-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix linting issues More linting issues Add CHANGELOG and README
- Loading branch information
1 parent
b7e2f10
commit 93099fd
Showing
17 changed files
with
250 additions
and
143 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,13 @@ | ||
| .coverage | ||
| .ruff_cache/ | ||
| .tox/ | ||
| *.log | ||
| *.pot | ||
| *.pyc | ||
| delme | ||
| dist/ | ||
| django_perimeter.egg-info/ | ||
| local_settings.py | ||
| poetry.lock | ||
| static | ||
| test.db |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,66 @@ | ||
| line-length = 88 | ||
| ignore = [ | ||
| "D100", # Missing docstring in public module | ||
| "D101", # Missing docstring in public class | ||
| "D102", # Missing docstring in public method | ||
| "D103", # Missing docstring in public function | ||
| "D104", # Missing docstring in public package | ||
| "D105", # Missing docstring in magic method | ||
| "D106", # Missing docstring in public nested class | ||
| "D107", # Missing docstring in __init__ | ||
| "D203", # 1 blank line required before class docstring | ||
| "D212", # Multi-line docstring summary should start at the first line | ||
| "D213", # Multi-line docstring summary should start at the second line | ||
| "D404", # First word of the docstring should not be "This" | ||
| "D405", # Section name should be properly capitalized | ||
| "D406", # Section name should end with a newline | ||
| "D407", # Missing dashed underline after section | ||
| "D410", # Missing blank line after section | ||
| "D411", # Missing blank line before section | ||
| "D412", # No blank lines allowed between a section header and its content | ||
| "D416", # Section name should end with a colon | ||
| "D417", | ||
| "D417", # Missing argument description in the docstring | ||
| ] | ||
| select = [ | ||
| "A", # flake8 builtins | ||
| "C9", # mcabe | ||
| "D", # pydocstyle | ||
| "E", # pycodestyle (errors) | ||
| "F", # Pyflakes | ||
| "I", # isort | ||
| "S", # flake8-bandit | ||
| "T2", # flake8-print | ||
| "W", # pycodestype (warnings) | ||
| ] | ||
|
|
||
| [isort] | ||
| combine-as-imports = true | ||
|
|
||
| [mccabe] | ||
| max-complexity = 8 | ||
|
|
||
| [per-file-ignores] | ||
| "*tests/*" = [ | ||
| "D205", # 1 blank line required between summary line and description | ||
| "D400", # First line should end with a period | ||
| "D401", # First line should be in imperative mood | ||
| "D415", # First line should end with a period, question mark, or exclamation point | ||
| "E501", # Line too long | ||
| "E731", # Do not assign a lambda expression, use a def | ||
| "S101", # Use of assert detected | ||
| "S105", # Possible hardcoded password | ||
| "S106", # Possible hardcoded password | ||
| "S113", # Probable use of requests call with timeout set to {value} | ||
| ] | ||
| "*/migrations/*" = [ | ||
| "E501", # Line too long | ||
| ] | ||
| "*/settings.py" = [ | ||
| "F403", # from {name} import * used; unable to detect undefined names | ||
| "F405", # {name} may be undefined, or defined from star imports: | ||
| ] | ||
| "*/settings/*" = [ | ||
| "F403", # from {name} import * used; unable to detect undefined names | ||
| "F405", # {name} may be undefined, or defined from star imports: | ||
| ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,101 @@ | ||
| # Django Perimeter | ||
|
|
||
| Perimeter is a Django app that provides middleware that allows you to | ||
| 'secure the perimeter' of your django site outside of any existing auth | ||
| process that you have. | ||
|
|
||
| ## Compatibility | ||
|
|
||
| **This package now requires Python 3.8+ and Django 3.2+.** | ||
|
|
||
| For previous versions please refer to the relevant branch. | ||
|
|
||
| ## Why? | ||
|
|
||
| Most django sites have some kind of user registration and security model - | ||
| a login process, decorators to secure certain URLs, user accounts - | ||
| everything that comes with `django.contrib.auth` and associated apps. | ||
|
|
||
| Sometimes, however, you want to simply secure the entire site to prevent | ||
| prying eyes - the classic example being before a site goes live. You | ||
| want to erect a secure perimeter fence around the entire thing. If you | ||
| have control over your front-end web server (e.g. Apache, Nginx) then | ||
| this can be used to do this using their in-built access control | ||
| features. However, if you are running your app on a hosting platform you | ||
| may not have admin access to these parts. Even if you do have control | ||
| over your webserver, you may not want to be re-configuring it every time | ||
| you want to grant someone access. | ||
|
|
||
| That's when you need Perimeter. | ||
|
|
||
| Perimeter provides simple tokenised access control over your entire | ||
| Django site (everything, including the admin site and login pages). | ||
|
|
||
| ## How does it work? | ||
|
|
||
| Once you have installed and enabled Perimeter, everyone requiring access | ||
| will need an authorisation token (not authentication - there is nothing | ||
| inherent in Perimeter to prevent people swapping / sharing tokens - that | ||
| is an accepted use case). | ||
|
|
||
| Perimeter runs as middleware that will inspect the user's `session` | ||
| for a token. If they have a valid token, then they continue to use the | ||
| site uninterrupted. If they do not have a token, or the token is invalid | ||
| (expired or set to inactive), then they are redirected to the Perimeter | ||
| 'Gateway', where they must enter a valid token, along with their name | ||
| and email (for auditing purposes - this is stored in the database). | ||
|
|
||
| To create a new token you need to head to the admin site, and create a | ||
| new token under the Perimeter app. If you have `PERIMETER_ENABLED` set | ||
| to True already you won't be able to access the admin site (as Perimeter | ||
| covers everything except for the perimeter 'gateway' form), and so there | ||
| is a management command (`create_access_token`) that you can use to | ||
| create your first token. (This is analagous to the Django setup process | ||
| where it prompts you to create a superuser.) | ||
|
|
||
| Setup | ||
| ----- | ||
|
|
||
| 1. Add `"perimeter"` to your installed apps. | ||
| 2. Add `"perimeter.middleware.PerimeterAccessMiddleware"` to the list of MIDDLEWARE_CLASSES | ||
| 3. Add the perimeter urls, including the `"perimeter"` namespace. | ||
| 4. Add `PERIMETER_ENABLED = True` to your settings file. This setting can be used to enable or disable Perimeter in different environments. | ||
|
|
||
|
|
||
| Settings: | ||
|
|
||
| .. code:: python | ||
|
|
||
| PERIMETER_ENABLED = True | ||
|
|
||
| INSTALLED_APPS = ( | ||
| ... | ||
| "perimeter", | ||
| ... | ||
| ) | ||
|
|
||
| # Perimeter's middleware must be after SessionMiddleware as it relies on | ||
| # request.session | ||
| MIDDLEWARE_CLASSES = [ | ||
| ... | ||
| "django.contrib.sessions.middleware.SessionMiddleware", | ||
| "perimeter.middleware.PerimeterAccessMiddleware", | ||
| ... | ||
| ] | ||
|
|
||
| Site urls: | ||
|
|
||
| .. code:: python | ||
|
|
||
| # in site urls | ||
| urlpatterns = [ | ||
| ... | ||
| # NB you must include the namespace, as it is referenced in the app | ||
| path("perimeter/", include("perimeter.urls", namespace="perimeter")), | ||
| ... | ||
| ] | ||
|
|
||
| ## Tests | ||
|
|
||
| The app has a suite of tests, and a ``tox.ini`` file configured to run | ||
| them when using ``tox`` (recommended). |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +0,0 @@ | ||
| __version__ = "0.15.dev0" | ||
Oops, something went wrong.