A reusable Django app that will invalidate all active sessions after change password.
Project description
A reusable Django app that will invalidate all active sessions after change password.
Since Django 1.7 this feature implemented out of the box.
Installation
Install a package.
$ pip install django-password-session
Add “password_session” to your INSTALLED_APPS setting:
INSTALLED_APPS = (
...
'password_session',
)
Add middleware:
MIDDLEWARE_CLASSES = (
...
'password_session.middleware.CheckPasswordHash',
),
Make sure that you have the following settings:
INSTALLED_APPS = (
...
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
)
AUTHENTICATION_BACKENDS = (
...
'django.contrib.auth.backends.ModelBackend',
)
MIDDLEWARE_CLASSES = (
...
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
)
To avoid logging out a user from a current session you should update the session by calling the following function directly after change a password:
from password_session import update_session_auth_hash
update_session_auth_hash(request, user)
Example view
It’s a very simple view for change password just for demonstrating how to update a current session.
from django.contrib.auth.decorators import login_required
from django.http import HttpResponse
from password_session import update_session_auth_hash
def change_password_view(request):
user = request.user
user.set_password(request.POST.get('password'))
user.save()
update_session_auth_hash(request, user)
return HttpResponse("Hello, %s! Your password has been changed!" % user.username)
Requirements
Python 2.6+ or 3+
Django>=1.3,<1.7
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for django-password-session-0.3.3.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9203604e1b82d7774eb28bef22ab42c81f227c452128c506e0a83757f9aa530e |
|
MD5 | 4c58971470f9d1492e74011c3ea91207 |
|
BLAKE2b-256 | 77e021c6c40d784726fd19c39493f9867e5738ffa0ed4a5aad6b8362602ad1e2 |