Skip to main content

Expiry rules for Django sessions.

Project description

django-expiry

Expiry rules for Django sessions.

Installation

Install using pip

pip install django-expiry

Add expiry to your INSTALLED_APPS setting

INSTALLED_APPS = (
    ...
    'expiry',
)

Add expiry.middleware.ExpirySessionMiddleware to your middleware setting

MIDDLEWARE = (
    ...
    'expiry.middleware.ExpirySessionMiddleware',
)

Or to middleware classes if your Django is >= 1.10

MIDDLEWARE_CLASSES = (
    ...
    'expiry.middleware.ExpirySessionMiddleware',
)

The middleware will process rules and default ages for fresh sessions.

Usage

Ages

Default ages can be set for anonymous and authenticated users. When not set, the session age behaviour will default to Django.

EXPIRY_ANON_SESSION_AGE
Default: not set.

The default age of an anonymous session, in seconds.

EXPIRY_ANON_KEEP_ALIVE
Default: False

Keeps the authenticated session alive, refreshing its expiry for every request, according to its default value and rules.

EXPIRY_AUTH_SESSION_AGE
Default: not set.

The default age of an authenticated session, in seconds.

EXPIRY_AUTH_KEEP_ALIVE
Default: False

Keeps the anonymous session alive, refreshing its expiry for every request, according to its default value and rules.

Rules

A set of rules should be defined in your settings file. You can have rules for anonymous users and authenticated users, handled separately.

Expiry rules for authenticated users only

Processed whenever an user logs in. Its callable should always accept an user and a request object.

EXPIRY_AUTH_SESSION_RULES = (
    (lambda request, user: user.is_staff, 300),
    (lambda request, user: user.is_superuser, datetime.timedelta(weeks=2)),
    (lambda request, user: user.has_perms('hero'), 99999999),
)

Expiry rules for anonymous users only

Processed whenever a session is

EXPIRY_ANON_SESSION_RULES = (
    (lambda request: request.META.get('REMOTE_ADDR') == '192.168.0.1', 999)
)

Rule composition

A rule is a tuple composed by:

  • A callable or the path to a callable that will validate it
  • An expiry (seconds, datetime, timedelta)

In the examples, all rules are lambdas, but you can also send the path to a function that will validate it. For example:

EXPIRY_AUTH_SESSION_RULES = (
    ('app.module.complex_rule', datetime.timedelta(days=64)),
)

Then define the rule in that specific module:

def complex_rule(user, request):
    ...

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for django-expiry, version 0.1.0
Filename, size File type Python version Upload date Hashes
Filename, size django_expiry-0.1.0-py2-none-any.whl (4.4 kB) File type Wheel Python version py2 Upload date Hashes View
Filename, size django-expiry-0.1.0.tar.gz (3.5 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page