So, thank you for the insights. I ended up with a solution that is a mix of
what you've proposed here.
Each time a user logs in, it's current *session validation token* is saved on
the session. It is easy to code this using the `user_logged_in` signal.
Then, I've changed the logic of the code tha
I've recently discovered this issue with my django based application.
When a users changes its password, its active sessions are not destroyed.
I mean, if a user is logged in two different places (or in two different
browsers) and changes its password on one place, the other session will still
be
2 matches
Mail list logo
