django-perimeter

Site-wide perimeter access control for Django projects

https://github.com/yunojuno/django-perimeter

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (12.1%) to scientific vocabulary
Last synced: 10 months ago · JSON representation

Repository

Site-wide perimeter access control for Django projects

Basic Info
  • Host: GitHub
  • Owner: yunojuno
  • License: mit
  • Language: Python
  • Default Branch: master
  • Size: 167 KB
Statistics
  • Stars: 17
  • Watchers: 16
  • Forks: 4
  • Open Issues: 1
  • Releases: 6
Created over 13 years ago · Last pushed about 1 year ago
Metadata Files
Readme Changelog License

README.md

Django Perimeter

Perimeter is a Django app that provides middleware that allows you to 'secure the perimeter' of your django site outside of any existing auth process that you have.

Compatibility

This package now requires Python 3.8+ and Django 4.2+.

For previous versions please refer to the relevant branch.

Why?

Most django sites have some kind of user registration and security model - a login process, decorators to secure certain URLs, user accounts - everything that comes with django.contrib.auth and associated apps.

Sometimes, however, you want to simply secure the entire site to prevent prying eyes - the classic example being before a site goes live. You want to erect a secure perimeter fence around the entire thing. If you have control over your front-end web server (e.g. Apache, Nginx) then this can be used to do this using their in-built access control features. However, if you are running your app on a hosting platform you may not have admin access to these parts. Even if you do have control over your webserver, you may not want to be re-configuring it every time you want to grant someone access.

That's when you need Perimeter.

Perimeter provides simple tokenised access control over your entire Django site (everything, including the admin site and login pages).

How does it work?

Once you have installed and enabled Perimeter, everyone requiring access will need an authorisation token (not authentication - there is nothing inherent in Perimeter to prevent people swapping / sharing tokens - that is an accepted use case).

Perimeter runs as middleware that will inspect the user's session for a token. If they have a valid token, then they continue to use the site uninterrupted. If they do not have a token, or the token is invalid (expired or set to inactive), then they are redirected to the Perimeter 'Gateway', where they must enter a valid token, along with their name and email (for auditing purposes - this is stored in the database).

To create a new token you need to head to the admin site, and create a new token under the Perimeter app. If you have PERIMETER_ENABLED set to True already you won't be able to access the admin site (as Perimeter covers everything except for the perimeter 'gateway' form), and so there is a management command (create_access_token) that you can use to create your first token. (This is analagous to the Django setup process where it prompts you to create a superuser.)

Setup

  1. Add "perimeter" to your installed apps.
  2. Add "perimeter.middleware.PerimeterAccessMiddleware" to the list of MIDDLEWARE_CLASSES
  3. Add the perimeter urls, including the "perimeter" namespace.
  4. Add PERIMETER_ENABLED = True to your settings file. This setting can be used to enable or disable Perimeter in different environments.

Settings:

```python PERIMETER_ENABLED = True

INSTALLED_APPS = (
    ...
    "perimeter",
    ...
)

# Perimeter's middleware must be after SessionMiddleware as it relies on
# request.session
MIDDLEWARE_CLASSES = [
    ...
    "django.contrib.sessions.middleware.SessionMiddleware",
    "perimeter.middleware.PerimeterAccessMiddleware",
    ...
]

```

Site urls:

python # in site urls urlpatterns = [ ... # NB you must include the namespace, as it is referenced in the app path("perimeter/", include("perimeter.urls", namespace="perimeter")), ... ]

Tests

The app has a suite of tests, and a tox.ini file configured to run them when using tox (recommended).

Owner

  • Name: yunojuno
  • Login: yunojuno
  • Kind: organization
  • Email: code@yunojuno.com
  • Location: London

GitHub Events

Total
  • Watch event: 1
  • Member event: 1
  • Push event: 4
  • Pull request event: 2
Last Year
  • Watch event: 1
  • Member event: 1
  • Push event: 4
  • Pull request event: 2

Committers

Last synced: over 2 years ago

All Time
  • Total Commits: 93
  • Total Committers: 11
  • Avg Commits per committer: 8.455
  • Development Distribution Score (DDS): 0.505
Past Year
  • Commits: 6
  • Committers: 3
  • Avg Commits per committer: 2.0
  • Development Distribution Score (DDS): 0.5
Top Committers
Name Email Commits
Hugo Rodger-Brown h****o@r****m 46
Hugo Rodger-Brown h****o@y****m 29
Hugo Rodger-Brown h****n 4
Steve Jalim s****e@s****k 3
Eddy Brown e****n@y****m 2
Eleni Lixourioti c****t@e****o 2
Neil Lyons n****s@g****m 2
Darian Moody m****l@d****k 2
miphreal m****l@g****m 1
Adam Johnson me@a****u 1
qubird a****9@g****m 1
Committer Domains (Top 20 + Academic)

Issues and Pull Requests

Last synced: 11 months ago

All Time
  • Total issues: 10
  • Total pull requests: 18
  • Average time to close issues: 6 months
  • Average time to close pull requests: 10 days
  • Total issue authors: 4
  • Total pull request authors: 9
  • Average comments per issue: 1.6
  • Average comments per pull request: 0.44
  • Merged pull requests: 17
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 0
  • Pull requests: 1
  • Average time to close issues: N/A
  • Average time to close pull requests: 26 days
  • Issue authors: 0
  • Pull request authors: 1
  • Average comments per issue: 0
  • Average comments per pull request: 0.0
  • Merged pull requests: 1
  • Bot issues: 0
  • Bot pull requests: 0
Top Authors
Issue Authors
  • stevejalim (4)
  • hugorodgerbrown (4)
  • nwjlyons (1)
  • qubird (1)
Pull Request Authors
  • hugorodgerbrown (9)
  • nwjlyons (2)
  • thmsrmbld (2)
  • Geekfish (1)
  • emab (1)
  • miphreal (1)
  • stevejalim (1)
  • djm (1)
Top Labels
Issue Labels
enhancement (1)
Pull Request Labels

Packages

  • Total packages: 2
  • Total downloads:
    • pypi 1,107 last-month
  • Total dependent packages: 0
    (may contain duplicates)
  • Total dependent repositories: 3
    (may contain duplicates)
  • Total versions: 39
  • Total maintainers: 3
pypi.org: django-perimeter

Site-wide perimeter access control for Django projects.

  • Versions: 38
  • Dependent Packages: 0
  • Dependent Repositories: 2
  • Downloads: 1,075 Last month
Rankings
Downloads: 7.2%
Dependent packages count: 10.0%
Dependent repos count: 11.6%
Average: 11.9%
Stargazers count: 15.2%
Forks count: 15.3%
Maintainers (2)
Last synced: 11 months ago
pypi.org: perimeter

Site-wide perimeter access control for Django projects.

  • Versions: 1
  • Dependent Packages: 0
  • Dependent Repositories: 1
  • Downloads: 32 Last month
Rankings
Dependent packages count: 10.0%
Stargazers count: 15.2%
Forks count: 15.4%
Average: 18.8%
Dependent repos count: 21.8%
Downloads: 31.7%
Maintainers (1)
Last synced: 11 months ago

Dependencies

pyproject.toml pypi
  • black * develop
  • coverage * develop
  • flake8 * develop
  • flake8-bandit * develop
  • flake8-blind-except * develop
  • flake8-docstrings * develop
  • flake8-logging-format * develop
  • flake8-print * develop
  • freezegun * develop
  • isort * develop
  • mypy * develop
  • pre-commit * develop
  • pytest * develop
  • pytest-cov * develop
  • pytest-django * develop
  • tox * develop
  • django ^2.2 || ^3.0 || ^4.0
  • python ^3.7
.github/workflows/tox.yml actions
  • actions/checkout v2 composite
  • actions/setup-python v1 composite