django-auditlog/auditlog/middleware.py

import contextlib

from auditlog.cid import set_cid
from auditlog.context import set_actor


class AuditlogMiddleware:
    """
    Middleware to couple the request's user to log items. This is accomplished by currying the
    signal receiver with the user from the request (or None if the user is not authenticated).
    """

    def __init__(self, get_response=None):
        self.get_response = get_response

    @staticmethod
    def _get_remote_addr(request):
        # In case there is no proxy, return the original address
        if not request.headers.get("X-Forwarded-For"):
            return request.META.get("REMOTE_ADDR")

        # In case of proxy, set 'original' address
        remote_addr: str = request.headers.get("X-Forwarded-For").split(",")[0]

        # Remove port number from remote_addr
        if "." in remote_addr and ":" in remote_addr:  # IPv4 with port (`x.x.x.x:x`)
            remote_addr = remote_addr.split(":")[0]
        elif "[" in remote_addr:  # IPv6 with port (`[:::]:x`)
            remote_addr = remote_addr[1:].split("]")[0]

        return remote_addr

    def __call__(self, request):
        remote_addr = self._get_remote_addr(request)

        set_cid(request)

        if hasattr(request, "user") and request.user.is_authenticated:
            context = set_actor(actor=request.user, remote_addr=remote_addr)
        else:
            context = contextlib.nullcontext()

        with context:
            return self.get_response(request)
Add set_actor context manager (#262) 2022-05-24 07:33:54 +00:00			`import contextlib`
ensure signal disconnection 2014-02-07 19:59:16 +00:00
Added support for Correlation ID Co-authored-by: Hasan Ramezani <hasan.r67@gmail.com> 2022-12-23 14:09:32 +00:00			`from auditlog.cid import set_cid`
Add set_actor context manager (#262) 2022-05-24 07:33:54 +00:00			`from auditlog.context import set_actor`
Update middleware for Django 1.10 2016-08-17 20:45:02 +00:00
First implementation 2013-10-20 13:25:48 +00:00
Add set_actor context manager (#262) 2022-05-24 07:33:54 +00:00			`class AuditlogMiddleware:`
First implementation 2013-10-20 13:25:48 +00:00			`"""`
Add flake8 to pre-commit config (#387) 2022-06-18 16:20:25 +00:00			`Middleware to couple the request's user to log items. This is accomplished by currying the`
			`signal receiver with the user from the request (or None if the user is not authenticated).`
First implementation 2013-10-20 13:25:48 +00:00			`"""`

Add set_actor context manager (#262) 2022-05-24 07:33:54 +00:00			`def __init__(self, get_response=None):`
			`self.get_response = get_response`

Handle port in `remote_addr` 2022-08-16 21:29:45 +00:00			`@staticmethod`
			`def _get_remote_addr(request):`
FIX: Parsing client IPv6 address when a proxy is involved (#457) 2022-11-22 07:44:59 +00:00			`# In case there is no proxy, return the original address`
			`if not request.headers.get("X-Forwarded-For"):`
Handle port in `remote_addr` 2022-08-16 21:29:45 +00:00			`return request.META.get("REMOTE_ADDR")`

FIX: Parsing client IPv6 address when a proxy is involved (#457) 2022-11-22 07:44:59 +00:00			`# In case of proxy, set 'original' address`
			`remote_addr: str = request.headers.get("X-Forwarded-For").split(",")[0]`

			`# Remove port number from remote_addr`
			if "." in remote_addr and ":" in remote_addr: # IPv4 with port (`x.x.x.x:x`)
			`remote_addr = remote_addr.split(":")[0]`
			elif "[" in remote_addr: # IPv6 with port (`[:::]:x`)
			`remote_addr = remote_addr[1:].split("]")[0]`

			`return remote_addr`

Handle port in `remote_addr` 2022-08-16 21:29:45 +00:00			`def __call__(self, request):`
			`remote_addr = self._get_remote_addr(request)`
Use threadlocals to store middleware data instead of the request 2015-06-03 14:29:40 +00:00
Added support for Correlation ID Co-authored-by: Hasan Ramezani <hasan.r67@gmail.com> 2022-12-23 14:09:32 +00:00			`set_cid(request)`

Simplify is_authenticated check This attribute is defined on request.user from Django 1.10 or a comparably ancient version. 2022-06-28 16:52:55 +00:00			`if hasattr(request, "user") and request.user.is_authenticated:`
Add set_actor context manager (#262) 2022-05-24 07:33:54 +00:00			`context = set_actor(actor=request.user, remote_addr=remote_addr)`
			`else:`
			`context = contextlib.nullcontext()`
(bugfix) Adds hasattr check before threadlocal.auditlog access in set_actor middleware.set_actor was inconsistent with other methods in checking for hasattr(threadlocal, 'auditlog') 2018-01-04 19:07:13 +00:00
Add set_actor context manager (#262) 2022-05-24 07:33:54 +00:00			`with context:`
			`return self.get_response(request)`