0001-Add-a-XForwardedForMiddleware-middleware-6922.patch
debian-wheezy/debian_config.py | ||
---|---|---|
1 | 1 |
import os |
2 | 2 |
import warnings |
3 | 3 | |
4 | ||
5 |
# Add the XForwardedForMiddleware |
|
6 |
MIDDLEWARE_CLASSES = ('authentic2.middleware.XForwardedForMiddleware',) + MIDDLEWARE_CLASSES |
|
7 | ||
4 | 8 |
# Debian defaults |
5 | 9 |
DEBUG = False |
6 | 10 | |
7 | 11 |
STATIC_ROOT = '/var/lib/authentic2/collectstatic/' |
8 | 12 |
STATICFILES_DIRS = ('/var/lib/authentic2/static',) + STATICFILES_DIRS |
9 | 13 |
TEMPLATE_DIRS = ('/var/lib/authentic2/templates',) + TEMPLATE_DIRS |
10 | 14 | |
11 | 15 |
ADMINS = (('root', 'root@localhost'),) |
debian-wheezy/multitenant/debian_config.py | ||
---|---|---|
38 | 38 | |
39 | 39 |
INSTALLED_APPS = ('hobo.multitenant', 'hobo.agent.authentic2') + INSTALLED_APPS |
40 | 40 | |
41 | 41 |
TEMPLATE_LOADERS = ('hobo.multitenant.template_loader.FilesystemLoader',) + TEMPLATE_LOADERS |
42 | 42 | |
43 | 43 |
TEMPLATE_CONTEXT_PROCESSORS = ('django.core.context_processors.request',) + TEMPLATE_CONTEXT_PROCESSORS |
44 | 44 | |
45 | 45 |
MIDDLEWARE_CLASSES = ( |
46 |
'authentic2.middleware.XForwardedForMiddleware', |
|
46 | 47 |
'hobo.multitenant.middleware.TenantMiddleware', |
47 | 48 |
'hobo.multitenant.middleware.TenantSettingsMiddleware', |
48 | 49 |
) + MIDDLEWARE_CLASSES |
49 | 50 | |
50 | 51 |
TENANT_SETTINGS_LOADERS = ( |
51 | 52 |
'hobo.multitenant.settings_loaders.TemplateVars', |
52 | 53 |
'hobo.multitenant.settings_loaders.Authentic', |
53 | 54 |
) |
src/authentic2/middleware.py | ||
---|---|---|
144 | 144 |
def process_view(self, request, view_func, view_args, view_kwargs): |
145 | 145 |
'''If current view is not the one we should be, redirect''' |
146 | 146 |
view = self.check_view_restrictions(request) |
147 | 147 |
if not view or request.resolver_match.url_name in (view, 'auth_logout'): |
148 | 148 |
return |
149 | 149 |
if view == 'password_change': |
150 | 150 |
messages.warning(request, _('You must change your password to continue')) |
151 | 151 |
return utils.redirect_and_come_back(request, view) |
152 | ||
153 |
class XForwardedForMiddleware(): |
|
154 |
'''Copy the first address from X-Forwarded-For header to the REMOTE_ADDR meta. |
|
155 | ||
156 |
This middleware should only be used if you are sure the header cannot be |
|
157 |
forged (behind a reverse proxy for example).''' |
|
158 |
def process_request(self, request): |
|
159 |
if 'HTTP_X_FORWARDED_FOR' in request.META: |
|
160 |
request.META['REMOTE_ADDR'] = request.META['HTTP_X_FORWARDED_FOR'].split(",")[0].strip() |
|
161 |
return None |
|
152 |
- |