Answer the question
In order to leave comments, you need to log in
S
S
softshape2015-04-03 12:18:59
softshape, 2015-04-03 12:18:59
How to forcefully log out a user in Django?
Hello everyone,
the situation is - the user is logged in on three computers under one login. On one of them he changed his password. On the other two, he must be forcibly logged out (in other words, the next time he requests the site, he will see him as an anonymous user).
How to do it? Are there native ways in Django to do this?
4 answer(s)
@kazmiruk
@AloneCoder
@softshape
K
kazmiruk, 2015-04-03 @kazmiruk
It is done quite simply: the field to which the session should be sensitive is sewn into the hash. In your case the password. It turns out that when the user changes the password, then all the old sessions will become invalid automatically and nothing will have to be sorted out.
M
Max, 2015-04-03 @AloneCoder
There seems to be no native methods.
You can do this in different ways: you can iterate over all sessions, but this is inefficient;
you can create the last_login_date and force_logout_date fields for the user and compare them
S
softshape, 2015-04-03 @softshape
Google pointed me to the update_session_auth_hash() method - isn't that it, by any chance?
Similar questions
J
U
C
D
U
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question