diff --git a/pount/apps/iiif/views.py b/pount/apps/iiif/views.py index 9915b6cc045f4473b7ad51a6435721d37da708f2..58b7caca42ba19dec008ab449183f5ee0115a5e1 100644 --- a/pount/apps/iiif/views.py +++ b/pount/apps/iiif/views.py @@ -1,11 +1,51 @@ from os import environ +from django.conf import settings from django.contrib.auth import get_user_model from revproxy.views import ProxyView User = get_user_model() +def get_request_headers(self): + """Return request headers that will be sent to upstream. + + The header REMOTE_USER is set to the current user + if AuthenticationMiddleware is enabled and + the view's add_remote_user property is True. + + .. versionadded:: 0.9.8 + + If the view's add_x_forwarded property is True, the + headers X-Forwarded-For and X-Forwarded-Proto are set to the + IP address of the requestor and the request's protocol (http or https), + respectively. + + .. versionadded:: TODO + + """ + request_headers = self.get_proxy_request_headers(self.request) + + if self.add_remote_user and hasattr(self.request, "user") and self.request.user.is_active: + request_headers["REMOTE_USER"] = self.request.user.get_username() + self.log.info("REMOTE_USER set") + + if self.add_x_forwarded: + request_ip = self.request.META.get("REMOTE_ADDR") + self.log.debug("Proxy request IP: %s", request_ip) + request_headers["X-Forwarded-For"] = request_ip + if settings.DEBUG: + http_port = self.request.META["SERVER_PORT"] + request_headers["X-Forwarded-Port"] = http_port + request_proto = "https" if self.request.is_secure() else "http" + self.log.debug("Proxy request using %s", request_proto) + request_headers["X-Forwarded-Proto"] = request_proto + return request_headers + + +ProxyView.get_request_headers = get_request_headers + + # class TestProxyView(LoginRequiredMixin, ProxyView): class TestProxyView(ProxyView): upstream = environ.get("IIIF_UPSTREAM_URL", "http://localhost:8182/iiif/") @@ -14,7 +54,9 @@ class TestProxyView(ProxyView): def dispatch(self, request, *args, **kwargs): # for k in request.META.keys(): # print(k) - # print(request.user) # print(args) # print(kwargs) + # if not request.user.has_perm(rules.ITEM_EDIT, obj): + # print("can't touch dis") + return super().dispatch(request, *args, **kwargs)