The internal_view decorator makes a view accessible only from INTERNAL_IPS. Handy for exposing internal APIs.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | import functools
from django.conf import settings
from django.http import HttpResponseForbidden
from django.views.decorators.csrf import csrf_exempt
def internal_view(view):
'''Decorates a view as accessible from INTERNAL_IPS only.
As a convenience, the view is also decorated with ``csrf_exempt``.
'''
@functools.wraps(view)
def wrapper_view(request, *args, **kwds):
remote_addr = request.META.get('HTTP_X_REAL_IP',
request.META.get('REMOTE_ADDR', None))
if not (settings.DEBUG or remote_addr in settings.INTERNAL_IPS):
return HttpResponseForbidden('Internal view')
return view(request, *args, **kwds)
return csrf_exempt(wrapper_view)
|
More like this
- Add Toggle Switch Widget to Django Forms by OgliariNatan 1 month, 4 weeks ago
- get_object_or_none by azwdevops 5 months, 2 weeks ago
- Mask sensitive data from logger by agusmakmun 7 months, 2 weeks ago
- Template tag - list punctuation for a list of items by shapiromatron 1 year, 9 months ago
- JSONRequestMiddleware adds a .json() method to your HttpRequests by cdcarter 1 year, 9 months ago
Comments
Please login first before commenting.