Lock down a Django site or individual views, with configurable preview authorization
django-lockdown is a reusable Django application for locking down an entire site (or particular views), with customizable date ranges and preview authorization.
Install from PyPI with easy_install or pip:
pip install django-lockdown
To use django-lockdown in your Django project:
For more advanced customization of admin preview authorization, see the LOCKDOWN_FORM setting.
To lock down the entire site, add the lockdown middleware to your middlewares. How to set this setting depends on the Django version you’re using.
For Django 1.8 and 1.9 use:
MIDDLEWARE_CLASSES = ( # ... 'lockdown.middleware.LockdownMiddleware', )
For Django 1.10 and newer use:
MIDDLEWARE = [ # ... 'lockdown.middleware.LockdownMiddleware', ]
Optionally, you may also add URL regular expressions to a LOCKDOWN_URL_EXCEPTIONS setting.
Import the decorator:
from lockdown.decorators import lockdown
Apply the decorator to individual views you want to protect. For example:
@lockdown() def secret_page(request): # ...
The decorator accepts seven arguments:
Any further keyword arguments are passed to the admin preview form. The default form accepts one argument:
An optional boolean value that, if set to False, disables django-lockdown globally. Defaults to True (lock down enabled).
One or more plain-text passwords which allow the previewing of the site or views protected by django-lockdown:
LOCKDOWN_PASSWORDS = ('letmein', 'beta')
If this setting is not provided (and the default LOCKDOWN_FORM is being used), there will be no admin preview for locked-down pages.
If a LOCKDOWN_FORM other than the default is used, this setting has no effect.
An optional list/tuple of regular expressions to be matched against incoming URLs. If a URL matches a regular expression in this list, it will not be locked. For example:
LOCKDOWN_URL_EXCEPTIONS = ( r'^/about/$', # unlock /about/ r'\.json$', # unlock JSON API )
Used to lock the site down up until a certain date. Set to a datetime.datetime object.
If neither LOCKDOWN_UNTIL nor LOCKDOWN_AFTER is provided (the default), the site or views will always be locked.
Used to lock the site down after a certain date. Set to a datetime.datetime object.
See also: LOCKDOWN_UNTIL.
A key which, if provided in the query string of a locked URL, will log out the user from the preview.
The default lockdown form allows admin preview by entering a preset plain-text password (checked, by default, against the LOCKDOWN_PASSWORDS setting). To set up more advanced methods of authenticating access to locked-down pages, set LOCKDOWN_FORM to the Python dotted path to a Django Form subclass. This form will be displayed on the lockout page. If the form validates when submitted, the user will be allowed access to locked pages:
LOCKDOWN_FORM = 'path.to.my.CustomLockdownForm'
A form for authenticating against django.contrib.auth users is provided with django-lockdown (use LOCKDOWN_FORM = 'lockdown.forms.AuthForm'). It accepts two keyword arguments (in the lockdown decorator):
If using lockdown.forms.AuthForm and this setting is True, only staff users will be allowed to preview (True by default).
Has no effect if not using lockdown.forms.AuthForm.
If using lockdown.forms.AuthForm and this setting is True, only superusers will be allowed to preview (False by default). Has no effect if not using lockdown.forms.AuthForm.
Once a client is authorized for admin preview, they will continue to be authorized for the remainder of their browsing session (using Django’s built-in session support). LOCKDOWN_SESSION_KEY defines the session key used; the default is 'lockdown-allow'.
django-lockdown uses a single template, lockdown/form.html. The default template displays a simple “coming soon” message and the preview authorization form, if a password via LOCKDOWN_PASSWORDS is set.
If you want to use a different template, you can use Djangos template loaders to specify a path inside your project to search for templates, before searching for templates included in django-lockdown.
In your overwritten template the lockdown preview form is available in the template context as form.
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
|File Name & Checksum SHA256 Checksum Help||Version||File Type||Upload Date|
|django_lockdown-1.4.2-py2.py3-none-any.whl (19.3 kB) Copy SHA256 Checksum SHA256||py2.py3||Wheel||Apr 7, 2017|
|django-lockdown-1.4.2.tar.gz (17.4 kB) Copy SHA256 Checksum SHA256||–||Source||Apr 7, 2017|