88 lines
3.3 KiB
Python
88 lines
3.3 KiB
Python
from datetime import datetime, date
|
|
|
|
from django.conf import settings
|
|
from django.http import HttpResponse, HttpResponseRedirect
|
|
|
|
|
|
|
|
class LoggedInHintCookieMiddleware(object):
|
|
"""Middleware to securely help with 'logged-in' detection for dual HTTP/HTTPS sites.
|
|
|
|
On insecure requests: Checks for a (non-secure) cookie settings.LOGGED_IN_HINT_COOKIE_NAME
|
|
and if present, redirects to HTTPS (same adress).
|
|
Note this usually breaks non-GET (POST) requests.
|
|
|
|
On secure requests: Updates cookie settings.LOGGED_IN_HINT_COOKIE_NAME to reflect
|
|
whether an user is logged in in the current session (cookie set to 'True' or cleared).
|
|
The cookie is set to expire at the same time as the sessionid cookie.
|
|
|
|
By default, LOGGED_IN_HINT_COOKIE_NAME = 'logged_in_hint'.
|
|
"""
|
|
|
|
def __init__(self):
|
|
if hasattr(settings, 'LOGGED_IN_HINT_COOKIE_NAME'):
|
|
self.cookie_name = settings.LOGGED_IN_HINT_COOKIE_NAME
|
|
else: self.cookie_name = 'logged_in_hint'
|
|
self.cookie_value = 'True'
|
|
|
|
def cookie_correct(self, request):
|
|
return self.cookie_name in request.COOKIES and request.COOKIES[self.cookie_name] == self.cookie_value
|
|
|
|
def process_request(self, request):
|
|
if not request.is_secure():
|
|
if self.cookie_correct(request):
|
|
# redirect insecure (assuming http) requests with hint cookie to https
|
|
url = request.build_absolute_uri()
|
|
assert url[:5] == 'http:'
|
|
return HttpResponseRedirect('https:' + url[5:])
|
|
return None
|
|
|
|
def process_response(self, request, response):
|
|
if request.is_secure():
|
|
# assuming full session info (as the conn. is secure)
|
|
try:
|
|
user = request.user
|
|
except AttributeError: # no user - ajax or other special request
|
|
return response
|
|
if user.is_authenticated():
|
|
if not self.cookie_correct(request):
|
|
expiry = None if request.session.get_expire_at_browser_close() else request.session.get_expiry_date()
|
|
response.set_cookie(self.cookie_name, value=self.cookie_value, expires=expiry, secure=False)
|
|
else:
|
|
if self.cookie_name in request.COOKIES:
|
|
response.delete_cookie(self.cookie_name)
|
|
return response
|
|
|
|
|
|
class vzhled:
|
|
|
|
def process_request(self, request):
|
|
return None
|
|
|
|
def process_view(self, request, view_func, view_args, view_kwargs):
|
|
#print "====== process_request ======"
|
|
#print view_func
|
|
#print view_args
|
|
#print view_kwargs
|
|
#print "============================="
|
|
return None
|
|
|
|
def process_template_response(self, request, response):
|
|
hodin = datetime.now().hour
|
|
if (hodin <= 6) or (hodin >= 14): # TODO 20
|
|
response.context_data['noc'] = True
|
|
else:
|
|
response.context_data['noc'] = False
|
|
return response
|
|
|
|
def process_response(self, request, response):
|
|
#hodin = datetime.now().hour
|
|
#if (hodin <= 6) or (hodin >= 14): # TODO 20
|
|
#response.context_data['noc'] = True
|
|
#else:
|
|
#response.context_data['noc'] = False
|
|
return response
|
|
|
|
|
|
##def process_exception(request, exception):
|
|
#pass
|