def login(request, user):
"""
Persist a user id and a backend in the request. This way a user doesn't
have to reauthenticate on every request.
"""
if user is None:
user = request.user
# TODO: It would be nice to support different login methods, like signed cookies.
user.last_login = datetime.datetime.now()
if SESSION_KEY in request.session:
if request.session[SESSION_KEY] != user.username:
# To avoid reusing another user's session, create a new, empty
# session if the existing session corresponds to a different
# authenticated user.
request.session.flush()
else:
request.session.cycle_key()
request.session[SESSION_KEY] = user.username
request.session[BACKEND_SESSION_KEY] = user.backend
if request.session.get('remember_me', False):
request.session.set_expiry(config.LOGIN_REMEMBER_DAYS * 24 * 60 * 60)
if hasattr(request, 'user'):
request.user = user
user_logged_in.send(sender=user.__class__, request=request, user=user)
def login(request, user):
"""
Persist a user id and a backend in the request. This way a user doesn't
have to reauthenticate on every request.
"""
if user is None:
user = request.user
# TODO: It would be nice to support different login methods, like signed cookies.
user.last_login = datetime.datetime.now()
if SESSION_KEY in request.session:
if request.session[SESSION_KEY] != user.username:
# To avoid reusing another user's session, create a new, empty
# session if the existing session corresponds to a different
# authenticated user.
request.session.flush()
else:
request.session.cycle_key()
request.session[SESSION_KEY] = user.username
request.session[BACKEND_SESSION_KEY] = user.backend
if request.session.get('remember_me', False):
request.session.set_expiry(settings.LOGIN_REMEMBER_DAYS * 24 * 60 * 60)
if hasattr(request, 'user'):
request.user = user
user_logged_in.send(sender=user.__class__, request=request, user=user)
