Django authentication-based session expiration
Project description
=============
Django Expire
=============
A Django application which provides authentication-based session expiration.
To install this application into your project, first add it to your
``INSTALLED_APPS`` setting (and run ``manage.py syncdb``)::
INSTALLED_APPS = (
...
'django_expire',
)
Next, add the expiration middleware to your ``MIDDLEWARE_CLASSES`` setting,
placing it after both the ``session`` and ``auth`` middleware.::
MIDDLEWARE_CLASSES = (
...
'django_expire.middleware.ExpireMiddleware',
)
What it does
============
For every request by an authenticated user, a check is run to ensure the number
of other sessions also belonging to the user does not exceed the allowed
maximum.
This maximum defaults to ``1``, but you can provide a ``EXPIRE_MAX_USERS``
setting to override this default (a setting of ``0`` allows an unlimited
amount of users per session).
If a user has exceeded the number of sessions they are allowed, the excessive
sessions are removed (effectively logging the user out of these now invalidated
sessions).
Changing expiration settings per user
=====================================
The ``django_expire.signals.expire_check`` allows you to change the
expiration settings at a per-user level.
The signal is sent before any tests are run, along with a settings dictionary
containing a single ``max_users`` key. Signal handlers may change the value
of the dictionary to alter the settings for this user.
An example handler (which is not automatically connected) can be found in
``django_expire.signals.superuser_handler which demonstrates allowing
superusers an unlimited number of sessions.
Django Expire
=============
A Django application which provides authentication-based session expiration.
To install this application into your project, first add it to your
``INSTALLED_APPS`` setting (and run ``manage.py syncdb``)::
INSTALLED_APPS = (
...
'django_expire',
)
Next, add the expiration middleware to your ``MIDDLEWARE_CLASSES`` setting,
placing it after both the ``session`` and ``auth`` middleware.::
MIDDLEWARE_CLASSES = (
...
'django_expire.middleware.ExpireMiddleware',
)
What it does
============
For every request by an authenticated user, a check is run to ensure the number
of other sessions also belonging to the user does not exceed the allowed
maximum.
This maximum defaults to ``1``, but you can provide a ``EXPIRE_MAX_USERS``
setting to override this default (a setting of ``0`` allows an unlimited
amount of users per session).
If a user has exceeded the number of sessions they are allowed, the excessive
sessions are removed (effectively logging the user out of these now invalidated
sessions).
Changing expiration settings per user
=====================================
The ``django_expire.signals.expire_check`` allows you to change the
expiration settings at a per-user level.
The signal is sent before any tests are run, along with a settings dictionary
containing a single ``max_users`` key. Signal handlers may change the value
of the dictionary to alter the settings for this user.
An example handler (which is not automatically connected) can be found in
``django_expire.signals.superuser_handler which demonstrates allowing
superusers an unlimited number of sessions.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file django-expire-1.0-alpha-1.tar.gz
.
File metadata
- Download URL: django-expire-1.0-alpha-1.tar.gz
- Upload date:
- Size: 3.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3a7ff3e6e72fdaef172b8c6c90f4bcfffab90888f7fc771f9a96b59427380460 |
|
MD5 | bf8180d591fde13ecda2e54ae2ef2973 |
|
BLAKE2b-256 | ced411fbe2ee0d766304eb5b96a96a65edc65dfe023e316ddd866f3ba172f9e4 |