Recipes¶
There are many different ways in which you may choose to use django-firefence. Here are some of the basic patterns that you can use:
Middleware¶
The easiest, but least flexible way to use django-firence is to simply install the
FirefenceMiddleware
middleware and define some default rules:
MIDDLEWARE += ['firefence.middleware.FirefenceMiddleware'] FIREFENCE= { 'RULES': [ { 'action': 'ALLOW', 'host': '192.168.1.1', 'port': '80, 443', } ], }
When using the middleware, ALL requests are filtered through the default rules.
By default the middleware uses the provided Fence
backend, however you may change the
DEFAULT_BACKEND
setting to use a custom backend.
Decorator¶
django-firefence comes with a view decorator that you can use to protect individual views.
This decorator allows you to specify a set of rules to use as well what backend class to use. If either is not provided the defaults specified in the settings will be used.
Here are some examples of how to use the decorator
from firefence.decorators import fence_protected from firefence.rules import Rule from my_project.firefence_backends import CustomFence # Use the default rules and backend @fence_protected() def my_view(request): return render(request, 'template.html') # Use a custom set of rules @fence_protected(rules=[ Rule(action=Rule.ALLOW, host='192.168.1.1') ]) def another_view(request): return render(request, 'template.html') # Use a custom backend @fence_protected(backend_class=CustomFence) def third_view(request): return render(request, 'template.html')
Fence¶
Sometimes you may have a common set of rules you wish to apply to a number of views. One way that
you could do this is to create an instance of the Fence
backend with those rules and use it
to decorate the views:
from firefence.backends import Fence from firefence.rules import Rule fence = Fence([ Rule(action=Rule.DENY, host='192.168.1.1', port=80), Rule(action=Rule.ALLOW, port=[80, 443]), ]) @fence.protect def my_view(request): return render(request, 'template.html') @fence.protect def another_view(request): return render(request, 'template.html')
Custom Backend¶
The provided Fence
backend raises a PermissionDenied
error when a denial occurs. If this
is not the desired behaviour, you must use a custom backend.
To make the process easy we provide a AbstractFence
class that you can extend to easily create
new backends. All you have to do is implement a reject
method on the new backend. This method
must either raise an exception that Django can handle or return an HttpResponse
object.
from firefence.backends import AbstractFence class CustomFence(AbstractFence): def reject(self, request): return render(request, 'denied.html')