Django authentication-based session expiration
Project description
=============
Django Expire
=============
A Django application which provides authentication-based session expiration.
To install this application into your project, first add it to your
``INSTALLED_APPS`` setting (and run ``manage.py syncdb``)::
INSTALLED_APPS = (
...
'django_expire',
)
Next, add the expiration middleware to your ``MIDDLEWARE_CLASSES`` setting,
placing it after both the ``session`` and ``auth`` middleware.::
MIDDLEWARE_CLASSES = (
...
'django_expire.middleware.ExpireMiddleware',
)
What it does
============
For every request by an authenticated user, a check is run to ensure the number
of other sessions also belonging to the user does not exceed the allowed
maximum.
This maximum defaults to ``1``, but you can provide a ``EXPIRE_MAX_USERS``
setting to override this default (a setting of ``0`` allows an unlimited
amount of users per session).
If a user has exceeded the number of sessions they are allowed, the excessive
sessions are removed (effectively logging the user out of these now invalidated
sessions).
Changing expiration settings per user
=====================================
The ``django_expire.signals.expire_check`` allows you to change the
expiration settings at a per-user level.
The signal is sent before any tests are run, along with a settings dictionary
containing a single ``max_users`` key. Signal handlers may change the value
of the dictionary to alter the settings for this user.
An example handler (which is not automatically connected) can be found in
``django_expire.signals.superuser_handler which demonstrates allowing
superusers an unlimited number of sessions.
Django Expire
=============
A Django application which provides authentication-based session expiration.
To install this application into your project, first add it to your
``INSTALLED_APPS`` setting (and run ``manage.py syncdb``)::
INSTALLED_APPS = (
...
'django_expire',
)
Next, add the expiration middleware to your ``MIDDLEWARE_CLASSES`` setting,
placing it after both the ``session`` and ``auth`` middleware.::
MIDDLEWARE_CLASSES = (
...
'django_expire.middleware.ExpireMiddleware',
)
What it does
============
For every request by an authenticated user, a check is run to ensure the number
of other sessions also belonging to the user does not exceed the allowed
maximum.
This maximum defaults to ``1``, but you can provide a ``EXPIRE_MAX_USERS``
setting to override this default (a setting of ``0`` allows an unlimited
amount of users per session).
If a user has exceeded the number of sessions they are allowed, the excessive
sessions are removed (effectively logging the user out of these now invalidated
sessions).
Changing expiration settings per user
=====================================
The ``django_expire.signals.expire_check`` allows you to change the
expiration settings at a per-user level.
The signal is sent before any tests are run, along with a settings dictionary
containing a single ``max_users`` key. Signal handlers may change the value
of the dictionary to alter the settings for this user.
An example handler (which is not automatically connected) can be found in
``django_expire.signals.superuser_handler which demonstrates allowing
superusers an unlimited number of sessions.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for django-expire-1.0-alpha-1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3a7ff3e6e72fdaef172b8c6c90f4bcfffab90888f7fc771f9a96b59427380460 |
|
MD5 | bf8180d591fde13ecda2e54ae2ef2973 |
|
BLAKE2b-256 | ced411fbe2ee0d766304eb5b96a96a65edc65dfe023e316ddd866f3ba172f9e4 |