intranet.middleware package


intranet.middleware.access_log module

class intranet.middleware.access_log.AccessLogMiddleWare(get_response)[source]

Bases: object

intranet.middleware.ajax module

class intranet.middleware.ajax.AjaxNotAuthenticatedMiddleWare(get_response)[source]

Bases: object

Django doesn’t handle login redirects with AJAX very nicely, so we have to work around the default behavior a little.

If a user’s session has expired, but they still have a window open, they client may send AJAX requests to a view wrapped in @login_required or something similar. When this happens, Django 302 redirects to something like /login?next=/eighth/signup, which will show up to the client as a 200 OK GET request and proceed as if everything worked. To avoid this, we need to detect these types of requests and change their status code to 401 to let the client know that the request actually failed.

intranet.middleware.dark_mode module

class intranet.middleware.dark_mode.DarkModeMiddleware(get_response)[source]

Bases: object

Set the ‘dark-mode-enabled’ cookie if the user is logged in and has enabled dark mode

intranet.middleware.monitoring module

class intranet.middleware.monitoring.PrometheusAccessMiddleware(get_response)[source]

Bases: object

Restricts access to Django Prometheus metrics to ALLOWED_METRIC_IPS and superusers.

intranet.middleware.profiler module

class intranet.middleware.profiler.ProfileMiddleware[source]

Bases: object

Displays timing or profiling for any view. or

Record the time taken by Django and the project code to generate the web page and by the database to make the queries. Accumulate repeated web page visits and display the accumulated statistics in the web browser in place of the normal web page. The availability of this middleware is controlled by the DEBUG flas in To time a page, add ‘?time’ (or ‘&time’). To clear out accumulated timings, add ‘&reset’.

Alternatively, profile the python function calls executed to create the web page and display the profiling statistics in the web browser. To profile a page, add ‘?prof’ (or ‘&prof’) to the url. By default the statistics are sorted by cumulative time. To specify an alternative sort, add one or more ‘sort’ parameters, e.g., ‘&sort=time&sort=calls’. By default the display is limited to the first 40 function calls. To specify an alternative, add a limit parameter, e.g., ‘&limit=.50’. To write the profile data to a permanent file in PROFILE_LOG_BASE add ‘&log’. To strip the directory paths from the profile statistics, add ‘&strip’. (Note that the file and group summaries are also removed by ‘strip’.)

process_response(request, response)[source]
process_view(request, callback, callback_args, callback_kwargs)[source]
intranet.middleware.profiler.get_log_file_path(log_file_path, called_time)[source]

Calculate standard deviation of data x[]: std = sqrt(sum_i (x_i - mean)^2 over n-1)

intranet.middleware.same_origin module

class intranet.middleware.same_origin.SameOriginMiddleware(get_response)[source]

Bases: object

Blocks requests that set an “Origin” header that’s different from the “Host” header

intranet.middleware.session_management module

class intranet.middleware.session_management.SessionManagementMiddleware(get_response)[source]

Bases: object

Handles session management.

intranet.middleware.templates module

class intranet.middleware.templates.AdminSelectizeLoadingIndicatorMiddleware(get_response)[source]

Bases: object

Automatically add a loading placeholder for Selectize inputs in admin templates.

This is probably not a good practice, but it really needs to be done server-side for the loading indicators to show up instantly.

class intranet.middleware.templates.NoReferrerMiddleware(get_response)[source]

Bases: object

Set all links to have rel=’noreferrer noopener’ to prevent malicious JS from editing what the user sees

class intranet.middleware.templates.StripNewlinesMiddleware(get_response)[source]

Bases: object

Strip extra newlines from rendered templates to enhance readability.


Process the response and strip extra newlines from HTML.

intranet.middleware.threadlocals module

class intranet.middleware.threadlocals.ThreadLocalsMiddleware(get_response)[source]

Bases: object

Stores the current authorized User object in thread locals for access in models (and elsewhere) without passing the user around as an argument.

static process_view(req, *_)[source]

Adds the request to thread locals.


Return the currently authorized User object.


User object

intranet.middleware.traceback module

class intranet.middleware.traceback.UserTracebackMiddleware(get_response)[source]

Bases: object

Adds the currently logged-in user to the request context, so that they show up in error emails.

process_exception(request, exception)[source]

intranet.middleware.url_slashes module

class intranet.middleware.url_slashes.FixSlashes(get_response)[source]

Bases: object


Add or remove trailing slashes where needed.

Note that there is no HTTP redirection actually happening. This just fixes the trailing slashes before the URLs are matched to any URL patterns by changing the request’s internal properties.

Module contents