Hi all,
I am trying add a session timeout in my Django project by using Django’s in-built session middleware. I have implemented session timeout on my project using the Views method I have come across for this purpose and it is working on my Admin side, but in my User side, the redirection that I given not working (i.e. I need to log out the user and get back to the signin page after session expires).
My django version : 5.0.2
My python version: 3.12.2
Now it is taking the time and that page will expire but it will not redirect to the signin page. How can I solve this issue?
What are some other approaches we can use for implementing Sessions on Admin & User sides both redirecting to the Signup page and persisting the last page worked on upon logging back in ?
Settings.py
`MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.locale.LocaleMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
SESSION_COOKIE_AGE = 10 # Set the session timeout to 10 seconds
SESSION_SAVE_EVERY_REQUEST = True
`
Views.py
import time
#from django.conf import settings
def check_session_timeout(request):
if request.user.is_authenticated:
last_activity = request.session.get('last_activity')
if last_activity is not None:
session_expiry_time = settings.SESSION_COOKIE_AGE
current_time = time.time()
if current_time - last_activity > session_expiry_time:
return LogoutUser
return None
urls.py
path('signin/', views.signin, name='signin'),
path('logout/', views.LogoutUser, name='logout'),