Login

StrictAuthentication - Auto log-out inactive users

Author:
yeago
Posted:
October 2, 2008
Language:
Python
Version:
1.0
Score:
1 (after 1 ratings)

This dead-simple piece of middleware adds a terrific security feature to django authentication. Currently, users who's accounts are de-activated still may have a cookie and a login session. This middleware destroys that session on their next request.

Simply add this class into a middleware.py and add it to your settings.

1
2
3
4
5
6
from django.contrib.auth import logout

class StrictAuthentication:
        def process_view(self,request,view_func,view_args,view_kwargs):
                if request.user.is_authenticated() and not request.user.is_active:
                        logout(request)

More like this

  1. Treat empty value on DateRangeFilter as a filter for non filled dates by kmmbvnr 1 month, 1 week ago
  2. Django Settings Assignment Expressions aka Walrus Operator example by webology 2 months, 1 week ago
  3. codigo alto nivel by MrRocklion 4 months ago
  4. Load template from specific app by Krzysiek555 4 months, 3 weeks ago
  5. PostgreSQL JSON subqueries by dolamroth 4 months, 3 weeks ago

Comments

Please login first before commenting.