A Djangoic method of checking if it is an allowed subdomain
I have to solve this little problem in Python/Django and I'm wondering which is the best way to go about it.
I have a list of allowed domains e.g. www.google.com
, mail.google.com
. I would like to check if a domain is allowed or not. Now, a request from either www.google.com
is valid, and a request from mail.google.com
is valid too.
However, I would like to count www
as a wildcard which means t开发者_C百科hat if I had the same list of allowed domains as above, A request from docs.google.com
would be considered valid and so a request from google.com
even though they don't exist in the list but since www.google.com
exists and www.
is a leading wildcard, both domains match.
What would be the best way to implement this? Here's a snippet of mine where I'm trying to implement this:
def dispatch(self, request, *args, **kwargs):
url = request.REQUEST['url']
host = urlparse.urlparse(url).netloc.lower().strip()
domains = [domain.host.lstrip('www.') for domain in Domain.objects.all()]
for domain in domains:
if host.endswith(domain):
return super(ProcessRequestView, self).dispatch(request, *args, **kwargs)
return HttpResponseForbidden()
My Domain
model has just one field, called host
. This solution of mine make just one DB hit but I'm sure if it's the best or the most efficient.
Thanks
First of all if i would like to use wildcard it would not be "www" since www is nothing but a subdomain.
For example if i would like to let all google domains my record would be ".google.com". This would show for example www.google.com.au as not allowed. It's possible for you to put wildcard to the end but then google.com.example.com would be allowed which is not good idea. Or maybe you would like to allow all UK sites with domain name ending with co.uk with ".co.uk" record.
Thus you should be looking for subdomains specific to general:
Lest assume the domain name is docs.google.co.uk and you have only the ".co.uk" record.
Query for docs.google.co.uk - check whether full host name allowed or not.
Query for .docs.google.co.uk in case of any wildcard definition
Query for .google.co.uk
Query for .co.uk - Bingo you find a wildcard, its allowed!
Anyway, in your code you are selecting every domain objects from db and then looking for appropriate domain name with a loop. This operation would unnecessarily slow down your process. Instead of selecting them all you should let database to handle the elimination of not related domains.
def dispatch(self, request, *args, **kwargs):
url = request.REQUEST['url']
host = urlparse.urlparse(url).netloc.lower().strip()
domains = Domain.objects.filter(domain=host)
if len(domains):
return super(ProcessRequestView, self).dispatch(request, *args, **kwargs)
else:
newHost = '.%s' %host
dotPosition = -1
for i in range(newHost.count('.')):
dotPosition = newHost.find('.', dotPosition + 1)
domains = Domain.objects.filter(domain=newHost[dotPosition:])
if len(domains):
return super(ProcessRequestView, self).dispatch(request, *args, **kwargs)
return HttpResponseForbidden()
I hope it will help.
精彩评论