Hi Avraham, Thanks for the recommendation. Will take a look at the package.
Thanks. On Monday, August 20, 2018 at 1:00:03 PM UTC+5:30, Avraham Serour wrote: > > maybe something like this could be useful for your use case: > https://pypi.org/project/django-session-timeout/ > it has an option for SESSION_EXPIRE_AFTER_LAST_ACTIVITY > > > maybe this could also be useful for you: > https://django-session-security.readthedocs.io/en/latest/ > > > > On Mon, Aug 20, 2018 at 8:34 AM Web Architect <pina...@gmail.com > <javascript:>> wrote: > >> Hi Jason, >> >> Thanks for your response. >> >> As mentioned in my earlier post...I have a long expiry date for the >> sessions (and hence, the cookies) as we want our users to be always logged >> in or in session (till they clear their cookies). And that's what is >> causing the issue. >> >> The goal is to keep the regular users logged in whereas flush out the non >> active users (even if their sessions haven't expired). Hence, was looking >> for a solution for the same. >> >> Thanks. >> >> On Saturday, August 18, 2018 at 5:39:19 PM UTC+5:30, Jason wrote: >>> >>> With database sessions out of the box, no. >>> >>> >>> https://github.com/django/django/blob/master/django/contrib/sessions/base_session.py >>> >>> You can see there are three attributes for a session model: key, data >>> and expire_date >>> >>> That said, since sessions are backed by browser cookies, django's >>> default is two weeks for session cookies as you can see at >>> https://docs.djangoproject.com/en/2.1/ref/settings/#std:setting-SESSION_COOKIE_AGE, >>> >>> which are used here: >>> https://github.com/django/django/blob/master/django/contrib/sessions/backends/base.py#L225-L244 >>> >>> So if you haven't altered that, all sessions expire in two weeks, and >>> you can just delete those expired sessions by using the clearsessions >>> management command >>> <https://github.com/django/django/blob/master/django/contrib/sessions/management/commands/clearsessions.py> >>> . >>> >>> if you have changed that, then what Hemendra suggested above seems like >>> a reasonable approach, but one that is not backwards compatible if you >>> don't have a timestamp field for last access >>> >>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users...@googlegroups.com <javascript:>. >> To post to this group, send email to django...@googlegroups.com >> <javascript:>. >> Visit this group at https://groups.google.com/group/django-users. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/4794450f-ad83-4a00-96e3-f354745b322b%40googlegroups.com >> >> <https://groups.google.com/d/msgid/django-users/4794450f-ad83-4a00-96e3-f354745b322b%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/c8c48fbf-e381-4867-ba7b-94e62c7dce1e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
