I'm not sure that invalidating session based on last password change is the
right thing to do. If the password has been compromised, this effectively
enables an active attacker to deny access to the legitimate user. In case
of Django admin site this can be quite disruptive as there is no password
r
On Jan 3, 7:55 am, Zachary Voase wrote:
> At the moment it's very easy to add methods to individual models, just
> by putting a method on the model class itself which accepts 'self'.
> However, defining business logic on collections of records is
> currently pretty complicated — you have to create
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/09/2012 09:01 AM, Carl Meyer wrote:
> This is not an option because the database session backend is only one
> of many session backends.
Oh, never mind - I misunderstood the proposal. This wouldn't be
dependent on using the database session back
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/08/2012 03:57 PM, Arnoud van Heuvelen wrote:
[snip]
> 2) Build a relation table that links the sessions to the users. (Or
> use a CSV in the user object.) This could be done completely in the
> auth package. Downside is that we have to create a n
django-sendfile works fine for me too +1 to include in django
Nicola
On 9 Gen, 09:22, Thomas Guettler wrote:
> Hi,
>
> Ticket #2131 (SendFile support) is open since 6
> years:https://code.djangoproject.com/ticket/2131
>
> The implementation is stable:https://github.com/johnsensible/django-sendf
Hi,
Ticket #2131 (SendFile support) is open since 6 years:
https://code.djangoproject.com/ticket/2131
The implementation is stable: https://github.com/johnsensible/django-sendfile
I can live with current situation (sendfile is an external application). But,
maybe someone wants to close this
a
