# -*- coding: utf-8 -*- from __future__ import unicode_literals from django.utils.module_loading import import_string as _load from django.core.exceptions import DisallowedHost from django.http import HttpResponseForbidden from .models import ActivityLog from . import conf def get_ip_address(request): for header in conf.IP_ADDRESS_HEADERS: addr = request.META.get(header) if addr: return addr.split(',')[0].strip() def get_extra_data(request, response, body): if not conf.GET_EXTRA_DATA: return return _load(conf.GET_EXTRA_DATA)(request, response, body) class ActivityLogMiddleware: def process_request(self, request): request.saved_body = request.body if conf.LAST_ACTIVITY and request.user.is_authenticated(): getattr(request.user, 'update_last_activity', lambda: 1)() def process_response(self, request, response): try: self._write_log(request, response, getattr(request, 'saved_body', '')) except DisallowedHost: return HttpResponseForbidden() return response def _write_log(self, request, response, body): miss_log = [ not(conf.ANONIMOUS or request.user.is_authenticated()), request.method not in conf.METHODS, any(url in request.path for url in conf.EXCLUDE_URLS) ] if conf.STATUSES: miss_log.append(response.status_code not in conf.STATUSES) if conf.EXCLUDE_STATUSES: miss_log.append(response.status_code in conf.EXCLUDE_STATUSES) if any(miss_log): return if getattr(request, 'user', None) and request.user.is_authenticated(): user, user_id = request.user.get_username(), request.user.pk elif getattr(request, 'session', None): user, user_id = 'anon_{}'.format(request.session.session_key), 0 else: return ActivityLog.objects.create( user_id=user_id, user=user, request_url=request.build_absolute_uri()[:255], request_method=request.method, response_code=response.status_code, ip_address=get_ip_address(request), extra_data=get_extra_data(request, response, body) )