On Dec 10, 3:07 pm, Stodge <sto...@gmail.com> wrote: > I'm trying to limit the number of concurrent users attached to my > Django website. For example I need to implement a floating license > system. I've seen a few snippets but so far I think they all implement > a middleware. I'm trying to avoid using a middleware because I don't > want the overhead on every request and because I want to try to limit > this when the user tries to login. I only want to restrict the number > of non-admin and non-superuser users. > > I thought I could check all current sessions with expiry times in the > future but this makes the assumption that a session's expiry time will > be set to the current time when the user logs out of when they close > their browser (SESSION_EXPIRE_AT_BROWSER_CLOSE = True). However, my > understanding of the session system was incorrect and this isn't > possible. > > Any ideas how this can be implemented? > Thanks
The problem is the stateless nature of HTTP. Between requests, there's nothing that identifies to the server that the browser is still 'connected', so you can't identify how many people are passively browsing a page, and how many have turned off their computer or even just gone to another site. You're not going to be able to do it without some sort of overhead. I would suggest something like a bit of Javascript, which pings the server every 20 seconds or so while the user is on a logged-in page, to show that it is still active. But that certainly has non-trivial overhead. -- DR. -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
