In the last part of the Series, We made its so that our staff user can only have one user session at one time, however in the last series I decided not implement the session control towards normal user. For normal user I would prefer to display a list of all the session each user had, so that they can manually kill their session.
Going with this idea, I would now use a library called django-user-sessions. This library will display the list of user active session have the ability to kill all his/her session.
Among all the post that I have been writing previously, most library are quick and easy in terms of installing and usage. However django-user-sessions package depends on GeoIP library. GeoIP library require a huge databased provided from Maxmind. You would need to navigate to a geolite2 page, register and download 2 files name GeoLite2-Country.mmdb.gz and GeoLite2-City.mmdb.gz as per instruction
Once your have the files, unzip the folder, copy and paste in your working environment like so
now lets install the GeoIP library and set the path directory
pipenv install geoip2 pipenv lock -r > requirements.txt
and in your settings add this line
# GeoIP2 settings # https://docs.djangoproject.com/en/3.2/ref/contrib/gis/geoip2/ GEOIP_PATH = BASE_DIR.joinpath("GeoIP")
Now you should be able to use any package that require translation between IP to Geolocation
lets now first install the library
pipenv install django-user-sessions pipenv lock -r > requirements.txt
now for something a bit controversial:
'user_sessions' in your INSTALLED_APP in your settings.py file
INSTALLED_APPS = [ # ... # 'django.contrib.sessions', # Django-user-sessions 'user_sessions' # ... ]
2) Replacing your
'user_sessions.middleware.SessionMiddleware' in your MIDDLEWARE in your settings.py file
MIDDLEWARE = [ # ... # 'django.contrib.sessions.middleware.SessionMiddleware', # Django-user-sessions 'user_sessions.middleware.SessionMiddleware', # ... ]
3) Add UserSession url in your urls.py file
from django.contrib import admin from django.urls import path, include urlpatterns = [ path('admin/', admin.site.urls), path('', include('user_sessions.urls', 'user_sessions')), ]
4) Setting the LOGOUT_REDIRECT_URL in settings.py file
# Common Django Settings LOGOUT_REDIRECT_URL = '/'
5) we can now do a make migrations and also migrate with the following command in your terminal:
python manage.py makemirgations python manage.py migrate
6) If step 5 cause you some issue such as migrations conflict add the following line in your settings.py
SILENCED_SYSTEM_CHECKS = ['admin.E410']
7) This step is optional if you are working from behind a reverse proxy such as Nginx,
a) install django-xforwardedfor-middleware
pipenv install django-xforwardedfor-middleware==2.0 pipenv lock -r > requirements.txt
2) In your settings.py file, in your MIDDLEWARE add the following
MIDDLEWARE = [ # ... # django-xforwardedfor-middleware # https://github.com/allo-/django-xforwardedfor-middleware 'x_forwarded_for.middleware.XForwardedForMiddleware', # ... ]
By completing the steps listed here, the user of your web app can now maintain on their own from which platform his/her have active session and kill the session if needed.