Re: Django needs for normal sequence of handlers for request processing
it's last:
I don't know how to provide order of processing outside middlewares...
i stopped on this:
settings.py:
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'middleware.handlers.Handler',
)
middleware handlers:
import re
from django.http import HttpResponseRedirect
class Handler(object):
def process_request(self, request, *args, **kwargs):
self.__class__.handlers = []
def process_view(self, request, view_func, view_args,
view_kwargs):
if 'h_LoginRequired' in view_kwargs:
res = self.LoginRequired(request, view_kwargs
['h_LoginRequired'])
if res is not None:
return res
del view_kwargs['h_LoginRequired']
if 'h_PermissionRequired' in view_kwargs:
res = self.PermissionRequired(request, view_kwargs
['h_PermissionRequired'])
if res is not None:
return res
del view_kwargs['h_PermissionRequired']
''' add your handlers here:
def myHandler(self, request, *args, **kwargs):
if all_is_okay():
return None
return HttpResponseRedirect('/a_bad_result_page.html') #
for example
'''
def LoginRequired(self, request, *args, **kwargs):
if request is not None:
if request.user is not None and
request.user.is_authenticated():
return None
return HttpResponseRedirect('/login.html')
def PermissionRequired(self, request, *args, **kwargs):
# check permissions for access to '^members/account/' area
return None
urls.py:
(r'^members/', include('members.urls'), {'h_LoginRequired':{}}),
members.urls:
(r'^private/', include('members.private.urls'), {
'h_PermissionRequired':{
'handler_arg_name1':'handler_value1',
'handler_arg_name2':'handler_value2',
},
'view_arg_name1':'view_value1',
'view_arg_name2':'view_value2',
}
),
development process:
1. make new handler in middleware.Handler
2. add handler processing to Handler. process_view(..)
3. in urls.py create "h_HandlerName" view_param
i've no idea normal handler conveyer about
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
Re: Django needs for normal sequence of handlers for request processing
here's my crutch (just for the idea illustrating):
pre-pre-pre-alpha :)
settins.py
MIDDLEWARE_CLASSES = (
'middleware.handlers.Handler', # only first. it's posthandler
processor builder
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'middleware.handlers.HandlerProcessor', # posthandlers processor
)
middleware.handlers:
class HandlerProcessor(object):
def process_request(self, request, *args, **kwargs):
pass
def process_view(self, request, view_func, view_args,
view_kwargs):
# pops handlers list
while len(Handler.handlers) > 0:
name = Handler.handlers.pop()
if name in dir(Handler) and callable(getattr(Handler,
name)):
call = 'Handler.'+name+'(request)'
try:
result = eval(call)
if not result == None:
return result
except Exception, ex:
return HttpResponseRedirect('/500.html')
else:
return HttpResponseRedirect('/500.html')
class Handler(object):
def process_request(self, request, *args, **kwargs):
self.__class__.handlers = []
def add_handler(self, handler):
self.__class__.handlers.append(handler)
def process_view(self, request, view_func, view_args,
view_kwargs):
# this method check
ch = re.compile(r'^hnd_(.*)$')
for hname in view_kwargs:
hl = ch.findall(hname)
if len(hl) > 0:
# if you need, save view_kwargs[hname] values (it's
params for this handler)
self.add_handler(hl[0])
# dont forget del view_kwargs[hname]
''' add your handlers here:
def myHandler(self, request, *args, **kwargs):
if smth_wrong():
return HttpResponseRedirect('/a_bad_result_page.html') #
for example
'''
def LoginRequired(self, request, *args, **kwargs):
if user is not logged in:
return HttpResponseRedirect('/login.html')
def PermissionRequired(self, request, *args, **kwargs):
# check permissions for access to '^members/account/' area
pass
in urls.py
(r'^members/', include('members.urls'), {'hnd_LoginRequired':{}}),
in members/urls.py
(r'^account/', include('members.account.urls'), {
'hnd_PermissionRequired':{
'handler_arg_name1':'handler_value1',
'handler_arg_name2':'handler_value2',
},
'view_arg_name1':'view_value1',
'view_arg_name2':'view_value2',
}
),
something like this.. :)
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
Re: Django needs for normal sequence of handlers for request processing
megathanks to all
I will try to use something like:
(r'^members/', include('members.urls'), {'auth':True})
but {'auth':True} will consist of name of handler (handlers)
I'll try to create 1 middleware to process this filters. All handlers
will be called according by its names.
Yes, this is a crutch. But maybe it will be work...
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
Re: Django needs for normal sequence of handlers for request processing
Oh, forgot there are also signals that might help. http://docs.djangoproject.com/en/dev/ref/signals/#module-django.core.signals :) -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
Re: Django needs for normal sequence of handlers for request processing
Not sure if this would solve the problem, but have a look at django.utils.ddecorators.decorator_from_middleware. """ Given a middleware class (not an instance), returns a view decorator. This lets you use middleware functionality on a per-view basis. """ This also might be best discussed on django-users for now. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-develop...@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
Re: Django needs for normal sequence of handlers for request processing
Hi Serg,
(replying to the list)
On Thu, Nov 26, 2009 at 4:09 AM, serg wrote:
>
> hmm.. yes. it's almost the same i mean.
> but, all middlewares calls for each request... It's bad (imho).
> also in 99.99% cases it wil be work nice...
> thanks!
>
> This method {'filter_ip':True} is unsafe.
>
> Look:
> First developer defined MembersAreaAuthMiddleware
> and create:
> (r'^members/', include('members.urls'), {'auth':True}),
> and second developer defined SmtpMiddleware
> (r'^private/', include('public.private.urls'), {'auth':True}),
> Conflict.
>
> If use params as names of handlers... And call them into one
> middleware... Hmm.. It will be normal handlers :)
>
Sure, I didn't say it was perfect! Just one possible solution. I doubt
the overhead of one extra function call for the middleware is going to
make that big a difference...
Rob :)
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
Re: Django needs for normal sequence of handlers for request processing
On Wed, Nov 25, 2009 at 11:08 PM, serg wrote:
>
> For example:
you can already do something like this (middleware conditional on
urls) via the view middleware mechanism.
in urls:
...
(r'^members/private/', include('members.private.urls'), {'filter_ip':True}),
...
then the middleware:
class FilterIPMiddleware(object):
def process_view(self, request, view_func, view_args, view_kwargs):
if view_kwargs.get('filter_ip'):
del view_kwargs['filter_ip']
... check ip...
if ip_is_bad:
return HttpResponseForbidden("Naughty! Bad!")
http://www.djangosnippets.org/snippets/85/ describes using the same
idea to enforce certain URLs being accessed only via SSL (and
redirecting to HTTPS if they're accessed via HTTP)
HTH,
Rob :)
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
Django needs for normal sequence of handlers for request processing
The request processing can be easy if developers of sites can define
prehandlers and posthandlers for each urls.py (or views.py?).
prehandler: the connection middleware. It calls before request
object was created. Only connection detailes needed for prehandler
processing (no session, no user, no any request-specified objects).
Prehandlers are used for connection detailed checking.
posthandler: the process middleware. It's usually middleware, but
it can be defined for specific urls.py and was processed only for this
urls.py and no other.
When the server started, it create map of handlers for urls and calls
prehandlers and posthandlers according the map. The view (defined in
view.py) is used only if no handlers returned response object. -- i.e.
the request processing sequence interrupted and server returns the
response if the handler returned response object.
For example:
The site have a members area '^memers/.*$'. The members area have a
private zone '^members/private/.*$' (additional authentication demands
for access into). Other urls is a public, but some external ip was
banned.
In urls.py I create prehandler to reject banned ip.
In members.urls I create posthandler for user authentication.
In members.private.urls I create posthandler for additional
authentication.
-- A:
1. The server get http request: "GET /members/list.xml" (user is
authenticated)
2. django try process prehandlers:
prehandler
members.prehandlers # not exists
3. django create request object
4. django try process posthandlers:
posthandler # it is a settings.middlewares now. (it was a bad
idea to put middlewares call map into global settings)
members.posthandler (checking for user authentication)
5. process the view:
(r'^list.xml$', called members.views.list),
-- B:
1. The server get http request: "GET /members/private/
detailes.xml" (user is authenticated and has permissions for access
into private area):
2. django try process prehandlers:
prehandler
members.prehandlers # not exists
members.private.prehandler #not exists
3. django create request object
4. django try process posthandlers:
posthandler
members.posthandler (checking for user authentication)
members.private.posthandler (checking for additional
authentication)
5. process the view:
(r'^detailes.xml$', called members.private.views.detailes),
-- C:
1. The server get http request: "GET /members/list.xml" from banned
ip:
2. django try process prehandlers:
prehandler # ip banned, prehandler returns response and
server sending response
-- D:
1. The server get http request: "GET /members/list.xml" and user is
not authenticated:
2. django try process prehandlers:
prehandler
members.prehandlers # not exists
3. django create request object
4. django try process posthandlers:
posthandler
members.posthandler # user is not authenticated, The
members.posthandler returns HttpResponseRedirect('/login.xml') and the
server send response to user
When I created members.posthandler I forgot authentication about. All
urls '^members/.*$' was automatically verified for user authentication
and all urls '^members/private/.*$' was automatically checked for
additional authorization since I defined members.private.posthandler.
No decorators. Just define any views into members/views.py or into
members/private/views.py and enjoy by result now.
P.S. I used this sceme in perl + mason constructions and it was nice.
P. P.S. Sorr for my english. :) I can read but can't speack or write.
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to django-develop...@googlegroups.com.
To unsubscribe from this group, send email to
django-developers+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
