how to implement auto logout using python-django on browser close
Question
I have a use case where I want the user to get logged out when they close their browser. And next time when the user visit the website, the user should be redirected to landing page / login page of my application.
From my side, I have implemented the following in django settings.py file:
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
SESSION_COOKIE_AGE = 40
SESSION_SAVE_EVERY_REQUEST = True
LOGOUT_REDIRECT_URL = '/logout_user/'
But this not helping. Any idea how to achieve this scenario?
1 answers
solution1
0 2018-10-22 09:22:42
The setting SESSION_EXPIRE_AT_BROWSER_CLOSE suggests to the users browser that it should discard the cookie once the browser is closed (they are called "non-persistend cookies").
But this cannot be enforced from the server; for example, there are browser extensions that allow you to keep the cookies even though they non-persistent. This warning can also be found in the django session docs .
The only sure way I know is to set an expiration date for the session (like you are doing with the setting SESSION_COOKIE_AGE ).
EDIT: this question suggests using a timestamp to check for session inactivity; maybe there are a few useful ideas for you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.