Django middleware that displays debug tracebacks on production sites (where you would have `DEBUG = False`) only to developers.
This is a middleware that displays debug tracebacks on production sites (where you would have DEBUG = False) only to developers. Developers have to install a special userscript to decode the traceback data. AES-256 (CBC mode) is used to encrypt the traceback. The decode key and client key are hashes of your SECRET_KEY with salts so your SECRET_KEY is safe even if your userscript gets in the wrong place.
Google Chrome and Firefox are supported. If you want to use something else you have to find a way to install the userscript yourself.
There’s also a decode page in the admin in case you get user reports with the encrypted data.
The error page and decrypt flow looks like this:
pip install django-monkey-team
Change your Django project settings to have:
INSTALLED_APPS += ( 'monkey_team', ) MIDDLEWARE_CLASSES += ( 'monkey_team.middleware.MonkeyTeamMiddleware', ) DEBUG = False
Note, that if you want DEBUG = True and still have the middleware on you need to set:
MONKEY_FORCE_ACTIVE = True
Then go to django admin and install the userscript. The setup page looks like this: