,--. ,--. ,--. ,--.,--.
,--,--,--.`--',-' '-.| ,---. ,--.--.`--'| |
| |,--.'-. .-'| .-. || .--',--.| |
| | | || | | | | | | || | | || |
`--`--`--'`--' `--' `--' `--'`--' `--'`--'
A Django application providing decorators, middleware, and authentication backends for IP whitelisting.
We grab IP address information from
request.META
-- which is potentially spoofable. Make sure your gateway servers don't allow rewriting of the headers you're targeting.
Mithril works by providing two new models -- Whitelist
and Range
-- that you
make a foreign key to from your objects. You define a mithril.strategy.Strategy
subclass to describe to mithril how you would like to obtain a Whitelist
from
a request.
# myapp/models.py
from django.db import models
from django.contrib.sites.models import Site
from mithril.models import Whitelist
class SiteACL(models.Model):
site = models.OneToOneField(Site)
whitelist = models.ForeignKey(Whitelist, related_name='site_acl')
# myapp/strategy.py
from mithril.strategy import Strategy
from django.conf import settings
from myapp.models import SiteACL
class MyStrategy(Strategy):
# a tuple of `method name` -> `lookup to apply`.
# if the method does not exist, or returns None, it
# continues to the next tuple.
actions = (
('view_on_site', 'site_acl__pk')
)
def view_on_site(self, request, view, *view_args, **view_kwargs):
try:
site_acl = SiteACL.objects.get(site__pk=settings.SITE_ID)
return site_acl.pk
except SiteACL.DoesNotExist:
pass
# settings.py
MITHRIL_STRATEGY = 'myapp.strategy.MyStrategy'
MIDDLEWARE_CLASSES = list(MIDDLEWARE_CLASSES) + ['mithril.middleware.WhitelistMiddleware']
INSTALLED_APPS = list(INSTALLED_APPS) + ['mithril']