Projet

Général

Profil

0001-Add-a-XForwardedForMiddleware-middleware-6922.patch

Benjamin Dauvergne, 09 avril 2015 15:58

Télécharger (3,2 ko)

Voir les différences: 

Subject: [PATCH 1/3] Add a XForwardedForMiddleware middleware (#6922)

It allows authentic to automatically get the real ip when behind
Gunicorn+nginx.

 debian-wheezy/debian_config.py             |  4 ++++
 debian-wheezy/multitenant/debian_config.py |  1 +
 src/authentic2/middleware.py               | 10 ++++++++++
 3 files changed, 15 insertions(+)
debian-wheezy/debian_config.py
1 1 
import os
2 2 
import warnings
3 3 

  		




  
  4
  
    

  		




  
  5
  
    
# Add the XForwardedForMiddleware

  		




  
  6
  
    
MIDDLEWARE_CLASSES = ('authentic2.middleware.XForwardedForMiddleware',) + MIDDLEWARE_CLASSES

  		




  
  7
  
    

  		




  4
  8
  
    
# Debian defaults

  		




  5
  9
  
    
DEBUG = False

  		




  6
  10
  
    

  		




  7
  11
  
    
STATIC_ROOT = '/var/lib/authentic2/collectstatic/'

  		




  8
  12
  
    
STATICFILES_DIRS = ('/var/lib/authentic2/static',) + STATICFILES_DIRS

  		




  9
  13
  
    
TEMPLATE_DIRS = ('/var/lib/authentic2/templates',) + TEMPLATE_DIRS

  		




  10
  14
  
    

  		




  11
  15
  
    
ADMINS = (('root', 'root@localhost'),)

  		












  

    
      debian-wheezy/multitenant/debian_config.py
    
  





  38
  38
  
    

  		




  39
  39
  
    
INSTALLED_APPS = ('hobo.multitenant', 'hobo.agent.authentic2') + INSTALLED_APPS

  		




  40
  40
  
    

  		




  41
  41
  
    
TEMPLATE_LOADERS = ('hobo.multitenant.template_loader.FilesystemLoader',) + TEMPLATE_LOADERS

  		




  42
  42
  
    

  		




  43
  43
  
    
TEMPLATE_CONTEXT_PROCESSORS = ('django.core.context_processors.request',) + TEMPLATE_CONTEXT_PROCESSORS

  		




  44
  44
  
    

  		




  45
  45
  
    
MIDDLEWARE_CLASSES = (

  		




  
  46
  
    
    'authentic2.middleware.XForwardedForMiddleware',

  		




  46
  47
  
    
    'hobo.multitenant.middleware.TenantMiddleware',

  		




  47
  48
  
    
    'hobo.multitenant.middleware.TenantSettingsMiddleware',

  		




  48
  49
  
    
) + MIDDLEWARE_CLASSES

  		




  49
  50
  
    

  		




  50
  51
  
    
TENANT_SETTINGS_LOADERS = (

  		




  51
  52
  
    
    'hobo.multitenant.settings_loaders.TemplateVars',

  		




  52
  53
  
    
    'hobo.multitenant.settings_loaders.Authentic',

  		




  53
  54
  
    
)

  		












  

    
      src/authentic2/middleware.py
    
  





  144
  144
  
    
    def process_view(self, request, view_func, view_args, view_kwargs):

  		




  145
  145
  
    
        '''If current view is not the one we should be, redirect'''

  		




  146
  146
  
    
        view = self.check_view_restrictions(request)

  		




  147
  147
  
    
        if not view or request.resolver_match.url_name in (view, 'auth_logout'):

  		




  148
  148
  
    
            return

  		




  149
  149
  
    
        if view == 'password_change':

  		




  150
  150
  
    
            messages.warning(request, _('You must change your password to continue'))

  		




  151
  151
  
    
        return utils.redirect_and_come_back(request, view)

  		




  
  152
  
    

  		




  
  153
  
    
class XForwardedForMiddleware():

  		




  
  154
  
    
    '''Copy the first address from X-Forwarded-For header to the REMOTE_ADDR meta.

  		




  
  155
  
    

  		




  
  156
  
    
       This middleware should only be used if you are sure the header cannot be

  		




  
  157
  
    
       forged (behind a reverse proxy for example).'''

  		




  
  158
  
    
    def process_request(self, request):

  		




  
  159
  
    
        if 'HTTP_X_FORWARDED_FOR' in request.META:

  		




  
  160
  
    
            request.META['REMOTE_ADDR'] = request.META['HTTP_X_FORWARDED_FOR'].split(",")[0].strip()

  		




  
  161
  
    
            return None

  		




  152
  
  
    
-