Skip to main content

Django dynamic host helps you validate hostname(origin of client) trying to reach your application dynamically. Django dynamic host helps by-pass the ALLOWED_HOST settings which is restricted to a constant manually added value of hostnames.

Project description

Django dynamic host helps you validate hostname(origin of client) trying to reach your application dynamically. Django dynamic host helps by-pass the ALLOWED_HOST settings which is restricted to a constant manually added value of hostnames

For example, let’s say you are building a distributed system where a number of dynamically registered (domain stored in database) frontend domain consumes your api. It may become difficult adding them manually to ALLOWED_HOST list or creating different settings file for each. well that is where this library comes in handy. What you can do in this case is simple.

  • install the library

    pip install django-dynamic-host
  • add library to INSTALLED_APP and add AllowedHostMiddleWare to middleware. You should add the this middleware to the highest

    INSTALLED_APPS= [
        ...
        "dynamic_host",
    ]
    
    # notice middleware sits at the top...
    MIDDLEWARE = [
        "dynamic_host.middleware.AllowedHostMiddleWare",
        ...
    ]
  • disable allowed host by adding a * to ALLOWED_HOST in settings “this is so django-dynamic-host middleware can take responsibility for allowed_host “

    ALLOWED_HOST=['*']
  • write a simple resolver function that takes in host, request and extra kwargs just in case

    def some_function(host, request,**kwargs):
        """
            add some logic to check domain in database
            or some inmemory database system... this is
            totally up to you
        """
        if cache.exists(host):
            return True
        elif Model.objects.filter(domain=host).exists():
            save_to_cache(host)
            return True
        return False
  • add path the function from settings.py like so

DYNAMIC_HOST_RESOLVER_FUNC="path.to.func"

Installation

First, install the app with your favorite package manager, e.g.:

pip install django-dynamic-host

Then configure your Django to use the app:

  1. Add 'dynamic_host' to your INSTALLED_APPS setting.

  2. Add 'dynamic_host.middleware.AllowedHostMiddleWare' to the beginning of your MIDDLEWARE setting.

  3. DISABLE 'ALLOWED_HOST' by setting it to '['*']' in settings.py so the middleware takes responsibility of checking if host is valid.

  4. Create a new module containing your resolver function,

    e.g. in the resolver.py in any package/directory.

  5. Set the DYNAMIC_HOST_RESOLVER_FUNC setting to the dotted Python

    import path of the module containing your resolver function

    DYNAMIC_HOST_RESOLVER_FUNC = 'path.to.resolver'
  6. Set the DYNAMIC_HOST_RESOLVER_FUNC setting to the PATH of the above function

Configurations

DYNAMIC_HOST_DEFAULT_HOSTS: To add a number of host manually(like you do with ALLOWED_HOST): Assign the list of default allowed hosts to DYNAMIC_HOST_DEFAULT_HOSTS in your settings.py. Note: This does not stop host not listed in DYNAMIC_HOST_DEFAULT_HOSTS from be validated via the resolver_func. Once django dynamic host finds the incoming host in this list it just allows it and doesn’t go future in calling the resolver_func.

DYNAMIC_HOST_ALLOW_ALL: Although it is not recommended to open up to all host, but in some test cases or during development you may want to do so. Setting DYNAMIC_HOST_ALLOW_ALL to True opens your backend to all hosts

DYNAMIC_HOST_ALLOW_SITES: Settings this value to True makes django dynamic host aware of you adding contrib.sites to your installed app. that way sites created via the sites model is automatically allowed.

DYNAMIC_HOST_RESOLVER_FUNC: This holds the string path to your resolver function. this function should return a boolean value. If value is True then the domain is allowed else it is disallowed.

NOTE

When django DEBUG=True there is no need to manually add localhost or 127.0.0.1 as they are automatically added and allowed under the hood.

AllowedHostMiddleWare SHOULD ALWAYS SIT AT THE TOP AS IT’S JOB IS TO FIRST OF ALL VALIDATE IF AN INCOMING REQUEST FROM A HOST SHOULD BE ALLOWED TO GAIN ACCESS TO RESOURCE

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-dynamic-host-0.0.2.tar.gz (6.5 kB view details)

Uploaded Source

Built Distribution

django_dynamic_host-0.0.2-py3-none-any.whl (8.1 kB view details)

Uploaded Python 3

File details

Details for the file django-dynamic-host-0.0.2.tar.gz.

File metadata

  • Download URL: django-dynamic-host-0.0.2.tar.gz
  • Upload date:
  • Size: 6.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.12

File hashes

Hashes for django-dynamic-host-0.0.2.tar.gz
Algorithm Hash digest
SHA256 abd4eaebfa12496618041dcc0bd037c8763f0ab57331c141b4d0a681c835ffa3
MD5 05e82929c88c3e638d19b7162b2ed61f
BLAKE2b-256 5621d069715841d022e6f3b62b0f76326094c6df6e56fc760d1d40085e4c8356

See more details on using hashes here.

File details

Details for the file django_dynamic_host-0.0.2-py3-none-any.whl.

File metadata

File hashes

Hashes for django_dynamic_host-0.0.2-py3-none-any.whl
Algorithm Hash digest
SHA256 669866c241eb1ee136a8b33dd323821dc99d1da3628e1d02a759263c50318652
MD5 f56c46896c25d169e9752afc99055ea7
BLAKE2b-256 d67448dbafa7f8df7d18c840d4a18b61629bb20abaa97a6b40054bc7510c9ed0

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page