django - Allowing login depending on hostname (remote) -

-

i have django intranet reachable on http(s)://somename/ , http(s)://10.10.0.30/, using allowed_hosts setting:

allowed_hosts = [u'10.10.0.30', u'somename',]

now i'd allow certain users login website remotely well. first step i'll have add external url (like somename.com) allowed_hosts; no problem there. moment on, everyone account able log in, not want.

i thinking in terms of having group called permitremotelogin - when user part of group, logging in host somename.com allowed. i'm unsure actual implementation and/or whether doable in first place (?).

when searching e.g. djangopackages, no results found. idea whether has been done before?

i've done similar things in past, it's quite easy actually. need replace normal authentication backend own: https://docs.djangoproject.com/en/1.8/topics/auth/customizing/#writing-an-authentication-backend

the default backend looks this: https://github.com/django/django/blob/master/django/contrib/auth/backends.py#l113-143

class modelbackend(object):     ...      def authenticate(self, remote_user):         """         username passed ``remote_user`` considered trusted.          method returns ``user`` object given username,         creating new ``user`` object if ``create_unknown_user`` ``true``.         returns none if ``create_unknown_user`` ``false`` , ``user``         object given username not found in database.         """         if not remote_user:             return         user = none         username = self.clean_username(remote_user)          usermodel = get_user_model()          # note accomplished in 1 try-except clause,         # instead use get_or_create when creating unknown users since has         # built-in safeguards multiple threads.         if self.create_unknown_user:             user, created = usermodel._default_manager.get_or_create(**{                 usermodel.username_field: username             })             if created:                 user = self.configure_user(user)         else:             try:                 user = usermodel._default_manager.get_by_natural_key(username)             except usermodel.doesnotexist:                 pass         return user

what need inherit class , add remote host check it.

something along lines of this:

class hostnameauthenticationbackend(backends.modelbackend):     def authenticate(self, username=none, password=none,                      hostname=none, **kwargs):         user = backends.modelbackend.authenticate(             username=username, password=password, **kwargs)         if user:             # check hostname , groups here             if hostname_correct:                 return user

the 1 tiny snag you'll hit default hostname won't available, you'll have pass along login view authentication backend.


Comments

Post a Comment

Popular posts from this blog

qt - Using float or double for own QML classes -

-
i've created components , helper methods using c++ , qt used in qml gui. of methods calculate gui elements (size, transformations, scene graph items creation). target arm 32 bit using opengl / eglfs render output. opengl using float , qml using real (defined double ). what should use in c++ do not lose precision? if use qreal ( double ) shouldn't lose precision. if git grep float in qtbase.git , can find out bit more: dist/changes-5.2.0-**************************************************************************** dist/changes-5.2.0-* important behavior changes * dist/changes-5.2.0-**************************************************************************** dist/changes-5.2.0- dist/changes-5.2.0- - qt compiled qreal typedef'ed double on dist/changes-5.2.0: platforms. qreal float on arm chipsets before. guarantees more dist/changes-5.2.0- consistent behavior between platforms qt supports, binary dist/chan...
Read more

Create Outlook appointment via C# .Net -

-
i need create outlook appointment using microsoft.office.interop.outlook , while can work locally on own workstation , works if run web application via server's browser, not work when connect server externally. hence, think might permission issue. i changed application pool identity " localsystem " don't access denied error. unfortunately, doesn't work. the app behaves if appointment created, appointment doesn't appear in outlook. here include file on top of aspx.cs page using outlook = microsoft.office.interop.outlook; here code using pop appointment. outlook.application apptapp = new outlook.application(); outlook.appointmentitem appt = apptapp.createitem(outlook.olitemtype.olappointmentitem) outlook.appointmentitem; appt.subject = txtfirstname.text + " " + txtlastname.text; appt.body = txtcomment.text; appt.alldayevent = false; appt.start = datetime.parse(txtreminderdate.text + " 8:00 am"); appt.end = datetime.p...
Read more

ios - Swift Array Resetting Itself -

-
i have 2 arrays: pointhistory , datehistory . have nstimer , , when timer runs out, action called. in action appending int pointhistory , , current date string datehistory . here timer action: func timeraction() { let steppervalue = int(stepper.value) employee.numberofpoints = steppervalue networking.saveemployee(employee, completion: { (error) -> void in if error != nil { let alert = uialertcontroller(title: "error", message: "there error updating \(self.employee.name)'s points", preferredstyle: .alert) let alertaction = uialertaction(title: "ok", style: .cancel, handler: nil) alert.addaction(alertaction) self.presentviewcontroller(alert, animated: true, completion: nil) } }) var dateformatter = nsdateformatter() dateformatter.dateformat = "mm-dd-yyyy" dateformatter.timezone = nstimezone.localtimezone() var date = nsdate() var ...
Read more