I have made a page for admins to set a user account to inactive, but I
noticed that the user's session continues if he is logged in. It
appears that the is_active field is only checked when the user logs
in, not when each request is authenticated. Is there an easy way to
log a user out when his account is made inactive? Also, should the
auth system check is_active on every authenticated request, and should
this be considered a bug in the auth app?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to