Skip to content

Commit 9108fef

Browse files
JakubMastalerzJakubMastalerz
committed
setup django-xff
1 parent 8ac2cc9 commit 9108fef

File tree

5 files changed

+25
-2
lines changed

5 files changed

+25
-2
lines changed

poetry.lock

Lines changed: 16 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pyproject.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,7 @@ scout-apm = "^3.2.1"
3838
sentry-sdk = "^2.16.0"
3939
html5lib = "^1.1"
4040
beautifulsoup4 = "^4.12.3"
41+
django-xff = "^1.4.0"
4142

4243
[tool.poetry.extras]
4344
gunicorn = ["gunicorn"]

tbx/settings/base.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -86,6 +86,7 @@
8686
"django.middleware.security.SecurityMiddleware",
8787
"django_permissions_policy.PermissionsPolicyMiddleware",
8888
"whitenoise.middleware.WhiteNoiseMiddleware",
89+
"xff.middleware.XForwardedForMiddleware",
8990
"django.contrib.sessions.middleware.SessionMiddleware",
9091
"django.middleware.common.CommonMiddleware",
9192
"django.middleware.csrf.CsrfViewMiddleware",
@@ -282,6 +283,7 @@
282283
"level": "WARNING",
283284
"propagate": False,
284285
},
286+
"xff": {"handlers": ["console"], "level": "WARNING", "propagate": False},
285287
},
286288
}
287289

@@ -477,6 +479,7 @@
477479
"BASIC_AUTH_WHITELISTED_HTTP_HOSTS"
478480
].split(",")
479481

482+
XFF_TRUSTED_PROXY_DEPTH = int(env.get("XFF_TRUSTED_PROXY_DEPTH", 1))
480483

481484
AUTH_USER_MODEL = "users.User"
482485

tbx/settings/production.py

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,8 @@
33
# Disable debug mode
44
DEBUG = False
55

6+
# Error if there aren't enough proxies in between
7+
XFF_ALWAYS_PROXY = True
68

79
try:
810
from .local import * # noqa

tbx/settings/test.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,3 +24,6 @@
2424
PASSWORD_HASHERS = ["django.contrib.auth.hashers.MD5PasswordHasher"]
2525

2626
WAGTAILADMIN_BASE_URL = "http://localhost:8000"
27+
28+
# Ignore proxy count in tests
29+
XFF_ALWAYS_PROXY = False

0 commit comments

Comments
 (0)