38 lines
1.2 KiB
Python
38 lines
1.2 KiB
Python
# -*- mode: python; coding: utf-8 -*-
|
|
# Copyright (C) 2017-2019 by BDE ENS Paris-Saclay
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
import ipaddress
|
|
|
|
from django.shortcuts import redirect
|
|
|
|
from med.settings import AUTHORIZED_IP_RANGE, AUTHORIZED_IP6_RANGE
|
|
|
|
|
|
def user_is_in_campus(function):
|
|
def wrap(request, *args, **kwargs):
|
|
if not request.user.is_authenticated:
|
|
remote_ip = get_ip(request)
|
|
if not ipaddress.ip_address(remote_ip) in ipaddress.ip_network(
|
|
AUTHORIZED_IP_RANGE) and not ipaddress.ip_address(remote_ip) in ipaddress.ip_network(
|
|
AUTHORIZED_IP6_RANGE):
|
|
return redirect("/")
|
|
return function(request, *args, **kwargs)
|
|
|
|
wrap.__doc__ = function.__doc__
|
|
wrap.__name__ = function.__name__
|
|
return wrap
|
|
|
|
|
|
def get_ip(request):
|
|
"""Returns the IP of the request, accounting for the possibility of being
|
|
behind a proxy.
|
|
"""
|
|
ip = request.META.get("HTTP_X_FORWARDED_FOR", None)
|
|
if ip:
|
|
# X_FORWARDED_FOR returns client1, proxy1, proxy2,...
|
|
ip = ip.split(", ")[0]
|
|
else:
|
|
ip = request.META.get("REMOTE_ADDR", "")
|
|
return ip
|