Clear session data on login and logout 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
from django.contrib.auth.views import logout as original_logout
from django.contrib.auth.views import login as original_login
from django.contrib.sessions.backends.base import SessionBase

def alt_logout(request, *args, **kwargs):
    """
    Info on why this exists: http://code.djangoproject.com/ticket/6941
    Clears out any session data on logout that would otherwise persist
    for any subsequent logins regardless of user_id.
    """
    for sesskey in request.session.keys():
        del request.session[sesskey]
    return original_logout(request, *args, **kwargs)

def alt_login(request, *args, **kwargs):
    """
    Info on why this exists: http://code.djangoproject.com/ticket/6941
    Clears out any session data on login that would otherwise persist
    for any subsequent logins regardless of user_id.
    Session data is only cleared if the test cookie is not present.
    If its present, the session data is already cleared and this does nothing.
    """
    if SessionBase.TEST_COOKIE_NAME not in request.session:
        for sesskey in request.session.keys():
            del request.session[sesskey]
    return original_login(request, *args, **kwargs)

More like this

  1. Session-backed FormWizard by donspaulding 4 years, 7 months ago
  2. Proper fixtures loading in south data migrations by JustDelight 2 months, 3 weeks ago
  3. clear session table by rubic 6 years, 2 months ago
  4. LoginAsForm - Login as any User without a password by johnboxall 3 years, 11 months ago
  5. StrictAuthentication - Auto log-out inactive users by yeago 4 years, 7 months ago

Comments

jb0t (on September 2, 2008):

This has now been corrected in the trunk.

http://code.djangoproject.com/changeset/8343

#

(Forgotten your password?)