diff options
Diffstat (limited to 'yaksh/middleware/one_session_per_user.py')
| -rw-r--r-- | yaksh/middleware/one_session_per_user.py | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/yaksh/middleware/one_session_per_user.py b/yaksh/middleware/one_session_per_user.py new file mode 100644 index 0000000..92e888d --- /dev/null +++ b/yaksh/middleware/one_session_per_user.py @@ -0,0 +1,35 @@ +from django.contrib.auth.models import User +from django.contrib.sessions.models import Session + +from yaksh.models import ConcurrentUser + + +class OneSessionPerUserMiddleware(object): + """ + Middleware to handle multiple logins with same credentials + - Creates a Database entry to record the current user and active session key + - Checks if the current user has already been logged in. If True, the new session + key is stored with respect to the user and the old session key is deleted, + effectively terminating the older session for the same user. + - The concurrentuser attribute of the User model refers to the ConcurrentUser + model object and not the concurrent_user field due to behaviour described + in the Documentation + Link: https://docs.djangoproject.com/en/1.5/topics/auth/customizing/#extending-the-existing-user-model) + """ + def process_request(self, request): + if isinstance(request.user, User): + current_key = request.session.session_key + # + # Documentation: + # https://docs.djangoproject.com/en/1.5/topics/auth/customizing/#extending-the-existing-user-model + if hasattr(request.user, 'concurrentuser'): + active_key = request.user.concurrentuser.session_key + if active_key != current_key: + Session.objects.filter(session_key=active_key).delete() + request.user.concurrentuser.session_key = current_key + request.user.concurrentuser.save() + else: + ConcurrentUser.objects.create( + concurrent_user=request.user, + session_key=current_key, + )
\ No newline at end of file |