Secure your Django app by controlling the access - grant or deny user access based on device and location, including VPN detection.
Project description
Django Forbid
Secure your Django app by controlling the access - grant or deny user access based on device and location, including VPN detection.
Install
python -m pip install django-forbid
Configuration
Add the django_forbid.apps.ForbidConfig
to your INSTALLED_APPS
in your Django project's settings.py file.
INSTALLED_APPS = [
..., # other apps
'django_forbid.apps.ForbidConfig',
]
Also, add the django_forbid.middleware.ForbidMiddleware
to the MIDDLEWARE
list of the project.
MIDDLEWARE = [
..., # other middlewares
'django_forbid.middleware.ForbidMiddleware',
]
Configuring the GEOIP_PATH
variable in your project's settings is important. This variable should contain the path to
the GeoLite2 database file. You should download the database and
follow the Django documentation for proper
configuration.
Usage
After connecting the Django Forbid to your project, you can define the set of desired zones to be forbidden or allowed.
All you need is to set the DJANGO_FORBID
variable in your project's settings. It should be a dictionary with the
following keys:
DEVICES
- list of devices to permit or forbid access toCOUNTRIES
- list of countries to permit or forbid access toTERRITORIES
- list of territories to permit or forbid access toOPTIONS
- a dictionary for additional settingsACTION
- whether toPERMIT
orFORBID
access to the listed zones (default isFORBID
)PERIOD
- time in seconds to check for access again, 0 means on each requestVPN
- use VPN detection and forbid access to VPN usersURL
- set of URLs to redirect to when the user is located in a forbidden country or using a VPNFORBIDDEN_LOC
- the URL to redirect to when the user is located in a forbidden countryFORBIDDEN_VPN
- the URL to redirect to when the user is using a VPNFORBIDDEN_KIT
- the URL to redirect to when the user is using a forbidden device
Unlike the COUNTRIES
and TERRITORIES
, where the middleware decides whether to permit or forbid access based on the
given ACTION
value, the DEVICES
list accepts device types where the names starting with !
are forbidden. This is
done to make it possible to make them all mix together.
# Forbid access to all devices that have a small screen.
'DEVICES': ['!car', '!player', '!peripheral', '!camera']
# Allow access to all devices having regular or large screens.
'DEVICES': ['desktop', 'smartphone', 'console', 'tablet', 'tv']
The available device types are: smartphone
, peripheral
- refers to all hardware components that are attached to a
computer, wearable
- common types of wearable technology include smartwatches and smartglasses, phablet
- a
smartphone having a larger screen, console
- PlayStation, Xbox, etc., display
, speaker
- Google Assistant, Siri,
Alexa, etc., desktop
, tablet
, camera
, player
- iPod, Sony Walkman, Creative Zen, etc., phone
, car
- refers
to a car browser and tv
- refers to TVs having internet access.
DJANGO_FORBID = {
'DEVICES': ['desktop', 'smartphone', 'console', 'tablet', 'tv'],
'COUNTRIES': ['US', 'GB'],
'TERRITORIES': ['EU'],
'OPTIONS': {
'ACTION': 'PERMIT',
'PERIOD': 300,
'VPN': True,
'URL': {
'FORBIDDEN_LOC': 'forbidden_location',
'FORBIDDEN_VPN': 'forbidden_network',
'FORBIDDEN_KIT': 'forbidden_device',
},
},
}
The available country codes in the required ISO 3166 alpha-2 format are
listed here. And the available continent codes (territories) are: AF
-
Africa, AN
- Antarctica, AS
- Asia, EU
- Europe, NA
- North America, OC
- Oceania and SA
- South America.
None of the settings are required. If you don't specify any settings, the middleware will not do anything.
Contribute
Any contribution is welcome. If you have any ideas or suggestions, feel free to open an issue or a pull request. And don't forget to add tests for your changes.
License
Copyright (C) 2023 Artyom Vancyan. MIT
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for django_forbid-0.0.6-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1d71a2086a6a7fd0e5f9ff57e75b316c5a78df97057ed59098d92db107462c8b |
|
MD5 | 239253ba5b1e02aaa62c488da81fa41d |
|
BLAKE2b-256 | 5ea419f2380489f7b207197dcecf9f23d8f1175f2386cffe3bec11a484085270 |