2017-09-18 17:02:39 +08:00
|
|
|
# Copyright (c) 2012-2016 Seafile Ltd.
|
|
|
|
|
import json
|
|
|
|
|
|
|
|
|
|
from django.http import HttpResponse
|
2021-08-27 12:01:13 +08:00
|
|
|
from django.shortcuts import render
|
2020-07-27 14:59:18 +08:00
|
|
|
from django.utils.deprecation import MiddlewareMixin
|
2017-09-18 17:02:39 +08:00
|
|
|
|
|
|
|
|
from seahub.utils.ip import get_remote_ip
|
|
|
|
|
from seahub.trusted_ip.models import TrustedIP
|
|
|
|
|
from seahub.settings import ENABLE_LIMIT_IPADDRESS, TRUSTED_IP_LIST
|
|
|
|
|
|
|
|
|
|
|
2020-07-27 14:59:18 +08:00
|
|
|
class LimitIpMiddleware(MiddlewareMixin):
|
2025-08-05 16:43:52 +08:00
|
|
|
async_mode = False
|
2017-09-18 17:02:39 +08:00
|
|
|
def process_request(self, request):
|
|
|
|
|
if not ENABLE_LIMIT_IPADDRESS:
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
ip = get_remote_ip(request)
|
|
|
|
|
if not TrustedIP.objects.match_ip(ip) and ip not in TRUSTED_IP_LIST:
|
|
|
|
|
if "api2/" in request.path or "api/v2.1/" in request.path:
|
|
|
|
|
return HttpResponse(
|
|
|
|
|
json.dumps({"err_msg": "you can't login, because IP \
|
|
|
|
|
address was not in range"}),
|
|
|
|
|
status=403,
|
|
|
|
|
content_type='application/json; charset=utf-8'
|
|
|
|
|
)
|
|
|
|
|
else:
|
2021-08-27 12:01:13 +08:00
|
|
|
return render(request, 'trusted_ip/403_trusted_ip.html',
|
|
|
|
|
status=403)
|
