Force logout user without request object
23 views
Skip to first unread message
Bhaskar rao
Dec 11, 2017, 2:35:41 AM12/11/17
to General Open edX discussion
Hello,
I want to force logout a user without access to request object.
For this I tried to get session from user, so I tried Session.objects.all().
Its empty, even in the db, django_session table is empty.
So, any thoughts on how to do this ?
Bhaskar rao
Dec 11, 2017, 2:44:49 AM12/11/17
to General Open edX discussion
Session engine actually set to cache, so django_session is empty.
Anyway, to get session key without knowing request object.
Clinton Blackburn
Dec 11, 2017, 5:24:00 PM12/11/17
to General Open edX discussion
Can you clarify the scenario, please? What do you mean by "a user without access to request object"? Users don't have access to requests. A request either has a user associated or does not.
Regarding sessions, if the user doesn't already have a session—located via cookie—how will you know which user to perform actions for?
If you are writing custom views, the login_required decorator/mixin is probably what you are seeking.
Clinton
Reply all
Reply to author
Forward
0 new messages