Previous answers explain why the sessions API makes it impossible to create a FK from Session to User. However, it looks like this isn't the question you wanted to ask.
Your real question seems to be: "how can I invalidate sessions on password change?" Fortunately, Django 1.7 includes a new middleware for this purpose. https://docs.djangoproject.com/en/dev/ref/middleware/#django.contrib.auth.middleware.SessionAuthenticationMiddleware -- Aymeric. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at http://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CANE-7mVa7W2vTrPkoLbmWonVjvg8%2BvV_PGZtgqG7x47ta%2B7fpQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
