我正在尝试将访问某个django视图仅指定给从VPN IP调用的客户端(10.8.0.3)
我的django服务器由apache支持,使用以下.conf
<VirtualHost *>
ServerAdmin webmaster@demo.cl
DocumentRoot /home/project/virtualenvs/env1
ServerName client1.project.cl
ServerAlias www.client1.project.cl
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
<Location "/">
SetHandler python-program
PythonHandler virtualhandler
SetEnv DJANGO_SETTINGS_MODULE project.settings
PythonOption django.root
SetEnv SITE_CLIENT_ID client1
PythonDebug On
PythonPath "['/home/project/virtualenvs/env1/django-site','/home/project/virtualenvs/env1/bin'] + sys.path"
</Location>
Alias /media "/home/project/virtualenvs/env1/lib/python2.6/site-packages/django/contrib/admin/media/"
<Location /media>
SetHandler None
</Location>
<Location /nodesaccess >
order Deny,Allow
Deny from all
Allow from 10.8.0.3
SetHandler python-program
PythonHandler virtualhandler
SetEnv DJANGO_SETTINGS_MODULE project.settings
PythonOption django.root
SetEnv SITE_CLIENT_ID client1
PythonDebug On
PythonPath "['/home/project/virtualenvs/env1/django- site','/home/project/virtualenvs/env1/bin'] + sys.path"
</Location>
</VirtualHost>
此先前的配置允许根据url创建许多django应用程序,我恢复env变量,然后apache加载某个setting.py,它是独占的并且取决于子域。非常有趣
一切正常(我的应用程序),但使用“从10.8.0.3允许”无法拒绝访问
有什么想法吗?
谢谢
答案 0 :(得分:1)
您可以实现一个简单的中间件,它可以阻止允许的IP地址以外的任何请求:
from django.conf import settings
from django.core.urlresolvers import reverse, NoReverseMatch
from django.http import Http404
class InternalUseOnlyMiddleware(object):
def process_request(self, request):
try:
admin_index = reverse('admin:index')
except NoReverseMatch:
return
if not request.path.startswith(admin_index):
return
remote_addr = request.META.get(
'HTTP_X_REAL_IP', request.META.get('REMOTE_ADDR', None))
if not remote_addr in settings.INTERNAL_IPS and not settings.DEBUG:
raise Http404
答案 1 :(得分:0)
您可以使用来自HttpRequest.META(http://docs.djangoproject.com/en/dev/ref/request-response/)的REMOTE_ADDR来检查视图中的请求者IP。如果它与您想要的那个不同,则只返回404或403页。