Metadata-Version: 1.1
Name: django-basic-auth-ip-whitelist
Version: 0.2
Summary: Hide your Django site behind basic authentication mechanism with IP whitelisting support.
Home-page: https://gitlab.com/tmkn/django-basic-auth-ip-whitelist
Author: Tomasz Knapik
Author-email: me@tmkn.org
License: BSD 2-Clause License
Description: django-basic-auth-ip-whitelist
        ==============================
        
        This simple package ships middleware that lets you to set basic auth and
        IP whitelisting via settings.
        
        Use case
        --------
        
        This package has been created in mind for staging and demo sites that
        need to be completely hidden from the Internet behind a password or IP
        range.
        
        Requirements
        ------------
        
        -  Django 1.11 or 2.0
        -  Python 3.4, 3.5, 3.6
        
        Installation
        ------------
        
        The package is on
        `PyPI <https://pypi.org/project/django-basic-auth-ip-whitelist/>`__.
        
        .. code:: sh
        
           pip install django-basic-auth-ip-whitelist
        
        Configuration
        -------------
        
        In your Django settings you can configure the following settings.
        
        ``BASIC_AUTH_LOGIN`` and ``BASIC_AUTH_PASSWORD``
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        Credentials that you want to use with your basic authentication.
        
        ``BASIC_AUTH_WHITELISTED_IP_NETWORKS``
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        Set a list of network ranges (strings) compatible with Python’s
        `ipaddress.ip_network <https://docs.python.org/3.6/library/ipaddress.html#ipaddress.ip_network>`__
        that you want to be able to access the website without authentication
        from. It must be either a string with networks separated by comma or
        Python iterable.
        
        ``BASIC_AUTH_REALM``
        ~~~~~~~~~~~~~~~~~~~~
        
        String specifying the realm of the default response.
        
        Example settings
        ~~~~~~~~~~~~~~~~
        
        .. code:: python
        
           MIDDLEWARE += [
               'baipw.middleware.BasicAuthIPWhitelistMiddleware'
           ]
           BASIC_AUTH_LOGIN = 'somelogin'
           BASIC_AUTH_PASSWORD = 'greatpassword'
           BASIC_AUTH_WHITELISTED_IP_NETWORKS = [
               '192.168.0.0/28',
               '2001:db00::0/24',
           ]
        
        Advanced customisation
        ----------------------
        
        Getting IP
        ~~~~~~~~~~
        
        If you want to have a custom behaviour when getting IP, you can create a
        custom function that takes request as a parameter and specify path to it
        in the ``BASIC_AUTH_GET_CLIENT_IP_FUNCTION`` settings, e.g.
        
        .. code:: python
        
           BASIC_AUTH_GET_CLIENT_IP_FUNCTION = 'utils.ip.get_client_ip'
        
        
        ``BASIC_AUTH_WHITELISTED_HTTP_HOSTS``
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        Set a list of hosts that your website will be open to without basic
        authentication. This is useful if your website is hosted under multiple domains
        and you want only one of them to be publicly visible, e.g. by search engines.
        
        **This is by no means a security feature. Please do not use to secure your
        site.**
        
        .. code:: python
        
           BASIC_AUTH_WHITELISTED_HTTP_HOSTS = [
               'your-public-domain.com',
           ]
        
        ``BASIC_AUTH_RESPONSE_TEMPLATE``
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        If you want to display a different template on the 401 page, please use this
        setting to point at the template.
        
        .. code:: python
        
           BASIC_AUTH_RESPONSE_TEMPLATE = '401.html'
        
        
        ``BASIC_AUTH_RESPONSE_CLASS``
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        
        If you want to specify custom response class, you can do so with this setting.
        Provide the path as a string.
        
        .. code:: python
        
           BASIC_AUTH_RESPONSE_CLASS = 'yourmodule.response.CustomUnathorisedResponse'
        
        Skip middleware
        ~~~~~~~~~~~~~~~
        
        You can skip the middleware by setting
        `_skip_basic_auth_ip_whitelist_middleware_check` attribute on the request to
        `True`.
        
        .. code:: python
        
           setattr(request, '_skip_basic_auth_ip_whitelist_middleware_check', True)
        
        
        This may be handy if you have other middleware that you want to have
        co-existing different middleware that restrict access to the website.
        
Keywords: django,basic,authentication,auth,ip,whitelist,whitelisting,http
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: License :: OSI Approved
Classifier: License :: OSI Approved :: BSD License
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Topic :: Internet :: WWW/HTTP
Classifier: Framework :: Django
Classifier: Framework :: Django :: 1.11
Classifier: Framework :: Django :: 2.0
