CNK's Blog

On Campus Middleware

Note this code uses regular expressions to determine if a request comes from one of our allowed IPs. This should really be reworked to use a library that does proper netmask calculations.

    class OnCampusMiddleware(MiddlewareMixin):
        Middleware sets ON_CAMPUS session variable to True if the request
        came from an campus IP or if the user is authenticated.

        2022-04-09 Storing ON_CAMPUS in the session is causing us to set a
        cookie for every request which interferes with Cloudflare caching.
        If your site is largely for anonymous users, store ON_CAMPUS in the request
        itself by adding STORE_ON_CAMPUS_IN_SESSION=False to your

            # redacted

        def check_ip(self, request):
            client_ip = get_client_ip(request)

            if client_ip:
                for ip_regex in self.CAMPUS_ADDRESSES:
                    if re.match(ip_regex, client_ip):
                        return True
            return False

        def process_request(self, request):
            # A user is considered "on campus" if they are visiting from a campus IP, or are logged in
            # to the site.
            if getattr(settings, 'STORE_ON_CAMPUS_IN_SESSION', True):
                request.session['ON_CAMPUS'] = request.user.is_authenticated or self.check_ip(request)
                request.on_campus = request.user.is_authenticated or self.check_ip(request)
            return None

Then to use this in a Django project:

        # Normal Django middle ware stack
        # Sets request.on_campus = True for logged-in users, and for visitors who come from a campus IP.
        # Set STORE_ON_CAMPUS_IN_SESSION to False to prevent setting cookies for anonymous users.