mirror/peeringdb-peeringdb
1
0
Fork 0
mirror of https://github.com/peeringdb/peeringdb.git synced 2024-05-11 05:55:09 +00:00
Code Releases Activity
Files
a0f1970fecf5444e792d4e33e01526c3fc0a1ae4
peeringdb-peeringdb/docs/dev/modules/middleware.py.md
Stefan Pratter a0f1970fec Support 202211 (#1304) 
* Carrier object implementation #909

* API keys: disabling of user account by a PeeringDB admin does not disable access via a User API key. Also no disable mech, only revoke. #1140

* Ops: django needs lightweight healthcheck route that confirms database connectivity #1284

* Ops: various indexes are needed #1285

* API requests with invalid Authentication headers should notify users in some way. #1220

* Allow user to change account username #1130

* UX to remove carriers from facilities more inline the other similar UX

* more UX fixes for removing carriers from facilities

* Cache hints are needed for optimal CDN use #970

* fixes Commandline tool "Run command" button gone #1278

* RIR status gets deleted when changes are made to the network #1279

* Improve MTU field #658

* CSRF cookie not set error from email confirmation view #1296

* expose CSP_CONNECT_SRC

* fix confirm email path checking in session middleware

* Ops: Emails to OPERATIONS_EMAIL need to be rate-limited #1282

* add website field to carrier ux

* website field on carrier optional with org fallback

* linting

* add *.google-analytics.com to CSP_CONNECT_SRC

* poetry relock

* fix issues with confirm-email reverse during session creation validation

* fix tests

* fix tests

* pin django-peeringdb to support_202211

* linting

* django ratelimit to <4

* regen docs

* fix automated net stats to only include networks with status `ok` #1283

* linting

* poetry lock

Co-authored-by: Matt Griswold <grizz@20c.com>
2023-01-18 10:32:46 -06:00

3.0 KiB
Raw Blame History

Generated from middleware.py on 2023-01-17 22:33:48.360745

peeringdb_server.middleware

Custom django middleware.

Classes

CacheControlMiddleware

CacheControlMiddleware(django.utils.deprecation.MiddlewareMixin)

Sets the Cache-Control s-maxage header on responses

CurrentRequestContext

CurrentRequestContext(builtins.object)

Middleware that sets the current request context.

This allows access to the current request from anywhere.

Methods

_call_

def __call__(self, request)

Call self as a function.

_init_

def __init__(self, get_response)

Initialize self. See help(type(self)) for accurate signature.

HttpResponseUnauthorized

HttpResponseUnauthorized(django.http.response.HttpResponse)

An HTTP response class with a string as content.

This content can be read, appended to, or replaced.

PDBCommonMiddleware

PDBCommonMiddleware(django.middleware.common.CommonMiddleware)

"Common" middleware for taking care of some basic operations:

- Forbid access to User-Agents in settings.DISALLOWED_USER_AGENTS

- URL rewriting: Based on the APPEND_SLASH and PREPEND_WWW settings,
  append missing slashes and/or prepends missing "www."s.

    - If APPEND_SLASH is set and the initial URL doesn't end with a
      slash, and it is not found in urlpatterns, form a new URL by
      appending a slash at the end. If this new URL is found in
      urlpatterns, return an HTTP redirect to this new URL; otherwise
      process the initial URL as usual.

  This behavior can be customized by subclassing CommonMiddleware and
  overriding the response_redirect_class attribute.

Methods

process_request

def process_request(self, request)

Check for denied User-Agents and rewrite the URL based on settings.APPEND_SLASH and settings.PREPEND_WWW

PDBPermissionMiddleware

PDBPermissionMiddleware(django.utils.deprecation.MiddlewareMixin)

Middleware that checks if the current user has the correct permissions to access the requested resource.

Methods

get_username_and_password

def get_username_and_password(self, http_auth)

Get the username and password from the HTTP auth header.

response_unauthorized

def response_unauthorized(self, request, status=None, message=None)

Return a Unauthorized response.

PDBSessionMiddleware

PDBSessionMiddleware(django.contrib.sessions.middleware.SessionMiddleware)

As PeeringDB gets a lot of repeated anonymous requests that do not store and re-use session cookies this lead to substantial amount of junk django session objects.

It was decided in #1205 that new django sessions are only to be established On the login and registration processes.

Methods

process_response

def process_response(self, request, response)

If request.session was modified, or if the configuration is to save the session every time, save the changes and set a session cookie or delete the session cookie if the session has been emptied.

View Git Blame Copy Permalink