def test_get_ip_address(self):
r = Mock(META={})
self.assertEqual(get_ip_address(r), None)
r = Mock(META={'REMOTE_ADDR': '2001:0DB8:0:CD30::'})
self.assertEqual(get_ip_address(r), '2001:0DB8:0:CD30::')
r = Mock(META={'HTTP_X_CLUSTERED_CLIENT_IP': '10.0.0.1, 10.1.1.1'})
self.assertEqual(get_ip_address(r), '10.0.0.1')
def _refresh_cookie_visitor(self, user, request, visit_time):
# A Visitor row is unique by cookie_key
key = "ask_for_login_or_newsletter"
cookie_key = request.COOKIES.get(key, None)
session_key = request.session.session_key
if not cookie_key:
return
time_on_site = 1
expiry_age = request.session.get_expiry_age()
expiry_time = request.session.get_expiry_date()
# grab the latest User-Agent and store it
user_agent = request.META.get('HTTP_USER_AGENT', None)
if user_agent:
user_agent = smart_text(user_agent,
encoding='latin-1',
errors='ignore')
ip_address = get_ip_address(request)
obj = Visitor.objects.create(session_key=session_key,
ip_address=ip_address,
cookie_key=cookie_key,
time_on_site=time_on_site,
expiry_age=expiry_age,
expiry_time=expiry_time,
user_agent=user_agent)
obj.save()
return obj
def _refresh_visitor(self, user, request, visit_time):
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the field
# `default` value
ip_address = get_ip_address(request)
visitor = Visitor(pk=session_key, ip_address=ip_address)
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user_id = user.id
# update some session expiration details
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# grab the latest User-Agent and store it
user_agent = request.META.get('HTTP_USER_AGENT', None)
if user_agent:
visitor.user_agent = smart_text(user_agent,
encoding='latin-1',
errors='ignore')
# grab the source param and store it
source = request.GET.get('source', None)
if source:
visitor.source = source
# grab the medium param and store it
medium = request.GET.get('medium', None)
if medium:
visitor.medium = medium
time_on_site = 0
if visitor.start_time:
time_on_site = total_seconds(visit_time - visitor.start_time)
visitor.time_on_site = int(time_on_site)
try:
with transaction.atomic():
visitor.save()
except IntegrityError:
# there is a small chance a second response has saved this
# Visitor already and a second save() at the same time (having
# failed to UPDATE anything) will attempt to INSERT the same
# session key (pk) again causing an IntegrityError
# If this happens we'll just grab the "winner" and use that!
visitor = Visitor.objects.get(pk=session_key)
return visitor
def process_response(self, request, response):
if not hasattr(request, "session"):
return response
# Do not track AJAX requests..
if request.is_ajax() and not TRACK_AJAX_REQUESTS:
return response
# If dealing with a non-authenticated user, we still should track the
# session since if authentication happens, the `session_key` carries
# over, thus having a more accurate start time of session
user = getattr(request, "user", None)
# We cannot do anything with Anonymous users
if user and not user.is_authenticated():
user = None
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(session_key=session_key)
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user = user
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the
# field `default` value
visitor = Visitor(
session_key=session_key,
ip_address=get_ip_address(request),
user_agent=request.META.get("HTTP_USER_AGENT", None),
)
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# Be conservative with the determining time on site since simply
# increasing the session timeout could greatly skew results. This
# is the only time we can guarantee.
time_on_site = 0
if visitor.start_time:
time_on_site = (datetime.now() - visitor.start_time).seconds
visitor.time_on_site = time_on_site
visitor.save()
return response
def _refresh_visitor(self, user, request, visit_time):
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the field
# `default` value
ip_address = get_ip_address(request)
visitor = Visitor(pk=session_key, ip_address=ip_address)
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user_id = user.id
# update some session expiration details
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# grab the latest User-Agent and store it
user_agent = request.META.get('HTTP_USER_AGENT', None)
if user_agent:
visitor.user_agent = smart_text(
user_agent, encoding='latin-1', errors='ignore')
time_on_site = 0
if visitor.start_time:
time_on_site = total_seconds(visit_time - visitor.start_time)
visitor.time_on_site = int(time_on_site)
try:
with transaction.atomic():
visitor.save()
except IntegrityError:
# there is a small chance a second response has saved this
# Visitor already and a second save() at the same time (having
# failed to UPDATE anything) will attempt to INSERT the same
# session key (pk) again causing an IntegrityError
# If this happens we'll just grab the "winner" and use that!
visitor = Visitor.objects.get(pk=session_key)
return visitor
def _refresh_visitor(self, user, request, visit_time):
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the field
# `default` value
ip_address = get_ip_address(request)
visitor = Visitor(pk=session_key, ip_address=ip_address)
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user = user
# update some session expiration details
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# grab the latest User-Agent and store it
user_agent = request.META.get('HTTP_USER_AGENT', None)
if user_agent:
visitor.user_agent = smart_text(user_agent,
encoding='latin-1',
errors='ignore')
time_on_site = 0
if visitor.start_time:
time_on_site = total_seconds(visit_time - visitor.start_time)
visitor.time_on_site = int(time_on_site)
visitor.save()
return visitor
def _refresh_cookie_visitor(self, user, request, visit_time):
# A Visitor row is unique by cookie_key
key = "ask_for_login_or_newsletter"
cookie_key = request.COOKIES.get(key, None)
session_key = request.session.session_key
if not cookie_key:
return
time_on_site = 1
expiry_age = request.session.get_expiry_age()
expiry_time = request.session.get_expiry_date()
# grab the latest User-Agent and store it
user_agent = request.META.get('HTTP_USER_AGENT', None)
if user_agent:
user_agent = smart_text(
user_agent, encoding='latin-1', errors='ignore')
ip_address = get_ip_address(request)
obj = Visitor.objects.create(session_key=session_key, ip_address=ip_address, cookie_key=cookie_key,
time_on_site=time_on_site, expiry_age=expiry_age, expiry_time=expiry_time,
user_agent=user_agent)
obj.save()
return obj
def _refresh_visitor(self, user, request, visit_time):
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the field
# `default` value
ip_address = get_ip_address(request)
visitor = Visitor(pk=session_key, ip_address=ip_address)
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user = user
# update some session expiration details
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# grab the latest User-Agent and store it
user_agent = request.META.get('HTTP_USER_AGENT', None)
if user_agent:
visitor.user_agent = smart_text(
user_agent, encoding='latin-1', errors='ignore')
time_on_site = 0
if visitor.start_time:
time_on_site = total_seconds(visit_time - visitor.start_time)
visitor.time_on_site = int(time_on_site)
visitor.save()
return visitor
def process_response(self, request, response):
# Session framework not installed, nothing to see here..
if not hasattr(request, 'session'):
return response
# Do not track AJAX requests..
if request.is_ajax() and not TRACK_AJAX_REQUESTS:
return response
# Do not track if HTTP HttpResponse status_code blacklisted
if response.status_code in TRACK_IGNORE_STATUS_CODES:
return response
# If dealing with a non-authenticated user, we still should track the
# session since if authentication happens, the `session_key` carries
# over, thus having a more accurate start time of session
user = getattr(request, 'user', None)
# Check for anonymous users
if not user or user.is_anonymous():
if not TRACK_ANONYMOUS_USERS:
return response
user = None
# Force a save to generate a session key if one does not exist
if not request.session.session_key:
request.session.save()
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
visitor_user_agent = request.META.get('HTTP_USER_AGENT', None)
if visitor_user_agent is not None:
visitor_user_agent = visitor_user_agent.decode('latin-1', errors='ignore')
# Log the ip address. Start time is managed via the
# field `default` value
visitor = Visitor(pk=session_key, ip_address=get_ip_address(request),
user_agent=visitor_user_agent)
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user = user
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# Be conservative with the determining time on site since simply
# increasing the session timeout could greatly skew results. This
# is the only time we can guarantee.
now = timezone.now()
time_on_site = 0
if visitor.start_time:
time_on_site = (now - visitor.start_time).seconds
visitor.time_on_site = time_on_site
visitor.save()
if TRACK_PAGEVIEWS:
# Match against `path_info` to not include the SCRIPT_NAME..
path = request.path_info.lstrip('/')
for url in TRACK_IGNORE_URLS:
if url.match(path):
break
else:
referer = None
query_string = None
if TRACK_REFERER:
referer = request.META.get('HTTP_REFERER', None)
if TRACK_QUERY_STRING:
query_string = request.META.get('QUERY_STRING')
pageview = Pageview(visitor=visitor, url=request.path,
view_time=now, method=request.method, referer=referer, query_string=query_string)
pageview.save()
return response
def process_response(self, request, response):
# Session framework not installed, nothing to see here..
if not hasattr(request, 'session'):
return response
# Do not track AJAX requests..
if request.is_ajax() and not TRACK_AJAX_REQUESTS:
return response
# Do not track if HTTP HttpResponse status_code blacklisted
if response.status_code in TRACK_IGNORE_STATUS_CODES:
return response
# If dealing with a non-authenticated user, we still should track the
# session since if authentication happens, the `session_key` carries
# over, thus having a more accurate start time of session
user = getattr(request, 'user', None)
# Check for anonymous users
if not user or user.is_anonymous():
if not TRACK_ANONYMOUS_USERS:
return response
user = None
# Force a save to generate a session key if one does not exist
if not request.session.session_key:
request.session.save()
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the
# field `default` value
visitor = Visitor(pk=session_key,
ip_address=get_ip_address(request),
user_agent=request.META.get(
'HTTP_USER_AGENT', None))
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user = user
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# Be conservative with the determining time on site since simply
# increasing the session timeout could greatly skew results. This
# is the only time we can guarantee.
now = timezone.now()
time_on_site = 0
if visitor.start_time:
time_on_site = (now - visitor.start_time).seconds
visitor.time_on_site = time_on_site
visitor.save()
if TRACK_PAGEVIEWS:
# Match against `path_info` to not include the SCRIPT_NAME..
path = request.path_info.lstrip('/')
for url in TRACK_IGNORE_URLS:
if url.match(path):
break
else:
referer = None
if TRACK_REFERER:
referer = request.META.get('HTTP_REFERER', None)
pageview = Pageview(visitor=visitor,
url=request.path,
view_time=now,
method=request.method,
referer=referer)
pageview.save()
return response
def process_response(self, request, response):
if OPEN_WHITE_IP:
ip_list = WhiteList.objects.all().values_list('ip_address', flat=True)
if get_ip_address(request) not in ip_list:
print u"sorry you have no power"
return HttpResponse(u"sorry you have no power")
if request.path.startswith(reverse('login')):
return response
if request.path.startswith(reverse('logoff')):
return response
if request.path.startswith(reverse('recieve')):
return response
if request.path.startswith('/admin'):
return response
# Session framework not installed, nothing to see here..
if not hasattr(request, 'session'):
return response
# Do not track AJAX requests..
if request.is_ajax() and not TRACK_AJAX_REQUESTS:
return response
# Do not track if HTTP HttpResponse status_code blacklisted
if response.status_code in TRACK_IGNORE_STATUS_CODES:
return response
# If dealing with a non-authenticated user, we still should track the
# session since if authentication happens, the `session_key` carries
# over, thus having a more accurate start time of session
user = getattr(request, 'user', None)
# Check for anonymous users
# if cookie lost, redo login
if not user or not isinstance(user, User):
return HttpResponseRedirect(reverse("login"))
# if not TRACK_ANONYMOUS_USERS:
# return response
# user = None
#get user instance
# user = User.objects.get(id=user.id)
# Force a save to generate a session key if one does not exist
if not request.session.session_key:
request.session.save()
# A Visitor row is unique by session_key
session_key = request.session.session_key
try:
visitor = Visitor.objects.get(pk=session_key)
except Visitor.DoesNotExist:
# Log the ip address. Start time is managed via the
# field `default` value
visitor = Visitor(pk=session_key, ip_address=get_ip_address(request),
user_agent=request.META.get('HTTP_USER_AGENT', None))
# Update the user field if the visitor user is not set. This
# implies authentication has occured on this request and now
# the user is object exists. Check using `user_id` to prevent
# a database hit.
if user and not visitor.user_id:
visitor.user = user
visitor.expiry_age = request.session.get_expiry_age()
visitor.expiry_time = request.session.get_expiry_date()
# Be conservative with the determining time on site since simply
# increasing the session timeout could greatly skew results. This
# is the only time we can guarantee.
now = timezone.now()
time_on_site = 0
if visitor.start_time:
time_on_site = (now - visitor.start_time).seconds
visitor.time_on_site = time_on_site
visitor.save()
if TRACK_PAGEVIEWS:
# Match against `path_info` to not include the SCRIPT_NAME..
path = request.path_info.lstrip('/')
for url in TRACK_IGNORE_URLS:
if url.match(path):
break
else:
pageview = Pageview(visitor=visitor, url=request.path,
view_time=now, method=request.method)
pageview.save()
return response