Please note I've already consulted [email protected] about this and Jacob told me to post it here if I wanted to.
One problem with authenticated sessions is that, upon de-activation of a user's account, any sessions that user has remain live until they logout. I think it would be a good idea to add a middleware to auth which checked is_active and, if it was found to be False, redirected the user to the logout url. Indeed it may look something like this: http://dpaste.com/184192/ -Steve -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
