A little javascript and middleware work together to ensure that the user was active during the past X minutes in any tab he has open. Otherwise, display a warning leaving a couple of minutes to show any kind of activity like moving the mouse. Otherwise, logout the user.
Hello. I'm try to subclass the SessionSecurityMiddleware middleware so that I can use it on something other than users authenticated with Django's auth framework. Most of the logic in process_request still applies, but I'd have to copy all of that over to my subclassed middleware in order to bypass the is_authenticated check.
This PR moves that check into a method on the middleware class so subclasses can just override that if they want to handle authentication a little differently. It also does the same for the call to django.contrib.auth.logout for the same reason.
Hello. I'm try to subclass the
SessionSecurityMiddlewaremiddleware so that I can use it on something other than users authenticated with Django'sauthframework. Most of the logic inprocess_requeststill applies, but I'd have to copy all of that over to my subclassed middleware in order to bypass theis_authenticatedcheck.This PR moves that check into a method on the middleware class so subclasses can just override that if they want to handle authentication a little differently. It also does the same for the call to
django.contrib.auth.logoutfor the same reason.Thanks!