So I have a Django app that serves as the backend for another app that I've written. I only want my Django app to be accessed from this other app, which will probably have a handful of versions (production, staging, dev1, dev2). How can I configure my Django app to only accept connections from these handful of clients?
Asked
Active
Viewed 97 times
0
-
Can you give some more details on how the Django app will receive connections from the other app? Are they HTTP posts or something like that? – Augusto Destrero Oct 27 '14 at 16:42
-
Yes, just a REST API - GET, POST, PUT, DELETE, with token authentication. – tadasajon Oct 27 '14 at 16:46
-
You can do it with apache like here: http://stackoverflow.com/questions/18145978/only-allow-certain-ip-addresses-to-access-site-with-mod-rewrite – joel goldstick Oct 27 '14 at 18:51
-
Are these apps on a controlled network or remote? – Burhan Khalid Oct 27 '14 at 20:53
1 Answers
2
If I understand you well you want to control the access to your Django App, one option is to add a custom Middleware to check the IP of the user and if it's not allowed you can show an error, or redirect to other site or whatever you want.
class CheckIPMiddleware(object):
# Check if client IP is allowed
def process_request(self, request):
allowed_ips = ['192.168.1.1', '123.123.123.123', etc...]
ip = request.META.get('REMOTE_ADDR') # Get client IP
if ip not in allowed_ips:
# Here you can raise a 403 Forbidden
# or redirect to any other site/page
# If user is allowed nothing happens
return None
If this is useful to you you have to remember 2 things:
- Add code to a file following this path:
your_project/middleware/checkipmiddleware.py - Edit your settings and add
your_project_name.middleware.checkipmiddleware.CheckIPMiddlewareinto your middleware ( look forMIDDLEWARE_CLASSES = (...in your settings.py )
AlvaroAV
- 10,335
- 12
- 60
- 91