Re: Multiple logins
On Fri, Nov 1, 2013 at 4:17 PM, Avraham Serour wrote: > are you using sqlite? No, I am using mysql. -- Amanjot Kaur Blog: kauramanjot35.wordpress.com -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAOUPv3nDD_F-3FCyHAah4pKouBFK4eYQWdu07aT1iXHsB6B4RA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Multiple logins
are you using sqlite? On Fri, Nov 1, 2013 at 6:52 AM, amanjot kaur wrote: > In my django app if two users are login in the same account and are > registering two different clients then both the clients are added > under the same client id but it should register under different client > ids. So what should I do for that. > > -- > Amanjot Kaur > > Blog: kauramanjot35.wordpress.com > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/CAOUPv3%3DLEBN%3DU6OJ-m_k8maaOtFBWS5huvLz2%2BAkUK%3DgL%3DgC-A%40mail.gmail.com > . > For more options, visit https://groups.google.com/groups/opt_out. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFWa6tLKCuMkzMWLn69i3PSZ-UDSGpeouQzyLiA7e79eL_xKzA%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Multiple logins
In my django app if two users are login in the same account and are registering two different clients then both the clients are added under the same client id but it should register under different client ids. So what should I do for that. -- Amanjot Kaur Blog: kauramanjot35.wordpress.com -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAOUPv3%3DLEBN%3DU6OJ-m_k8maaOtFBWS5huvLz2%2BAkUK%3DgL%3DgC-A%40mail.gmail.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: Multiple Logins
On Tue, 2009-08-04 at 06:28 -0700, lfrodrigues wrote: > Hi, > > I've developed a special Auth backend for a internal communication > protocol. Everything was ok but now the requirements changed and I > need to allow on the same browser (in diferent tabs) several logged > users. > > How can I have (in the same browser process) several logged users at > the same time? This is not particularly easy, but it's not impossible. The default Django session/auth combination stores the current sessionid in a cookie. That cookie is per-browser (since that's how cookies work), so you need to avoid collisions there. In fact, it seems like you'll have to end up writing your own session replacement and auth middleware to correctly set the User instance in the session. There's really no way to know which tab or window submitted the URL from a single browser, so you'll also need to include some information about hte current user in the URL so that the server side can work out which user you're meant to be inpersonating for this particular request. This is why RESTful design encourages staying away from cookies for this sort of purposes, because it's not stateless. Django's session framework is not RESTful and you're seeing the results of that. Regards, Malcolm --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Multiple Logins
Hi, I've developed a special Auth backend for a internal communication protocol. Everything was ok but now the requirements changed and I need to allow on the same browser (in diferent tabs) several logged users. How can I have (in the same browser process) several logged users at the same time? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Preventing Multiple Logins
On Sat, 2007-03-17 at 11:21 -0700, cwurld wrote: > Does anyone know how the SESSION_EXPIRE_AT_BROWSER_CLOSE works? In > other words, how does the Django session know the browser closed? It > seems like this mechanism could be used to accomplish the above. It's an HTTP cookie feature: if you don't set an explicit expiry time on the cookie, it lasts only until the browser is closed. Essentially, it is kept in the browser's memory, not written to disk. This is not a reliable way to track logging out, because users don't close theur web browsers every time they leave a site. Regards, Malcolm --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Preventing Multiple Logins
Does anyone know how the SESSION_EXPIRE_AT_BROWSER_CLOSE works? In other words, how does the Django session know the browser closed? It seems like this mechanism could be used to accomplish the above. Chuck --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Preventing Multiple Logins
I did it using PHP. It can be circumvented but it's not something the average user would do. Everytime an user logins, the session id is stored on a table, with the time and the user id. On every request by every logged in user, I put every previous session ids from the user id on an array, remove the last element (which is the current session id), reverse the array (to increase the chance of finding the current session id faster), and check if the current session id is in there. Here's part of the code, I hope you can translate it to Python/Django. It costs one query on every page request, but since I charge people based on the number of users they create, I can't let them logon with the same username :) $sql = "SELECT session_id FROM access WHERE user_id = '$user_id' ORDER BY time"; $session_id_list = // queries and stuff to make the above SQL data in an array; $last_session_id = array_pop($session_id_list); $session_id_list_reverse = array_reverse($session_id_list); foreach ($session_id_list_reverse as $key => $_session_id) { if ($last_session_id == $_session_id) { unset($session_id_lista_reverse[$key]); } } if (in_array(session_id(), $session_id_list)) { header('logout.php'); } You can clean the 'access' table every once in a while to keep it small (I do it weekly). So, what happens is that I am checking if any session id, other than the last one from an user on my access table, is his current one. If it is, he's logged out, but the user who came later keeps logged in. It can happen that users will have to logon twice, but it never happened to any of my users, I just know it's something possible but I never bothered to fix it, because it only happens if they return to the login page without clicking on the logout button or closing the browser, and really my users don't have many reasons to return to this particular login page, which is just a form. Worst case, they only have to type their username and password twice. On 3/16/07, cwurld <[EMAIL PROTECTED]> wrote: > > Hi, > > In order for users to use my Django site they must login. I am using > the standard auth app. I set the session to expire when the browser is > closed or when the user clicks a log out button. > > I would like to find a way to prevent users from simultaniously > logging in from different computers but using the same username and > password. > > Any suggestions? > > Thanks, > Chuck > > > > > -- Julio Nobrega - http://www.inerciasensorial.com.br --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Preventing Multiple Logins
> I would like to find a way to prevent users from simultaniously > logging in from different computers but using the same username and > password. How do you define "different computers"? A remote IP address, possibly cookies, and possibly JavaScript are about all you have to work with to determine "different computers" which could be any of the following scenarios: Are two browsers (e.g. FireFox and IE) considered "different computers"? What about two users of terminal-services on the same OS? How about if they have two OSes running in separate VMs on the same hardware? Or if they're two computers behind the same NAT/router returning the same IP address? Or what should happen if they're behind a load-balancing proxy that can return multiple outward facing IP addresses for the same computer? Is each IP address a different computer? Or their dialup hangs up on them and when they call back they get a new IP address...or a cellular data service where their IP changes as they move from cell to cell? If you base your decision based on the cookie/token, what happens if their machine crashes? Do they have to wait for some arbitrary timeout before the app will let them back in? It might be possible to have some AJAXy polling portion that pings your server every N seconds to update a "hey, this user is still not dead" timestamp, but it creates a lot of traffic/noise and isn't guaranteed in the event that they disable JavaScript (or active-x on Win32) It's a complicated issue, and anything close to a solution requires a tighter definition of the business-rules driving the prescription...if it's even a "solvable" problem... -tkc --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Re: Preventing Multiple Logins
The quick answer would be to check through the session data for a matching user id, but there's one possible wrinkle: How do you know when a user has logged off? In my case (not yet implemented), I'll have a timeout, but that still doesn't address the issue of a user losing a connection and attempting to log back in. Do you (a) present a screen that permits them to kill their former session (or do it automatically?) or (b) do you force them to wait until the timeout auto logoff period has elapsed. I don't think (b) is realistic. How are other people handling this issue? -- Jeff Bauer Rubicon, Inc. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---
Preventing Multiple Logins
Hi, In order for users to use my Django site they must login. I am using the standard auth app. I set the session to expire when the browser is closed or when the user clicks a log out button. I would like to find a way to prevent users from simultaniously logging in from different computers but using the same username and password. Any suggestions? Thanks, Chuck --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~--~~~~--~~--~--~---