I have created a class based login view for my application using django view so im getting an issue for authentication and authorisation. Issue im getting as follows:
Whenever i have log in to my application and open a new tab and trying to login again with same user it is allowing but i want to restrict this.
Is anyone have any idea why this happens.
Can you be a bit more specific with the issue you’re encountering? What are you trying to prevent?
If you’re trying to prevent a person from opening more than one tab on your site, you really can’t. That’s not under control of the server.
I never implemented it but i think i got solution (IN MY MIND WHILE THINKING):
Solution:-
Create Model With Name Like UserLoginTracker with fields below :-
from django.contrib.auth.models import User
user = models.OneToOneField(User)
Now while login in the user in the view check if any object with user trying to login is present in the database or not if present return you are logged in in other device and if not then login the user and create object in the database. Maybe the code in the view will like this:-
def loginview(request):
if request.method == 'POST':
username = request.POST['username']
try:
userobj = Users.objects.get(username=username)
except:
return HttpResponse("User not present please signup")
userLoggedInBeforeObj = UserLoginTracker.objects.filter(user=userobj)
if len(userLoggedInBeforeObj) => 1:
return HttpResponse('You are Logged in other device')
else:
#login the user but before sending response create object inside UserLoginTracker
login(request,user)
UserLoginTracker.objects.create(user=userobj)
return HttpResponseRedirect('home')
I HOPE THIS MAY HELP YOU
NOTE :- I JUST WROTE THIS CODE BUT TESTED IT SO PLEASE NOT COPY AND PASTE BECAUSE I JUST WROTE THE SOLUTION WHICH I THOUGHT