firewall-python/aikido_zen/middleware/django.py at 2cfc0496db989b7b25af9b8603276f3e2b5829ae · henrygoodman/firewall-python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
"""Exports AikidoDjangoMiddleware"""

from aikido_zen.helpers.logging import logger
from .should_block_request import should_block_request


class AikidoDjangoMiddleware:
    """Middleware for rate-limiting and user blocking for django"""

    def __init__(self, get_response):
        self.get_response = get_response
        try:
            from django.http import HttpResponse

            self.HttpResponse = HttpResponse
        except ImportError:
            logger.warning(
                "django.http import not working, aikido rate-limiting middleware not running."
            )

    def __call__(self, request):
        result = should_block_request()
        if result["block"] is not True or self.HttpResponse is None:
            return self.get_response(request)

        if result["type"] == "ratelimited":
            message = "You are rate limited by Zen."
            if result["trigger"] == "ip" and result["ip"]:
                message += " (Your IP: " + result["ip"] + ")"
            return self.HttpResponse(message, content_type="text/plain", status=429)
        elif result["type"] == "blocked":
            return self.HttpResponse(
                "You are blocked by Zen.", content_type="text/plain", status=403
            )
        logger.debug("Unknown type for blocking request: %s", result["type"])
        return self.get_response(request)