Django Forbid
Django Forbid aims to make website access managed and secure for the maintainers. It provides a middleware to grant or
deny user access based on device and/or location. It also supports VPN detection for banning users who want to lie about
their country and geolocation. Also, users can use only the VPN detection feature or disable it.
Installation
python -m pip install django-forbid
Configuration
Add the django_forbid.apps.ForbidConfig
to your INSTALLED_APPS
in your Django project's settings.py file.
INSTALLED_APPS = [
...,
'django_forbid.apps.ForbidConfig',
]
Also, add the django_forbid.middleware.ForbidMiddleware
to the MIDDLEWARE
list of the project.
MIDDLEWARE = [
...,
'django_forbid.middleware.ForbidMiddleware',
]
Configuring the GEOIP_PATH
variable in your project's settings is important. This variable should contain the path to
the GeoLite2 database file. You should download the database and
follow the Django documentation for proper
configuration.
Usage
After connecting the Django Forbid to your project, you can define the set of desired zones to be forbidden or allowed.
All you need is to set the DJANGO_FORBID
variable in your project's settings. It should be a dictionary with the
following keys:
DEVICES
- list of devices to permit or forbid access toCOUNTRIES
- list of countries to permit or forbid access toTERRITORIES
- list of territories to permit or forbid access toOPTIONS
- a dictionary for additional settings
VPN
- use VPN detection and forbid access to VPN usersURL
- set of URLs to redirect to when the user is located in a forbidden country or using a VPN
FORBIDDEN_LOC
- the URL to redirect to when the user is located in a forbidden geolocationFORBIDDEN_NET
- the URL to redirect to when the user is using a forbidden network (VPN)FORBIDDEN_DEV
- the URL to redirect to when the user is using a forbidden device
The available device types are: smartphone
, peripheral
- refers to all hardware components that are attached to a
computer, wearable
- common types of wearable technology include smartwatches and smartglasses, phablet
- a
smartphone having a larger screen, console
- PlayStation, Xbox, etc., display
, speaker
- Google Assistant, Siri,
Alexa, etc., desktop
, tablet
, camera
, player
- iPod, Sony Walkman, Creative Zen, etc., phone
, car
- refers
to a car browser and tv
- refers to TVs having internet access.
DJANGO_FORBID = {
'DEVICES': ['desktop', 'smartphone', 'console', 'tablet', 'tv'],
'COUNTRIES': ['US', 'GB'],
'TERRITORIES': ['EU'],
'OPTIONS': {
'VPN': True,
'URL': {
'FORBIDDEN_LOC': 'forbidden_location',
'FORBIDDEN_NET': 'forbidden_network',
'FORBIDDEN_DEV': 'forbidden_device',
},
},
}
The available country codes in the required ISO 3166 alpha-2 format are
listed here. And the available continent codes (territories) are: AF
-
Africa, AN
- Antarctica, AS
- Asia, EU
- Europe, NA
- North America, OC
- Oceania and SA
- South America.
None of the settings are required. If you don't specify any settings, the middleware will not do anything.
Contribute
Any contribution is welcome. If you have any ideas or suggestions, feel free to open an issue or a pull request. And
don't forget to add tests for your changes.
License
Copyright (C) 2023 Artyom Vancyan. MIT