quick question: how to set *.domainname.com url in django - django

I know there are lots of example for how to set http://domainname.com/username
url. But how to set http://username.domainname.com url in django?
Thinking a way to have a unique url for each user as http://username.domain.com like http://garry.posterous.com/
Thanks

As the first step, you need to arrange your DNS server to serve the wildcard domain; this is completely outside Django.
When you managed to do that (i.e. dig garry.posterous.com succeeds), then simply check for the HTTP_HOST request variable in the django view routines.

see Using Subdomains with Django: http://www.rossp.org/blog/2007/apr/28/using-subdomains-django/

Related

django filefield returning localhost-prefixed URL

I'm trying not to specify the full path of the web app in the settings to make it as portable as possible.
However,
with MEDIA_URL="/media/", an URL returned from a Django FileField model is http://localhost/media/....
with MEDIA_URL="//example.com/media/", the URL returned is http://example.com/media/....
But the schema (http/s) and domain (example.com) should match those of the requesting page. How can I do this?
The Django app is served through Nginx in combination with Gunicorn.
It sounds like nginx and Django are not configured to pass and use http host name (e.g. X-Forwarded-Host header). This looks like a good answer - https://stackoverflow.com/a/58044808/6865

URLs of Azure Static Website should work without trailing /

I've created an Azure Static Website which works based on the Azure Blob Storage.
To be able to manage the automatic redirect from HTTP to HTTPs I created Azure CDN with Azure Verizon Premium subscription and I created an endpoint which
points to the URL of the static website. I followed the steps from this tutorial
If you hit the URL e.g.
https://blah.com/foo/
You will be automatically redirected to
https://blah.com/foo/index.html
This is because I set the Index document name to index.html in the Static website configuration panel.
What I want to achieve is to add the /index.html symbol to the very end of URL if it doesn't have an extension e.g.
https://blah.com/foo
https://blah.com/bar/foo
The expected result would be a redirect to:
https://blah.com/foo/index.html
https://blah.com/bar/foo/index.html
So my idea was to open the https://cdn.windowsazure.com/http/rules/default.aspx and try to create a new Rule; feature-> URL Redirect. In the TextBox near the Source label, I tried to specify the condition using Regex expression ^[^.]+$ which checks if the path contains a . If yes then it would mean the URL points to file with extension and the /index.html should be added to the end of URL. I think my Regex expression is wrong and should be different. Or maybe it is not the best way to achieve what I want?
Any ideas?
Cheers
So I tried almost everything and in the end, after adding this rule the Azure Static Webiste worked as expected:
Just further to this as I know it has an accepted answer but you won't need any redirect rule for index.html if you use a custom origin and use the static website's primary endpoint (will be something like .z8.web.core.windows.net/). For whatever reason, the CDN will treat that as a web server rather than a vanilla storage place.

HTTPS equivalent of Django's HttpResponse

For some reason I am in need of a views.py that returns only some text. Normally, i'd use HttpResponse("text") for this. However, In this case I require the text to be send over https, to counter the inevitable mixed content warning.
What is the simplest way of sending pure text via django(1.7.11) over https?
Django in the relevant docs of httprequest.build_absolute_uri reads:
Mixing HTTP and HTTPS on the same site is discouraged, therefore
build_absolute_uri() will always generate an absolute URI with the
same scheme the current request has. If you need to redirect users to
HTTPS, it’s best to let your Web server redirect all HTTP traffic to
HTTPS.
The docs make clear that
the method of communication is entirely the responsibility of the server
as Daniel Roseman commented.
My prefered choice is to force https throughout a site, however it is possible to do it only for a certain page.
The above can be achieved by either:
Upgrading to a secure and supported release of Django where the use of SECURE_SSL_REDIRECT and SecurityMiddleware will redirect all traffic to SSL
Asking your host provider an advice on how could this be implemented in their servers
Using the apache config files.
Using .htaccess to redirect a single page.
There are also other -off the road- hackish solutions like a snippet which can be used with a decorator in urls.py to force https, or a custom middleware that redirects certain urls to https.
I've run into the mixed content problems as well. From my experience, you simply can't use the HttpResponse objects without running into trouble. I was never totally sure though and eventually found a way "around" it.
My solution for it was to use the JsonResponse object instead, to return JSON strings, kind of a work-around with the views returning something like:
mytext = 'stuff blablabla'
return JsonResponse({'response_text': mytext})
Which is super easy to parse, and OK with HTTPS.
Maybe not what you're looking for, but I hope it helps you find your way.

django: Is it possible to log a user into a subdomain, from another domain?

The thing is. I have one django app serving different sites.
site1.myapp.com
site2.myapp.com
The users login via a 3rd party SSO system which is then redirected(inkl. a valdiation POST) to https://myapp.com/auth/
However. since my users all belong to only 1 "site" i would like myapp.com/auth/
to log the user into the relevant site, ex. site1.myapp.com or site2.myapp.com and then redirect them to that site…
Is this at all possible?? or should i go about this in a totally different way? :)
I should mention that when it comes to the general usage of the app I have subdomain middleware to ensure that the users always only visit the subdomain(and data) that their account is valid for.
The reason I want to use subdomains is to make it simple for the users to remember their account url, while maintaining the pros of having to maintain just one django app.
thanks. hope you can help :)
kind regards.
pete
I know this question is old, but since Google brought me here I'll add these links
This answer touches on (A) authentication across subdomains and (B) detecting which subdomain is in use to potentially redirect the user
A.1. If you want to allow all (wildcard) subdomains
*.myapp.com, this is achieved by adding one line to settings.py:
SESSION_COOKIE_DOMAIN=".myapp.com"
Detailed here (SO, 2009), here (SO, 2010) and in Django docs
Note: login now won't work on localhost, so you have two choices if
you need to log in and out on localhost:
1: comment out that line in settings.py, or
2: amend your /etc/hosts file to include the following:
127.0.0.1 localhost
127.0.0.1 dev.myapp.com
Now you can visit dev.myapp.com in your browser, and it'll actually be talking to 127.0.0.1, not your live
website. (Now, across dev.myapp.com, site1.myapp.com,
site2.myapp.com and myapp.com, if you log in/out of one, you'll be
logged in/out of them all.)
A.2. If you want to allow cross-authentication between just those two subdomains, i.e., they won't be logged into site3.myapp.com, then it gets a bit more complicated
B. To view the subdomain being used
There are fancier packages to manage subdomains in django, but you could just look crudely at request.META['HTTP_HOST']:
try:
http_host = request.META['HTTP_HOST']
# alternative: http_host = request.get_host()
except KeyError:
http_host = None
print "Can't find HTTP_HOST"
if http_host and '.myapp.com' in http_host:
subdomain = http_host.split('.myapp.com')[0]
else:
subdomain = ''
Then check if you're happy with the request.user using this subdomain.
Use something like HttpResponseRedirect to send them to a different subdomain if you like. If you've done A.1 or A.2 above, in your app's eyes, they're the same user (already logged in) in the new subdomain.myapp.com after being redirected (they don't have to log in again).
Example: if a user creates an account with ireland.myapp.com and you want to keep them always on that site, then when they try to visit usa.myapp.com, they'll still be logged in, you can identify them and send them back to ireland.myapp.com (fictitious example, not a metaphor for immigration!)
In Django you have the notion of sites. You can create your own log in view. If it's not enough, you can create your own authentification backend.

Set Cookies on subdomain?

I have the site blah.com. I need to set 3cookies + use google analytic. I would like to set it as www.blah.com so when i serve images (on blah.com or static.blah.com) it is cookie-less.
Is this possible? How do i do it? I am using jquery-cookies and asp.net
Simply set the domain attribute of the cookie to "www.blah.com"