如何在浏览器上使用python-django实现自动注销
[英]how to implement auto logout using python-django on browser close
问题描述
I have a use case where I want the user to get logged out when they close their browser. 
我有一个用例,我希望用户在关闭浏览器时注销。 And next time when the user visit the website, the user should be redirected to landing page / login page of my application. 下次用户访问网站时,应将用户重定向到我的应用程序的登录页面/登录页面。
From my side, I have implemented the following in django settings.py file: 就我而言,我已经在Django settings.py文件中实现了以下内容:
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_COOKIE_AGE = 40
SESSION_SAVE_EVERY_REQUEST = True
LOGOUT_REDIRECT_URL = '/logout_user/'
But this not helping. 但这无济于事。 Any idea how to achieve this scenario? 任何想法如何实现这种情况?
1 个解决方案
解决方案1
0 2018-10-22 09:22:42
The setting SESSION_EXPIRE_AT_BROWSER_CLOSE suggests to the users browser that it should discard the cookie once the browser is closed (they are called "non-persistend cookies"). 设置SESSION_EXPIRE_AT_BROWSER_CLOSE向用户浏览器建议,一旦关闭浏览器,它应该丢弃cookie(它们称为“非持久性cookie”)。
But this cannot be enforced from the server; 但这不能从服务器强制执行。 for example, there are browser extensions that allow you to keep the cookies even though they non-persistent. 例如,有些浏览器扩展允许您保留cookie,即使它们不是永久性的。 This warning can also be found in the django session docs . 这个警告也可以在django session docs中找到 。
The only sure way I know is to set an expiration date for the session (like you are doing with the setting SESSION_COOKIE_AGE ). 我知道的唯一确定的方法是设置会话的过期日期(就像您正在使用SESSION_COOKIE_AGE设置一样)。
EDIT: this question suggests using a timestamp to check for session inactivity; 编辑: 这个问题建议使用时间戳检查会话不活动; maybe there are a few useful ideas for you. 也许有一些有用的想法对您有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.