如何为django定义自定义wsgi中间件

时间:2021-12-04 19:36:05

I want to write a custom wsgi middleware, which is called on every incoming request. It checks the url, and if the user is authenticated and allows the request to proceed or rejects it.

我想编写一个自定义的wsgi中间件,它对每个传入的请求都进行调用。它检查url,如果用户通过了身份验证,并允许请求继续或拒绝它。

What is the best way to add wsgi middleware in django ?

在django中添加wsgi中间件的最佳方式是什么?

2 个解决方案

#1


1  

Why do you want to do this as a WSGI middleware, specifically? Django doesn't operate particularly well with those - there was some work a few years ago to try and harmonize Django middleware with WSGI middleware, but it didn't really get anywhere.

为什么要将其作为WSGI中间件进行呢?Django的操作并不特别好——几年前还有些工作要尝试用WSGI中间件来协调Django中间件,但它并没有真正实现。

Django has its own version of middleware, which is very well documented, and your request could be done in about three lines.

Django有自己的中间件版本,该版本有很好的文档记录,您的请求可以在大约三行中完成。

#2


1  

You do not need a wsgi middleware here and can easily use django middleware.

这里不需要一个wsgi中间件,可以轻松地使用django中间件。

some_app/middleware.py

some_app / middleware.py

from django.http import HttpResponseForbidden

class AuthenticateMiddleware(object):

    def process_request(self, request):
        #do something with request.path
        if request.user.is_authenticated():
            #can do something or just pass
            #but do not return a response from here
        else:
            #return a response from here so that view doesn't get called
            return HttpResponseForbidden()

process_request() of any middleware is called before the view is processed. If you return an instance of HttpResponse from this method then the view will not be called. Since HttpResponseForbidden is a subclass of HttpResponse, so the view will not be called if the user is not authenticated.

在处理视图之前调用任何中间件的process_request()。如果您从这个方法返回一个HttpResponse实例,那么将不会调用这个视图。因为HttpResponseForbidden是HttpResponse的一个子类,所以如果用户没有经过身份验证,视图就不会被调用。

You need to add this custom middleware to MIDDLEWARE_CLASSES.

您需要将此自定义中间件添加到MIDDLEWARE_CLASSES。

settings.py

settings.py

MIDDLEWARE_CLASSES = ( 
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'some_app.middleware.AuthenticationMiddleware',
)

#1


1  

Why do you want to do this as a WSGI middleware, specifically? Django doesn't operate particularly well with those - there was some work a few years ago to try and harmonize Django middleware with WSGI middleware, but it didn't really get anywhere.

为什么要将其作为WSGI中间件进行呢?Django的操作并不特别好——几年前还有些工作要尝试用WSGI中间件来协调Django中间件,但它并没有真正实现。

Django has its own version of middleware, which is very well documented, and your request could be done in about three lines.

Django有自己的中间件版本,该版本有很好的文档记录,您的请求可以在大约三行中完成。

#2


1  

You do not need a wsgi middleware here and can easily use django middleware.

这里不需要一个wsgi中间件,可以轻松地使用django中间件。

some_app/middleware.py

some_app / middleware.py

from django.http import HttpResponseForbidden

class AuthenticateMiddleware(object):

    def process_request(self, request):
        #do something with request.path
        if request.user.is_authenticated():
            #can do something or just pass
            #but do not return a response from here
        else:
            #return a response from here so that view doesn't get called
            return HttpResponseForbidden()

process_request() of any middleware is called before the view is processed. If you return an instance of HttpResponse from this method then the view will not be called. Since HttpResponseForbidden is a subclass of HttpResponse, so the view will not be called if the user is not authenticated.

在处理视图之前调用任何中间件的process_request()。如果您从这个方法返回一个HttpResponse实例,那么将不会调用这个视图。因为HttpResponseForbidden是HttpResponse的一个子类,所以如果用户没有经过身份验证,视图就不会被调用。

You need to add this custom middleware to MIDDLEWARE_CLASSES.

您需要将此自定义中间件添加到MIDDLEWARE_CLASSES。

settings.py

settings.py

MIDDLEWARE_CLASSES = ( 
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'some_app.middleware.AuthenticationMiddleware',
)