diff options
| -rw-r--r-- | base_urls.py | 2 | ||||
| -rw-r--r-- | lib/ssl/__init__.py | 0 | ||||
| -rw-r--r-- | lib/ssl/middleware.py | 41 | ||||
| -rw-r--r-- | settings.py | 1 |
4 files changed, 43 insertions, 1 deletions
diff --git a/base_urls.py b/base_urls.py index 4f638ad..24acc93 100644 --- a/base_urls.py +++ b/base_urls.py @@ -43,7 +43,7 @@ urlpatterns += patterns('', urlpatterns += patterns('', (r'^admin/doc/', include('django.contrib.admindocs.urls')), (r'^admin/filebrowser/', include('filebrowser.urls')), - (r'^admin/', include(admin.site.urls)), + (r'^admin/', include(admin.site.urls),{'SSL':True}), (r'^grappelli/', include('grappelli.urls')), (r'^feeds/(?P<url>.*)/$', 'django.contrib.syndication.views.feed', {'feed_dict': feeds}), (r'^robots.txt$', direct_to_template, {'template': 'archives/robots.html'}), diff --git a/lib/ssl/__init__.py b/lib/ssl/__init__.py new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/lib/ssl/__init__.py diff --git a/lib/ssl/middleware.py b/lib/ssl/middleware.py new file mode 100644 index 0000000..11e1076 --- /dev/null +++ b/lib/ssl/middleware.py @@ -0,0 +1,41 @@ +__license__ = "Python"
+__copyright__ = "Copyright (C) 2007, Stephen Zabel"
+__author__ = "Stephen Zabel - sjzabel@gmail.com"
+__contributors__ = "Jay Parlar - parlar@gmail.com"
+
+from django.conf import settings
+from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, get_host
+
+SSL = 'SSL'
+
+class SSLRedirect:
+
+ def process_view(self, request, view_func, view_args, view_kwargs):
+ if SSL in view_kwargs:
+ secure = view_kwargs[SSL]
+ del view_kwargs[SSL]
+ else:
+ secure = False
+
+ if not secure == self._is_secure(request):
+ return self._redirect(request, secure)
+
+ def _is_secure(self, request):
+ if request.is_secure():
+ return True
+
+ #Handle the Webfaction case until this gets resolved in the request.is_secure()
+ if 'HTTP_X_FORWARDED_SSL' in request.META:
+ return request.META['HTTP_X_FORWARDED_SSL'] == 'on'
+
+ return False
+
+ def _redirect(self, request, secure):
+ protocol = secure and "https" or "http"
+ newurl = "%s://%s%s" % (protocol,get_host(request),request.get_full_path())
+ if settings.DEBUG and request.method == 'POST':
+ raise RuntimeError, \
+ """Django can't perform a SSL redirect while maintaining POST data.
+ Please structure your views so that redirects only occur during GETs."""
+
+ return HttpResponsePermanentRedirect(newurl)
\ No newline at end of file diff --git a/settings.py b/settings.py index b27c1cc..fd74df0 100644 --- a/settings.py +++ b/settings.py @@ -100,6 +100,7 @@ MIDDLEWARE_CLASSES = ( 'django.middleware.doc.XViewMiddleware', 'pagination.middleware.PaginationMiddleware', 'fdigg.middleware.FckDiggMiddleware', + 'ssl.middleware.SSLRedirect', #'debug_toolbar.middleware.DebugToolbarMiddleware', ) TEMPLATE_CONTEXT_PROCESSORS = ( |