Skip to main content
Help us improve PyPI by participating in user testing. All experience levels needed!

IP Whitelisting for Django

Project description

# Mithril

````

,--. ,--. ,--. ,--.,--.
,--,--,--.`--',-' '-.| ,---. ,--.--.`--'| |
| |,--.'-. .-'| .-. || .--',--.| |
| | | || | | | | | | || | | || |
`--`--`--'`--' `--' `--' `--'`--' `--'`--'

````

A Django application providing decorators, middleware, and authentication
backends for IP whitelisting.

> ### WARNING
>
> We grab IP address information from `request.META` -- which is potentially
> spoofable. Make sure your gateway servers don't allow rewriting of the headers
> you're targeting.

## Getting Started

Mithril works by providing two new models -- `Whitelist` and `Range` -- that you
make a foreign key to from your objects. You define a `mithril.strategy.Strategy`
subclass to describe to mithril how you would like to obtain a `Whitelist` from
a request.

````python
# myapp/models.py
from django.db import models
from django.contrib.sites.models import Site
from mithril.models import Whitelist

class SiteACL(models.Model):
site = models.OneToOneField(Site)
whitelist = models.ForeignKey(Whitelist, related_name='site_acl')

# myapp/strategy.py
from mithril.strategy import Strategy
from django.conf import settings
from myapp.models import SiteACL

class MyStrategy(Strategy):
# a tuple of `method name` -> `lookup to apply`.
# if the method does not exist, or returns None, it
# continues to the next tuple.
actions = (
('view_on_site', 'site_acl__pk')
)

def view_on_site(self, request, view, *view_args, **view_kwargs):
try:
site_acl = SiteACL.objects.get(site__pk=settings.SITE_ID)
return site_acl.pk
except SiteACL.DoesNotExist:
pass

# settings.py

MITHRIL_STRATEGY = 'myapp.strategy.MyStrategy'
MIDDLEWARE_CLASSES = list(MIDDLEWARE_CLASSES) + ['mithril.middleware.WhitelistMiddleware']
INSTALLED_APPS = list(INSTALLED_APPS) + ['mithril']

````

Project details


Release history Release notifications

This version
History Node

0.0.9

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page