@@ -42,51 +42,40 @@ configuration.
4242## Usage
4343
4444After connecting the Django Forbid to your project, you can define the set of desired zones to be forbidden or allowed.
45- And there are four setting variables for describing any of your specific needs:
46-
47- - ` WHITELIST_COUNTRIES ` and ` WHITELIST_TERRITORIES ` - Correspondingly, the list of countries and territories that are
48- allowed to access the site.
49- - ` FORBIDDEN_COUNTRIES ` and ` FORBIDDEN_TERRITORIES ` - Correspondingly, the list of countries and territories that are
50- forbidden to access the site.
51-
52- Forbidden countries and territories have a higher priority than allowed ones. If a country or territory is in both
53- lists, then the user will be forbidden. And if the user is not allowed to access the resource, it will be redirected to
54- the ` FORBIDDEN_URL ` page if the variable is set in your Django project's settings.
55-
56- ``` python
57- # Only US, GB, and EU countries are allowed to access the site.
58- WHITELIST_COUNTRIES = [' US' ' GB'
59- WHITELIST_TERRITORIES = [' EU'
60- ```
61-
62- Needs can be different, so you can use any combination of these variables to describe your special needs.
45+ All you need is to set the ` DJANGO_FORBID ` variable in your project's settings. It should be a dictionary with the
46+ following keys:
47+
48+ - ` COUNTRIES ` - list of countries to permit or forbid access to
49+ - ` TERRITORIES ` - list of territories to permit or forbid access to
50+ - ` OPTIONS ` - a dictionary for additional settings
51+ - ` ACTION ` - whether to ` PERMIT ` or ` FORBID ` access to the listed zones (default is ` FORBID ` )
52+ - ` PERIOD ` - time in seconds to check for access again, 0 means on each request
53+ - ` VPN ` - use VPN detection and forbid access to VPN users
54+ - ` URL ` - set of URLs to redirect to when the user is located in a forbidden country or using a VPN
55+ - ` FORBIDDEN_LOC ` - the URL to redirect to when the user is located in a forbidden country
56+ - ` FORBIDDEN_VPN ` - the URL to redirect to when the user is using a VPN
6357
6458``` python
65- # Forbid access for African countries and Russia, Belarus, and North Korea.
66- FORBIDDEN_COUNTRIES = [' RU' ' BY' ' KP'
67- FORBIDDEN_TERRITORIES = [' AF'
59+ DJANGO_FORBID = {
60+ ' COUNTRIES' ' US' ' GB'
61+ ' TERRITORIES' ' EU'
62+ ' OPTIONS'
63+ ' ACTION' ' PERMIT'
64+ ' PERIOD' 300 ,
65+ ' VPN' True ,
66+ ' URL'
67+ ' FORBIDDEN_LOC' ' forbidden_country'
68+ ' FORBIDDEN_VPN' ' forbidden_network'
69+ },
70+ },
71+ }
6872```
6973
7074The available ISO 3166 alpha-2 country codes are listed in [ here] ( https://www.iban.com/country-codes ) . And the available
7175ISO continent codes are: ` AF ` - Africa, ` AN ` - Antarctica, ` AS ` - Asia, ` EU ` - Europe, ` NA ` - North America, ` OC ` -
7276Oceania and ` SA ` - South America.
7377
74- ### Check access on timeout
75-
76- Without additional configuration, the middleware will check the user's access on every request. This can slow down the
77- site. To avoid this, you can use the ` FORBID_TIMEOUT ` variable to set the cache timeout in seconds. When the timeout
78- expires, the middleware will check the user's access again.
79-
80- ``` python
81- # Check the user's access every 10 minutes.
82- FORBID_TIMEOUT = 60 * 10
83- ```
84-
85- ### Detect usage of a VPN
86-
87- If you want to detect the usage of a VPN, you can use the ` FORBID_VPN ` variable. When this variable is set to ` True ` ,
88- the middleware will check if the user's timezone matches the timezone the IP address belongs to. If the timezones do not
89- match, the user will be considered in the usage of a VPN and forbidden to access the site.
78+ _ None of the settings are required. If you don't specify any settings, the middleware will not do anything._
9079
9180## Contribute
9281
0 commit comments