> From the interactive shell, it's easy to delete a user::
>
> >>> from django.contrib.auth.models import User
> >>> u = User.objects.get(username='jacob')
> >>> u.delete()
>
> So, you'd need to write a view that essentially does the above.
> Remember that in views, the currently-logged-in user is available as
> `request.user`, so::
>
> def delete_me(request):
> request.user.delete()
> return render_to_response('youve_been_deleted.html')
>
> You'll probably want to implement some sort of "are you sure?"
> confirmation page, but I'll leave that up to you.
I'd also ensure that it's a POST method (you don't want weird
behaviors from caching since data is changed) and that the
confirmation form has some sort of signed token in it (involving
the username to be deleted) to prevent XSS bugs. It would stink
to have a page that deletes users, and could be silently scripted
from remote sites...
-tim
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
