Django snippets: StrictAuthentication - Auto log-out inactive users

from django.contrib.auth import logout

class StrictAuthentication:
        def process_view(self,request,view_func,view_args,view_kwargs):
                if request.user.is_authenticated() and not request.user.is_active:
                        logout(request)

More like this

Super User Conditional Page Exception Reporting by zbyte64 3 years, 6 months ago
Add httponly to session cookie by rodolfo.3 1 year, 10 months ago
Require login by url by zbyte64 3 years, 6 months ago
Cookieless Session Middleware by juliocarlos 3 years, 2 months ago
Strip Google Analytics cookies for caching middleware purposes by nf 2 years, 3 months ago

This dead-simple piece of middleware adds a terrific security feature to django authentication. Currently, users who's accounts are de-activated still may have a cookie and a login session. This middleware destroys that session on their next request.

Simply add this class into a middleware.py and add it to your settings.

Author:: yeago
Posted:: October 2, 2008
Language:: Python
Django Version:: 1.0
Tags:: middleware sessions authentication security
Score:: 1 (after 1 ratings)

Django snippets

StrictAuthentication - Auto log-out inactive users

More like this

Tools

Comments

Snippets

About