Spaces:
Sleeping
Sleeping
File size: 2,267 Bytes
0391f27 |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 |
import time
from typing import Any
from django.utils.deprecation import MiddlewareMixin
from django.http import HttpRequest, HttpResponse
from .models import AuditLog
class SecurityHeadersMiddleware(MiddlewareMixin):
def process_response(self, request: HttpRequest, response: HttpResponse):
response.headers.setdefault("X-Content-Type-Options", "nosniff")
response.headers.setdefault("Referrer-Policy", "no-referrer-when-downgrade")
response.headers.setdefault("X-Frame-Options", "SAMEORIGIN")
# CSP tối giản; mở rộng khi cần
response.headers.setdefault("Content-Security-Policy", "default-src 'self'; img-src 'self' data:;")
return response
class AuditLogMiddleware(MiddlewareMixin):
def process_request(self, request: HttpRequest):
request._audit_start = time.perf_counter()
def process_response(self, request: HttpRequest, response: HttpResponse):
try:
path = request.path[:300]
query = request.META.get("QUERY_STRING", "")[:500]
ua = request.META.get("HTTP_USER_AGENT", "")[:300]
ip = request.META.get("REMOTE_ADDR")
latency_ms = None
start = getattr(request, "_audit_start", None)
if start is not None:
latency_ms = (time.perf_counter() - start) * 1000
intent = ""
confidence = None
data: Any = getattr(response, "data", None)
if isinstance(data, dict):
intent = str(data.get("intent") or "")[:50]
confidence_value = data.get("confidence")
try:
confidence = float(confidence_value) if confidence_value is not None else None
except (TypeError, ValueError):
confidence = None
AuditLog.objects.create(
path=path,
query=query,
user_agent=ua,
ip=ip,
status=response.status_code,
intent=intent,
confidence=confidence,
latency_ms=latency_ms,
)
except Exception:
# Không làm hỏng request nếu ghi log lỗi
pass
return response
|