Getting POST request IP address in Django

In Django web applications, tracking the IP address of POST requests is essential for security monitoring, rate limiting, and access control. The django-ipware package provides a reliable way to extract client IP addresses from HTTP requests.

Installation

First, install the django-ipware package using pip ?

pip install django-ipware

No additional configuration is required after installation.

Creating the HTML Template

Create a simple HTML form in templates/home.html to test POST requests ?

<!DOCTYPE html>
<html>
    <head>
        <title>IP Address Tracker</title>
    </head>
    <body>
        <h1>Test POST Request</h1>
        <form method="post" action="/">
            {% csrf_token %}
            <input type="text" name="message" placeholder="Enter a message" />
            <input type="submit" value="Submit" />
        </form>
    </body>
</html>

URL Configuration

Configure the URL pattern in your app's urls.py file ?

from django.urls import path
from . import views

urlpatterns = [
    path('', views.home, name='home'),
]

View Implementation

Implement the view function to capture and display the client IP address ?

from django.shortcuts import render
from django.http import HttpResponse
from ipware import get_client_ip

def home(request):
    if request.method == "POST":
        # Extract client IP address
        client_ip, is_routable = get_client_ip(request)
        
        # Display IP information
        print(f"Client IP: {client_ip}")
        print(f"Is routable: {is_routable}")
        
        # Return response with IP info
        return HttpResponse(f"Your IP address is: {client_ip}")
    
    return render(request, 'home.html')

Understanding the get_client_ip() Function

The get_client_ip() function returns two values ?

• client_ip: The actual IP address of the client
• is_routable: Boolean indicating if the IP is publicly routable (False for localhost/private IPs)

Example Output

When testing on localhost, you'll see output similar to this ?

Client IP: 127.0.0.1
Is routable: False
[23/Aug/2021 13:34:58] "POST / HTTP/1.1" 200 9999

Common Use Cases

Here are practical applications for IP tracking ?

from django.shortcuts import render
from django.http import JsonResponse
from ipware import get_client_ip
from collections import defaultdict

# Simple rate limiting example
request_counts = defaultdict(int)

def rate_limited_view(request):
    if request.method == "POST":
        client_ip, is_routable = get_client_ip(request)
        
        # Track requests per IP
        request_counts[client_ip] += 1
        
        # Block if too many requests
        if request_counts[client_ip] > 10:
            return JsonResponse({
                'error': 'Too many requests from your IP',
                'ip': client_ip
            }, status=429)
        
        return JsonResponse({
            'success': True,
            'ip': client_ip,
            'request_count': request_counts[client_ip]
        })
    
    return render(request, 'home.html')

Handling Proxy Servers

The django-ipware package automatically handles common proxy headers like X-Forwarded-For and X-Real-IP, making it reliable for production environments behind load balancers or CDNs.

Conclusion

The django-ipware package provides a simple and reliable way to extract client IP addresses from Django POST requests. Use this for security monitoring, rate limiting, and access control in your web applications.