On Oct 5, 2:59 pm, ptone <[email protected]> wrote: > 13125 was wontfixed by Jacob at the end of the summer, this relates to > the login_required decorator not checking for user.is_active > > I had opened a duplicate ticket 16996 before catching it as a dupe > > I'm going to dredge this one back up.
... > I think that there would be pretty universal agreement about the > expectation of what should happen if you make a previously active user > inactive with regard to their access to @login_required protected > views. Shortening session times, seems like a really unpalatable > workaround for sites that have chosen longer/default session > expiration times. If we are talking about work-arounds, have you seen this middleware? This does the job perfectly for me and it is so simple: http://djangosnippets.org/snippets/1105/ Regards, BN -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
