Tap to unmute

Prevent Multiple Device Login for a User in Django 2 using Middleware

  Рет қаралды 9,155

Emmanuel Okiche

Emmanuel Okiche

Күн бұрын

Пікірлер: 58
@kaustavsengupta8757
@kaustavsengupta8757 5 жыл бұрын
Thanks bro....you have spared me number of hours searching this in stackoverflow. Great tutorial man
@fleepgeek
@fleepgeek 5 жыл бұрын
You're welcome. Im glad this helped you.
@juancedenog
@juancedenog Жыл бұрын
Thank you very much !!! Great tutorial !!
@fleepgeek
@fleepgeek Жыл бұрын
You're welcome. I'm glad it was helpful :)
@jonnythrive
@jonnythrive 4 жыл бұрын
Thank you! You've explained multiple concepts very clearly. Best explanations of multilogin django i've found..
@fleepgeek
@fleepgeek 4 жыл бұрын
Glad it was helpful!
@jonnythrive
@jonnythrive 4 жыл бұрын
@@fleepgeek hey Emmanuel, this multiple login was working fine, but randomly im getting this error: Session matching query does not exist. Session.objects.get(session_key=current_session_key).delete() the site just gets prevented from loading and the only way around it for now is to delete the user. Any ideas why this might occur? The middleware page is basically the same as yours.
@fleepgeek
@fleepgeek 4 жыл бұрын
@@jonnythrive try debug the code step by step like i did in the video. When you log in, check your session table to see if it created it. Also print out the current_session_key in your code is check if it is None. Cross check my conditional statements. There would be a problem somewhere from your code or some other logic. I can't guarantee ill check this soon. So help me debug it ;)
@jonnythrive
@jonnythrive 4 жыл бұрын
@@fleepgeek thanks for replying. I didn't find any errors in the logic but I did find this on stackoverflow - stackoverflow.com/questions/56312743/django-allow-only-one-user-session-in-total I'm not sure why, but it seems sometimes its not making a loggeduser sessions file... the error is random, which makes it even more concerning. thank you again for replying. I really appreciate your videos- I started watching them about a year ago and it really did fill in a lot of gaps about django.
@fleepgeek
@fleepgeek 4 жыл бұрын
@@jonnythrive thanks. Would check it out later.
@patricklam18
@patricklam18 4 жыл бұрын
Thank you, brother. This is a great tutorial to solve my problem. But, one thing I made an improvement based on your code. My system is using dijango-session-timout for auto-logout. When timeout to trigger auto-logout, the existing session will be destroyed automatically. But, LoggedInUser record is kept, the middleware can not find the session, the DoesNotExist error has raised. The same user cannot be login again. So, I add (try and except) to solve the issues. I hope this is helpful. Thank you again for your teaching. This code is perfect to teach me how to use the middlewares.
@fleepgeek
@fleepgeek 4 жыл бұрын
That's really nice. I'm glad you found a way around your issue. Thanks for the the information and keep up the good work.
@ianmaguithi3061
@ianmaguithi3061 4 жыл бұрын
Thanks man... Helped me a lot
@fleepgeek
@fleepgeek 4 жыл бұрын
You're welcome
@10xGarden
@10xGarden 4 жыл бұрын
Very neat tutorial man, loved it
@fleepgeek
@fleepgeek 4 жыл бұрын
Thanks for your neat comment too. I'm glad you found it useful.
@neerajbansal2613
@neerajbansal2613 4 жыл бұрын
Thanks ! excellent stuff!
@avirajwalunj1834
@avirajwalunj1834 2 жыл бұрын
how to redirect to login page once we refresh the page?? because its showing page not found error
@dariogambi
@dariogambi 5 жыл бұрын
thx !!! it works like a charm !!!!!
@fleepgeek
@fleepgeek 5 жыл бұрын
You're welcome. Glad it was helpful.
@sachinkumaras
@sachinkumaras 3 жыл бұрын
Thanks for the informative information and tutorial. Can we have a logic where we can bind the device with the first login id? once a user login into the device he can't use the same login id into another device. how we can achieve this requirement.
@fleepgeek
@fleepgeek 3 жыл бұрын
Yes you can. The session could act as the first device id. Then instead of deleting the old session like i did in the video, you delete the new session that the new device is trying to log in. If you want to go a step further, you can create a model for device ids. This model would be responsible for storing a unique generated id whenever a user logs in on a device. With this, you can make the user only log in on the device that has the matching id. This would limit the user to use only one device. I'll love to see what you come up with. All the best :)
@sachinkumaras
@sachinkumaras 3 жыл бұрын
@@fleepgeek Thanks for the revert I will let you know once completed.
@danielmaina4048
@danielmaina4048 3 жыл бұрын
Great tutorial here
@muqeetahmad8591
@muqeetahmad8591 2 жыл бұрын
Can you provide the github link of this project ?
@maryanushachalamalasetty4666
@maryanushachalamalasetty4666 4 жыл бұрын
User shouldn't be able to login on multiple devices(set active attribute if user login) Can u please help with the code for this???
@joshuamothkur
@joshuamothkur 4 жыл бұрын
Fill in the blanks: Did you ___?
@abhishekdubey8771
@abhishekdubey8771 Жыл бұрын
Hey, would you please share me github link of this code ?
@davidgallego1216
@davidgallego1216 4 жыл бұрын
I have this : django.contrib.sessions.models.Session.DoesNotExist: Session matching query does not exist. Line - Session.objects.get(session_key=current_session_key).delete() . I can't understand this .
@fleepgeek
@fleepgeek 4 жыл бұрын
Follow the tutorial step by step. Seems like you skipped some part.
@davidgallego1216
@davidgallego1216 4 жыл бұрын
@@fleepgeek Brother i see the tutorial step by step , i can't understand this problem. all code is equal. I have a new Django maybe could be it. I am confused .
@davidgallego1216
@davidgallego1216 4 жыл бұрын
I also reviewed this. dev.to/fleepgeek/prevent-multiple-sessions-for-a-user-in-your-django-application-13oo. and I compared the code
@fleepgeek
@fleepgeek 4 жыл бұрын
@@davidgallego1216 it might be a Django version problem. I haven't had the time to check it out. You could check the Sessions model from the doc to see if the session_key field was changed to something else. If its still the same then try have fun debugging it until i find time to try it out. If you find a solution pls do share it. All the best ;)
@fleepgeek
@fleepgeek 4 жыл бұрын
I looked at the error clearly now. It is not a Django version stuff. It is self explanatory, that session doesn't exist at that moment. Execution is not supposed to reach there if your conditions were correct. Make sure you're logged in and cross check your conditional statements.
@lokmanhossen7354
@lokmanhossen7354 6 жыл бұрын
Thanks brother. it's very helpful .. I have one question that is ... if i want to give a user maximum 3 time session how can i do this ? i mean a user can log maximum three time from different browser ... thank you ..
@fleepgeek
@fleepgeek 6 жыл бұрын
By default, you have multiple sessions which means that a user could have more than one session in the django_session(Session model) table. One way to achieve would to get all unexpired sessions and get the user ids in a list then check if the current user count in that list is >= 3 then log the user out(delete the session from the db just like we did in the video) This might help you: www.codingforentrepreneurs.com/blog/django-tutorial-get-list-of-current-users
@lokmanhossen7354
@lokmanhossen7354 6 жыл бұрын
I done this my self brother ... :) many many thanks for your co-operation ... @@fleepgeek
@fleepgeek
@fleepgeek 6 жыл бұрын
You're welcome
@tinashemunikwa4179
@tinashemunikwa4179 4 жыл бұрын
Good vid. But i ran into a problem. I cant access logged_in_user from rquest.user in this line request.user.logged_in_user.session_key. What did I do wrong?
@fleepgeek
@fleepgeek 4 жыл бұрын
Did it produce any error message when you tried it? Did you write the complete code and test it? Did you go through the source code in my repo to cross check? I did not provide enough information for me to help you.
@tinashemunikwa4179
@tinashemunikwa4179 4 жыл бұрын
@@fleepgeek Yah the code is the same. The error message is - django.contrib.auth.models.User.logged_in_user.RelatedObjectDoesNotExist: User has no logged_in_user.
@fleepgeek
@fleepgeek 4 жыл бұрын
@@tinashemunikwa4179 okay. Make sure you run the migration commands after creating the LoggedInUser model. That is what causes the type of error.
@indicatorgod
@indicatorgod 4 жыл бұрын
is it possible to deny login access for a second device rather than logging out the other device?
@fleepgeek
@fleepgeek 4 жыл бұрын
Yes. Just delete the new session of the new logged in user instead of logging out the other device.
@indicatorgod
@indicatorgod 4 жыл бұрын
Emmanuel Okiche can you please show me in a code ?
@fleepgeek
@fleepgeek 4 жыл бұрын
@@indicatorgod did you watch the complete video?
@CesarBArts
@CesarBArts Жыл бұрын
Thanks :D
@kamtanath4494
@kamtanath4494 5 жыл бұрын
Great Video man, How do a achieve this , request with a token which is older than 30 mins is invalid and the user must be redirected to the login page?
@fleepgeek
@fleepgeek 5 жыл бұрын
When you say token, do you mean json web token? The ones used for a restful api?
@kamtanath4494
@kamtanath4494 5 жыл бұрын
@@fleepgeek I am looking to create a middleware which should look for a token in the request headers, validate the same against the database. Only if the token is valid the django view should be processe.d. with validity of 30 min
@fleepgeek
@fleepgeek 5 жыл бұрын
@@kamtanath4494 there are two ways that come to mind now if i want to achieve this. I could use the same approach in this video but while creating my LoggedInUser in my signals.py file, i would store a timestamp that is 30 miuntes ahead (this would be my expiration time). You need to add this new field in the LoggedInUser model. Then i my middleware, i would check if the current time is equal or greater than the expiration time then log the user out like i did in the middleware. OR You could use jwt. JWT has expiration date encoded in it (you'll set this up). So in your middleware you could access request.headers to get the token, decode and check the expiration date and perform the same steps above. NOTE: request.headers is new (Added in Django 2.2) docs.djangoproject.com/en/2.2/ref/request-response/#django.http.HttpRequest.headers I hope this helps.
@kamtanath4494
@kamtanath4494 5 жыл бұрын
@@fleepgeek Thanks
Adding a session timeout in Django
15:44
Cloud With Django
Рет қаралды 10 М.
Vampire SUCKS Human Energy 🧛🏻‍♂️🪫 (ft. @StevenHe )
0:34
Alan Chikin Chow
Рет қаралды 138 МЛН
JISOO - ‘꽃(FLOWER)’ M/V
3:05
BLACKPINK
Рет қаралды 137 МЛН
I Sent a Subscriber to Disneyland
0:27
MrBeast
Рет қаралды 104 МЛН
Caleb Pressley Shows TSA How It’s Done
0:28
Barstool Sports
Рет қаралды 60 МЛН
How to Track User Activity through Django Login
13:28
Yiqing Lan
Рет қаралды 12 М.
Learn the Basics of Django Signals
22:37
Matt Freire
Рет қаралды 50 М.
Django Custom Middleware - Tutorial With Examples
17:33
Code With Stein
Рет қаралды 7 М.
How to track and manage pages a user visits in Django (History App).
36:43
Sending a Friend Request (DJANGO)
21:27
CodingWithMitch
Рет қаралды 6 М.
Vampire SUCKS Human Energy 🧛🏻‍♂️🪫 (ft. @StevenHe )
0:34
Alan Chikin Chow
Рет қаралды 138 МЛН