neilmock/ssl.py

## ssl.py
# SSL redirect middleware
#
# Use as follows in url configs:
#
# (r'^registration/', include('myapp.registration.urls'), {'SSL':True}),

from django.conf import settings
from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, get_host

SSL = 'SSL'

class SSLRedirect:
    def process_request(self, request):
        ssl_force = getattr(settings, 'SSL_FORCE', None)
        if settings.SSL_ENABLED and ssl_force:
            if not self._is_secure(request):
                return self._redirect(request, True)
        return None

    def process_view(self, request, view_func, view_args, view_kwargs):
        if SSL in view_kwargs:
            secure = view_kwargs[SSL]
            del view_kwargs[SSL]
        else:
            # none means I don't care if its secure or not, just let the request through
            return None

        if (not secure == self._is_secure(request)) and settings.SSL_ENABLED:
            return self._redirect(request, secure)

    def _is_secure(self, request):
        if request.is_secure():
            return True

        #Handle the Webfaction case until this gets resolved in the request.is_secure()
        if 'HTTP_X_FORWARDED_SSL' in request.META:
            return request.META['HTTP_X_FORWARDED_SSL'] == 'on'

        return False

    def _redirect(self, request, secure):
        protocol = secure and "https" or "http"
        newurl = "%s://%s%s" % (protocol,get_host(request),request.get_full_path())
        if settings.DEBUG and request.method == 'POST':
            raise RuntimeError, \
        """Django can't perform a SSL redirect while maintaining POST data.
           Please structure your views so that redirects only occur during GETs."""

        return HttpResponsePermanentRedirect(newurl)
	# SSL redirect middleware
	#
	# Use as follows in url configs:
	#
	# (r'^registration/', include('myapp.registration.urls'), {'SSL':True}),

	from django.conf import settings
	from django.http import HttpResponseRedirect, HttpResponsePermanentRedirect, get_host

	SSL = 'SSL'

	class SSLRedirect:
	def process_request(self, request):
	ssl_force = getattr(settings, 'SSL_FORCE', None)
	if settings.SSL_ENABLED and ssl_force:
	if not self._is_secure(request):
	return self._redirect(request, True)
	return None

	def process_view(self, request, view_func, view_args, view_kwargs):
	if SSL in view_kwargs:
	secure = view_kwargs[SSL]
	del view_kwargs[SSL]
	else:
	# none means I don't care if its secure or not, just let the request through
	return None

	if (not secure == self._is_secure(request)) and settings.SSL_ENABLED:
	return self._redirect(request, secure)

	def _is_secure(self, request):
	if request.is_secure():
	return True

	#Handle the Webfaction case until this gets resolved in the request.is_secure()
	if 'HTTP_X_FORWARDED_SSL' in request.META:
	return request.META['HTTP_X_FORWARDED_SSL'] == 'on'

	return False

	def _redirect(self, request, secure):
	protocol = secure and "https" or "http"
	newurl = "%s://%s%s" % (protocol,get_host(request),request.get_full_path())
	if settings.DEBUG and request.method == 'POST':
	raise RuntimeError, \
	"""Django can't perform a SSL redirect while maintaining POST data.
	Please structure your views so that redirects only occur during GETs."""

	return HttpResponsePermanentRedirect(newurl)