Account activity How to logout a particular device to logout.
165 views
Skip to first unread message
Salima Begum
Sep 14, 2020, 7:49:11 AM9/14/20
to django...@googlegroups.com
Hi all,
By using python and django.
- User Login with one account in different devices.
- If he login into another device we sent user to email. Saying that New device login.
- After we show user in his/her account activity page With that account how many devices are login.
- Then if user clicks on sign-out to a particular device then that particular device should be logoff and deleted from activity list.
- The only remain thing is that signout to a particular device.
- How to do signout to a particular device from his activity list.
For example, User has 2 devices and He/She login from 2 devices with one account. In his account activity it will show 2 devices how to signout another device from his account activity. In python and django
Thank You in advance
~ Salima
Farai M
Sep 14, 2020, 8:19:48 AM9/14/20
to django...@googlegroups.com
You might need to capture mac address on login then associate it with the login session
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAMSz6bkQhOy8bA%3D1XgUZ6%2BXryhu0cf%3Dr%2BXGJ5UVNPZdxL6n90g%40mail.gmail.com.
Kasper Laudrup
Sep 14, 2020, 12:56:41 PM9/14/20
to django...@googlegroups.com
Hi Farai,
On 14/09/2020 14.17, Farai M wrote:
> You might need to capture mac address on login then associate it with
> the login session
>
You can't do that. Or, you could probably look up the IP address in the
HTTP header in the local ARP cache on the server where your Django
application is running. In case that both the client and the server are
on the same network, you might be able to find it, but that's a very
limited use case and definitely not reliable even if it could be assumed
that the devices would always be on the same network.
If you control the client to some extent, you might be able to send the
local MAC address in eg. the HTTP header, but then you might as well use
a more reliable unique identifier, but that all depends on what you are
able to retrieve on the client side. Of course, none of that information
should actually be trusted though.
Kind regards,
Kasper Laudrup
On 14/09/2020 14.17, Farai M wrote:
> You might need to capture mac address on login then associate it with
> the login session
>
HTTP header in the local ARP cache on the server where your Django
application is running. In case that both the client and the server are
on the same network, you might be able to find it, but that's a very
limited use case and definitely not reliable even if it could be assumed
that the devices would always be on the same network.
If you control the client to some extent, you might be able to send the
local MAC address in eg. the HTTP header, but then you might as well use
a more reliable unique identifier, but that all depends on what you are
able to retrieve on the client side. Of course, none of that information
should actually be trusted though.
Kind regards,
Kasper Laudrup
Kasper Laudrup
Sep 14, 2020, 1:04:18 PM9/14/20
to django...@googlegroups.com
Hi Salima,
On 15/09/2020 02.18, Salima Begum wrote:
> Hi all,
> By using python and django.
>
> 1. User Login with one account in different devices.
> 2. If he login into another device we sent user to email. Saying that
> New device login.
> 3. After we show user in his/her account activity page With that
> 6. How to do signout to a particular device from his activity list.
make sessions persistent and have multiple sessions associated with the
same user account.
That way it should be possible to have the user expire/delete any of the
current sessions after a successful login.
You might have to a bit of extra trickery to try and associate a session
with a device. The device in that case would be whatever client was
saving the session cookies, e.g. two different browsers on the same
device would equal two different devices.
That's probably what I would try to do. Be aware that it's probably
impossible to this in a reliable way no matter what and of course, don't
ever trust whatever the client sends you.
Hope that helps a bit.
Kind regards,
Kasper Laudrup
On 15/09/2020 02.18, Salima Begum wrote:
> Hi all,
> By using python and django.
>
> 2. If he login into another device we sent user to email. Saying that
> New device login.
> 3. After we show user in his/her account activity page With that
> account how many devices are login.
> 4. Then if user clicks on sign-out to a particular device then that
> particular device should be logoff and deleted from activity list.
> 5. The only remain thing is that signout to a particular device.
> 6. How to do signout to a particular device from his activity list.
>
> For example, User has 2 devices and He/She login from 2 devices with
> one account. In his account activity it will show 2 devices how to
> signout another device from his account activity. In python and django
>
I don't have any experience with that, but I'd look into how you could
> For example, User has 2 devices and He/She login from 2 devices with
> one account. In his account activity it will show 2 devices how to
> signout another device from his account activity. In python and django
>
make sessions persistent and have multiple sessions associated with the
same user account.
That way it should be possible to have the user expire/delete any of the
current sessions after a successful login.
You might have to a bit of extra trickery to try and associate a session
with a device. The device in that case would be whatever client was
saving the session cookies, e.g. two different browsers on the same
device would equal two different devices.
That's probably what I would try to do. Be aware that it's probably
impossible to this in a reliable way no matter what and of course, don't
ever trust whatever the client sends you.
Hope that helps a bit.
Kind regards,
Kasper Laudrup
Farai M
Sep 14, 2020, 6:02:56 PM9/14/20
to django...@googlegroups.com
Browser fingerprinting” is a method of tracking web browsers by the configuration and settings information they make visible to websites, rather than traditional tracking methods such as IP addresses and unique cookies. Browser fingerprinting is both difficult to detect and and extremely difficult to thwart.
This should solve most of our problems l an sure they are already algorithms available for python or javascript ready to use
Reply all
Reply to author
Forward
0 new messages