Add a XForwardedForMiddleware middleware (#6922)
It allows authentic to automatically get the real ip when behind Gunicorn+nginx.
This commit is contained in:
parent
e867d7fba7
commit
4f3359f075
|
@ -1,6 +1,10 @@
|
|||
import os
|
||||
import warnings
|
||||
|
||||
|
||||
# Add the XForwardedForMiddleware
|
||||
MIDDLEWARE_CLASSES = ('authentic2.middleware.XForwardedForMiddleware',) + MIDDLEWARE_CLASSES
|
||||
|
||||
# Debian defaults
|
||||
DEBUG = False
|
||||
|
||||
|
|
|
@ -43,6 +43,7 @@ TEMPLATE_LOADERS = ('hobo.multitenant.template_loader.FilesystemLoader',) + TEMP
|
|||
TEMPLATE_CONTEXT_PROCESSORS = ('django.core.context_processors.request',) + TEMPLATE_CONTEXT_PROCESSORS
|
||||
|
||||
MIDDLEWARE_CLASSES = (
|
||||
'authentic2.middleware.XForwardedForMiddleware',
|
||||
'hobo.multitenant.middleware.TenantMiddleware',
|
||||
'hobo.multitenant.middleware.TenantSettingsMiddleware',
|
||||
) + MIDDLEWARE_CLASSES
|
||||
|
|
|
@ -149,3 +149,13 @@ class ViewRestrictionMiddleware(object):
|
|||
if view == 'auth_password_change':
|
||||
messages.warning(request, _('You must change your password to continue'))
|
||||
return utils.redirect_and_come_back(request, view)
|
||||
|
||||
class XForwardedForMiddleware():
|
||||
'''Copy the first address from X-Forwarded-For header to the REMOTE_ADDR meta.
|
||||
|
||||
This middleware should only be used if you are sure the header cannot be
|
||||
forged (behind a reverse proxy for example).'''
|
||||
def process_request(self, request):
|
||||
if 'HTTP_X_FORWARDED_FOR' in request.META:
|
||||
request.META['REMOTE_ADDR'] = request.META['HTTP_X_FORWARDED_FOR'].split(",")[0].strip()
|
||||
return None
|
||||
|
|
Loading…
Reference in New Issue