Django Forbid aims to make website access managed and secure for the maintainers. It provides a middleware to grant or deny user access based on device and/or location. It also supports VPN detection for banning users who want to lie about their country and geolocation. Also, users can use only the VPN detection feature or disable it.
python -m pip install django-forbidAdd the django_forbid.apps.ForbidConfig to your INSTALLED_APPS in your Django project's settings.py file.
INSTALLED_APPS = [
..., # other apps
'django_forbid.apps.ForbidConfig',
]Also, add the django_forbid.middleware.ForbidMiddleware to the MIDDLEWARE list of the project.
MIDDLEWARE = [
..., # other middlewares
'django_forbid.middleware.ForbidMiddleware',
]Configuring the GEOIP_PATH variable in your project's settings is important. This variable should contain the path to
the GeoLite2 database file. You should download the database and
follow the Django documentation for proper
configuration.
After connecting the Django Forbid to your project, you can define the set of desired zones to be forbidden or allowed.
All you need is to set the DJANGO_FORBID variable in your project's settings. It should be a dictionary with the
following keys:
DEVICES- list of devices to permit or forbid access toCOUNTRIES- list of countries to permit or forbid access toTERRITORIES- list of territories to permit or forbid access toOPTIONS- a dictionary for additional settingsVPN- use VPN detection and forbid access to VPN usersURL- set of URLs to redirect to when the user is located in a forbidden country or using a VPNFORBIDDEN_LOC- the URL to redirect to when the user is located in a forbidden geolocationFORBIDDEN_NET- the URL to redirect to when the user is using a forbidden network (VPN)FORBIDDEN_DEV- the URL to redirect to when the user is using a forbidden device
The available device types are: smartphone, peripheral - refers to all hardware components that are attached to a
computer, wearable - common types of wearable technology include smartwatches and smartglasses, phablet - a
smartphone having a larger screen, console - PlayStation, Xbox, etc., display, speaker - Google Assistant, Siri,
Alexa, etc., desktop, tablet, camera, player - iPod, Sony Walkman, Creative Zen, etc., phone, car - refers
to a car browser and tv - refers to TVs having internet access.
DJANGO_FORBID = {
'DEVICES': ['desktop', 'smartphone', 'console', 'tablet', 'tv'],
'COUNTRIES': ['US', 'GB'],
'TERRITORIES': ['EU'],
'OPTIONS': {
'VPN': True,
'URL': {
'FORBIDDEN_LOC': 'forbidden_location',
'FORBIDDEN_NET': 'forbidden_network',
'FORBIDDEN_DEV': 'forbidden_device',
},
},
}The available country codes in the required ISO 3166 alpha-2 format are
listed here. And the available continent codes (territories) are: AF -
Africa, AN - Antarctica, AS - Asia, EU - Europe, NA - North America, OC - Oceania and SA - South America.
None of the settings are required. If you don't specify any settings, the middleware will not do anything.
Any contribution is welcome. If you have any ideas or suggestions, feel free to open an issue or a pull request. And don't forget to add tests for your changes.
Copyright (C) 2023 Artyom Vancyan. MIT