Extra security for your sensitive pages
Project description
What is this for?
Elevate provides an extra layer of security beyond initial user authentication. Views can be decorated with @elevate_required, and then users must re-authenticate to access that resource. This might be useful for deleting objects, canceling subscriptions, and other sensitive operations. After re-authentication, the user has elevated permissions for the duration of ELEVATE_COOKIE_AGE. This duration is independent of the normal session duration, allowing for short elevated permission durations while still retaining long user sessions.
Installation
$ pip install django-elevate
Compatibility
Django 2.2, 3.1, and 3.2
Python 3.5 - 3.9
pypy3
Resources
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
django-elevate-2.0.2.tar.gz
(7.6 kB
view hashes)
Built Distribution
Close
Hashes for django_elevate-2.0.2-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 15c55bab312b2e58418f4c583090779dc2c6d19b459f12ee9caca5b012e31035 |
|
MD5 | eaa1374d49895235962024deb47aa28f |
|
BLAKE2b-256 | 71bb3ce6129fa23384f8fa3b4f0820d5bd24774f62b1acc2c8a8dfa33e49cc17 |