32👍
You can log them out using
from django.contrib.auth import logout
if <your authentication validation logic>:
logout(request)
… from within any view.
logout() Django docs here.
1👍
In addition to the login_required decorator, you could use the user_passes_test decorator to test if the user is still active.
from django.contrib.auth import user_passes_test
def is_user_active(user):
return user.is_active
@user_passes_test(is_user_active, login_url='/your_login')
def your_function(request):
....
- [Django]-Does Django queryset values_list return a list object?
- [Django]-Pagination in Django-Rest-Framework using API-View
- [Django]-How to get superuser details in Django?
1👍
You can use a session backend that lets you query and get the sessions of a specific user. In these session backends, Session has a foreign key to User, so you can query sessions easily:
- django-qsessions (based on django’s
db,cached_dbsession backends) - django-user-sessions (based on django’s
dbsession backend)
Using these backends, deleting all sessions of a user can be done in a single line of code:
# log-out a user
user.session_set.all().delete()
Disclaimer: I am the author of django-qsessions.
- [Django]-Getting a list of errors in a Django form
- [Django]-Django accessing ForeignKey model objects
- [Django]-ForeignKey to multiple Models or Queryset
Source:stackexchange.com