Note this code uses regular expressions to determine if a request comes from one of our allowed IPs. This should really be reworked to use a library that does proper netmask calculations.
class OnCampusMiddleware(MiddlewareMixin):
"""
Middleware sets ON_CAMPUS session variable to True if the request
came from an campus IP or if the user is authenticated.
2022-04-09 Storing ON_CAMPUS in the session is causing us to set a
cookie for every request which interferes with Cloudflare caching.
If your site is largely for anonymous users, store ON_CAMPUS in the request
itself by adding STORE_ON_CAMPUS_IN_SESSION=False to your settings.py
"""
CAMPUS_ADDRESSES = [
# redacted
r'192\.168\.\d{1,3}\.\d{1,3}',
r'127\.0\.0\.1',
]
def check_ip(self, request):
client_ip = get_client_ip(request)
if client_ip:
for ip_regex in self.CAMPUS_ADDRESSES:
if re.match(ip_regex, client_ip):
return True
return False
def process_request(self, request):
# A user is considered "on campus" if they are visiting from a campus IP, or are logged in
# to the site.
if getattr(settings, 'STORE_ON_CAMPUS_IN_SESSION', True):
request.session['ON_CAMPUS'] = request.user.is_authenticated or self.check_ip(request)
else:
request.on_campus = request.user.is_authenticated or self.check_ip(request)
return None
Then to use this in a Django project:
# settings.py
...
MIDDLEWARE = [
# Normal Django middle ware stack
# Sets request.on_campus = True for logged-in users, and for visitors who come from a campus IP.
# Set STORE_ON_CAMPUS_IN_SESSION to False to prevent setting cookies for anonymous users.
'djunk.middleware.OnCampusMiddleware',
]
STORE_ON_CAMPUS_IN_SESSION = False