Compatible Django Middleware

Django 1.10 added a new style of middleware with a different interface and a new setting called MIDDLWARE instead of MIDDLEWARE_CLASSES. Creating a class that supports both is easy enough with MiddlewareMixin, but that only works with Django 1.10 and above. What if you want to create middleware that can work with all versions of Django so it can be easily shared?

Writing a compatible middleware is not too hard. The trick is having a fallback for when the import fails on any earlier versions of Django. I couldn’t find a full example anywhere and it took me a few attempts to get it just right, so I thought I’d share my results to save you some time.

import os

from django.core.exceptions import MiddlewareNotUsed
from django.shortcuts import redirect

try:
    from django.utils.deprecation import MiddlewareMixin
except ImportError:
    MiddlewareMixin = object

class CompatibleMiddleware(MiddlewareMixin):
    def __init__(self, *args, **kwargs):
        if os.getenv('DISABLE_MIDDLEWARE'):
            raise MiddlewareNotUsed('DISABLE_MIDDLEWARE is set')

        super(CompatibleMiddleware, self).__init__(*args, **kwargs)

    def process_request(self, request):
        if request.path == '/':
            return redirect('/hello')

    def process_response(self, request, response):
        return response

CompatibleMiddleware can now be used in both MIDDLWARE and MIDDLEWARE_CLASSES. It should also work with any version of Django so it’s easier to share.

Staying Safe Online

I have seen a few “staying safe online” guides lately. I wrote one of my own a while back after some of my friends were threatened online and got worried. This guide should be a good starting point for most common casual internet users. It’s important to remember that no matter what you do if it’s online, it can be hacked.

  • Never reuse passwords
    • Some websites are easier to hack than others
    • Hackers will try the same password on other websites
    • Use LastPass for easier management
  • Don’t use simple passwords
    • Hackers guess passwords all the time
    • There are easy automatic tools that enumerate all password options
    • Don’t use your name, birthday, SSN, or any public information in passwords
  • Keep your computer & phone up-to-date
    • Old software has known and easily exploitable vulnerabilities
  • Never click links in emails
    • Clicking the wrong link can give control of your accounts to hackers
    • Manually browse to the website even if the email looks legit
  • Always logout on public computers
    • Preferably never login on public computers in the first place
    • Data can be linger even after logging out
    • Some public computers record your passwords
  • If it was put online, it will stay online
  • Any private information shared can help hacking
    • Your name and birth year can be enough to guess your SSN

Securing Facebook

  • Click the little lock icon on top and follow instructions
    • Set everything to private
    • Hide your birth year
  • Click the little triangle on the top right and choose Settings
    • Enable login alerts to be notified of hacks
    • Enable login approvals
    • Enable trusted contacts in case your account is hacked

Securing Google Account

Lorena Kichik

I don’t know why or how, but Google seems to think my little blog is worth something. Terms like “quake flag”, “triple double u”, “the green wire” , “atomic codes” and even “mr. angry pants” return some of my posts in the top 10 results and sometimes even as the first result. NSIS seems to share the same glory with terms like “java runtime download”, “strstr”, “exch”, “createmutex”, “iis version”, “messagebox”, “steam account” and even “windows critical update”. This Google love is very nice and helpful for NSIS but it doesn’t get too much of my attention span when it comes to this blog. People searching for my name or nickname find it as the first result and that’s good enough for me.

However, out of pure curiosity, I’ve decided to perform a little Google experiment. Searching for “kichik” results in my blog and some pages concerning a beautiful actress named Lorena Kichik. Her profile states she’s latin or middle eastern, so I’m not so sure how she ended up with Hungarian or Pakistani last name, but that’s another story. I’m not exactly sure what I’m going to figure out here, but I wanted to know what happens if I directly mention her in my blog. Will this post show up when searching for her name? Will it show when searching for mine? Which would come first – my post or her Facebook or IMDB profile?

Let the games begin!