Django Rest Framework Permissions
The following is an example of a permission class that checks the incoming request’s IP address against a blacklist, and denies the request if the IP has been blacklisted.
<span class="kwd">from</span><span class="pln"> rest_framework </span><span class="kwd">import</span><span class="pln"> permissions </span><span class="kwd">class</span> <span class="typ">BlacklistPermission</span><span class="pun">(</span><span class="pln">permissions</span><span class="pun">.</span><span class="typ">BasePermission</span><span class="pun">):</span> <span class="str">""" Global permission check for blacklisted IPs. """</span> <span class="kwd">def</span><span class="pln"> has_permission</span><span class="pun">(</span><span class="kwd">self</span><span class="pun">,</span><span class="pln"> request</span><span class="pun">,</span><span class="pln"> view</span><span class="pun">):</span><span class="pln"> ip_addr </span><span class="pun">=</span><span class="pln"> request</span><span class="pun">.</span><span class="pln">META</span><span class="pun">[</span><span class="str">'REMOTE_ADDR'</span><span class="pun">]</span><span class="pln"> blacklisted </span><span class="pun">=</span> <span class="typ">Blacklist</span><span class="pun">.</span><span class="pln">objects</span><span class="pun">.</span><span class="pln">filter</span><span class="pun">(</span><span class="pln">ip_addr</span><span class="pun">=</span><span class="pln">ip_addr</span><span class="pun">).</span><span class="pln">exists</span><span class="pun">()</span> <span class="kwd">return</span> <span class="kwd">not</span><span class="pln"> blacklisted</span>