-
Notifications
You must be signed in to change notification settings - Fork 0
/
middleware.py
91 lines (72 loc) · 3.25 KB
/
middleware.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
from urllib import parse
from django.conf import settings
from django.contrib.auth.middleware import RemoteUserMiddleware as RemoteUserMiddleware_
from django.db import ProgrammingError
from django.http import Http404, HttpResponseRedirect
from django.urls import reverse
from .api import is_api_request
from .views import server_error
class LoginRequiredMiddleware(object):
"""
If LOGIN_REQUIRED is True, redirect all non-authenticated users to the login page.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
if settings.LOGIN_REQUIRED and not request.user.is_authenticated:
# Redirect unauthenticated requests to the login page. API requests are exempt from redirection as the API
# performs its own authentication. Also metrics can be read without login.
api_path = reverse('api-root')
if not request.path_info.startswith((api_path, '/metrics')) and request.path_info != settings.LOGIN_URL:
return HttpResponseRedirect(
'{}?next={}'.format(
settings.LOGIN_URL,
parse.quote(request.get_full_path_info())
)
)
return self.get_response(request)
class RemoteLDAPMiddleware(RemoteUserMiddleware_):
"""
Custom implementation of Django's RemoteUserMiddleware which allows for a user-configurable HTTP header name.
"""
@property
def header(self):
return settings.REMOTE_AUTH_HEADER
class APIVersionMiddleware(object):
"""
If the request is for an API endpoint, include the API version as a response header.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
response = self.get_response(request)
if is_api_request(request):
response['API-Version'] = settings.REST_FRAMEWORK_VERSION
return response
class ExceptionHandlingMiddleware(object):
"""
Intercept certain exceptions which are likely indicative of installation issues and provide helpful instructions
to the user.
"""
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
return self.get_response(request)
def process_exception(self, request, exception):
# Don't catch exceptions when in debug mode
if settings.DEBUG:
return
# Ignore Http404s (defer to Django's built-in 404 handling)
if isinstance(exception, Http404):
return
# Determine the type of exception. If it's a common issue, return a custom error page with instructions.
custom_template = None
if isinstance(exception, ProgrammingError):
custom_template = 'exceptions/programming_error.html'
elif isinstance(exception, ImportError):
custom_template = 'exceptions/import_error.html'
elif isinstance(exception, PermissionError):
custom_template = 'exceptions/permission_error.html'
# Return a custom error message, or fall back to Django's default 500 error handling
if custom_template:
return server_error(request, template_name=custom_template)