agent, encoding='latin-1', errors='ignore') ip_address = get_ip_address(request) obj = Visitor.objects.create(session_key=session_key, ip_address=ip_address, cookie_key=cookie_key, time_on_site=time_on_site, expiry_age=expiry_age, expiry_time=expiry_time, user_agent=user_agent) obj.save() return obj
def _refresh_visitor(self, user, request, visit_time): # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the field # `default` value ip_address = get_ip_address(request) visitor = Visitor(pk=session_key, ip_address=ip_address) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user = user # update some session expiration details visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # grab the latest User-Agent and store it user_agent = request.META.get('HTTP_USER_AGENT', None) if user_agent: visitor.user_agent = smart_text( user_agent, encoding='latin-1', errors='ignore') time_on_site = 0 if visitor.start_time: time_on_site = total_seconds(visit_time - visitor.start_time) visitor.time_on_site = int(time_on_site) visitor.save() return visitor
def process_response(self, request, response): # Session framework not installed, nothing to see here.. if not hasattr(request, 'session'): return response # Do not track AJAX requests.. if request.is_ajax() and not TRACK_AJAX_REQUESTS: return response # Do not track if HTTP HttpResponse status_code blacklisted if response.status_code in TRACK_IGNORE_STATUS_CODES: return response # If dealing with a non-authenticated user, we still should track the # session since if authentication happens, the `session_key` carries # over, thus having a more accurate start time of session user = getattr(request, 'user', None) # Check for anonymous users if not user or user.is_anonymous(): if not TRACK_ANONYMOUS_USERS: return response user = None # Force a save to generate a session key if one does not exist if not request.session.session_key: request.session.save() # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: visitor_user_agent = request.META.get('HTTP_USER_AGENT', None) if visitor_user_agent is not None: visitor_user_agent = visitor_user_agent.decode('latin-1', errors='ignore') # Log the ip address. Start time is managed via the # field `default` value visitor = Visitor(pk=session_key, ip_address=get_ip_address(request), user_agent=visitor_user_agent) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user = user visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # Be conservative with the determining time on site since simply # increasing the session timeout could greatly skew results. This # is the only time we can guarantee. now = timezone.now() time_on_site = 0 if visitor.start_time: time_on_site = (now - visitor.start_time).seconds visitor.time_on_site = time_on_site visitor.save() if TRACK_PAGEVIEWS: # Match against `path_info` to not include the SCRIPT_NAME.. path = request.path_info.lstrip('/') for url in TRACK_IGNORE_URLS: if url.match(path): break else: referer = None query_string = None if TRACK_REFERER: referer = request.META.get('HTTP_REFERER', None) if TRACK_QUERY_STRING: query_string = request.META.get('QUERY_STRING') pageview = Pageview(visitor=visitor, url=request.path, view_time=now, method=request.method, referer=referer, query_string=query_string) pageview.save() return response
def process_response(self, request, response): # Session framework not installed, nothing to see here.. if not hasattr(request, 'session'): return response # Do not track AJAX requests.. if request.is_ajax() and not TRACK_AJAX_REQUESTS: return response # Do not track if HTTP HttpResponse status_code blacklisted if response.status_code in TRACK_IGNORE_STATUS_CODES: return response # If dealing with a non-authenticated user, we still should track the # session since if authentication happens, the `session_key` carries # over, thus having a more accurate start time of session user = getattr(request, 'user', None) # Check for anonymous users if not user or user.is_anonymous(): if not TRACK_ANONYMOUS_USERS: return response user = None # Force a save to generate a session key if one does not exist if not request.session.session_key: request.session.save() # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the # field `default` value visitor = Visitor(pk=session_key, ip_address=get_ip_address(request), user_agent=request.META.get( 'HTTP_USER_AGENT', None)) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user = user visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # Be conservative with the determining time on site since simply # increasing the session timeout could greatly skew results. This # is the only time we can guarantee. now = timezone.now() time_on_site = 0 if visitor.start_time: time_on_site = (now - visitor.start_time).seconds visitor.time_on_site = time_on_site visitor.save() if TRACK_PAGEVIEWS: # Match against `path_info` to not include the SCRIPT_NAME.. path = request.path_info.lstrip('/') for url in TRACK_IGNORE_URLS: if url.match(path): break else: referer = None if TRACK_REFERER: referer = request.META.get('HTTP_REFERER', None) pageview = Pageview(visitor=visitor, url=request.path, view_time=now, method=request.method, referer=referer) pageview.save() return response
def process_response(self, request, response): if OPEN_WHITE_IP: ip_list = WhiteList.objects.all().values_list('ip_address', flat=True) if get_ip_address(request) not in ip_list: print u"sorry you have no power" return HttpResponse(u"sorry you have no power") if request.path.startswith(reverse('login')): return response if request.path.startswith(reverse('logoff')): return response if request.path.startswith(reverse('recieve')): return response if request.path.startswith('/admin'): return response # Session framework not installed, nothing to see here.. if not hasattr(request, 'session'): return response # Do not track AJAX requests.. if request.is_ajax() and not TRACK_AJAX_REQUESTS: return response # Do not track if HTTP HttpResponse status_code blacklisted if response.status_code in TRACK_IGNORE_STATUS_CODES: return response # If dealing with a non-authenticated user, we still should track the # session since if authentication happens, the `session_key` carries # over, thus having a more accurate start time of session user = getattr(request, 'user', None) # Check for anonymous users # if cookie lost, redo login if not user or not isinstance(user, User): return HttpResponseRedirect(reverse("login")) # if not TRACK_ANONYMOUS_USERS: # return response # user = None #get user instance # user = User.objects.get(id=user.id) # Force a save to generate a session key if one does not exist if not request.session.session_key: request.session.save() # A Visitor row is unique by session_key session_key = request.session.session_key try: visitor = Visitor.objects.get(pk=session_key) except Visitor.DoesNotExist: # Log the ip address. Start time is managed via the # field `default` value visitor = Visitor(pk=session_key, ip_address=get_ip_address(request), user_agent=request.META.get('HTTP_USER_AGENT', None)) # Update the user field if the visitor user is not set. This # implies authentication has occured on this request and now # the user is object exists. Check using `user_id` to prevent # a database hit. if user and not visitor.user_id: visitor.user = user visitor.expiry_age = request.session.get_expiry_age() visitor.expiry_time = request.session.get_expiry_date() # Be conservative with the determining time on site since simply # increasing the session timeout could greatly skew results. This # is the only time we can guarantee. now = timezone.now() time_on_site = 0 if visitor.start_time: time_on_site = (now - visitor.start_time).seconds visitor.time_on_site = time_on_site visitor.save() if TRACK_PAGEVIEWS: # Match against `path_info` to not include the SCRIPT_NAME.. path = request.path_info.lstrip('/') for url in TRACK_IGNORE_URLS: if url.match(path): break else: pageview = Pageview(visitor=visitor, url=request.path, view_time=now, method=request.method) pageview.save() return response