PyPI - plain.auth - Versions diffs - 0.10.0__tar.gz → 0.12.0__tar.gz - Mend

plain.auth 0.10.0tar.gz → 0.12.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

{plain_auth-0.10.0 → plain_auth-0.12.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plain.auth
-Version: 0.10.0
+Version: 0.12.0
 Summary: User authentication and authorization for Plain.
 Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
 License-File: LICENSE
@@ -78,7 +78,6 @@ urlpatterns = [
 ]
 ```
 ## Checking if a user is logged in
 A `request.user` will either be `None` or point to an instance of a your `AUTH_USER_MODEL`.
@@ -102,7 +101,6 @@ else:
     print("You are not logged in.")
 ```
 ## Restricting views
 Use the `AuthViewMixin` to restrict views to logged in users, admin users, or custom logic.

{plain_auth-0.10.0 → plain_auth-0.12.0}/plain/auth/README.md RENAMED Viewed

@@ -66,7 +66,6 @@ urlpatterns = [
 ]
 ```
 ## Checking if a user is logged in
 A `request.user` will either be `None` or point to an instance of a your `AUTH_USER_MODEL`.
@@ -90,7 +89,6 @@ else:
     print("You are not logged in.")
 ```
 ## Restricting views
 Use the `AuthViewMixin` to restrict views to logged in users, admin users, or custom logic.

{plain_auth-0.10.0 → plain_auth-0.12.0}/plain/auth/sessions.py RENAMED Viewed

@@ -21,6 +21,20 @@ def get_session_auth_hash(user):
     return _get_session_auth_hash(user)
+def update_session_auth_hash(request, user):
+    """
+    Updating a user's password (for example) logs out all sessions for the user.
+    Take the current request and the updated user object from which the new
+    session hash will be derived and update the session hash appropriately to
+    prevent a password change from logging out the session from which the
+    password was changed.
+    """
+    request.session.cycle_key()
+    if request.user == user:
+        request.session[USER_HASH_SESSION_KEY] = get_session_auth_hash(user)
 def get_session_auth_fallback_hash(user):
     for fallback_secret in settings.SECRET_KEY_FALLBACKS:
         yield _get_session_auth_hash(user, secret=fallback_secret)

{plain_auth-0.10.0 → plain_auth-0.12.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "plain.auth"
-version = "0.10.0"
+version = "0.12.0"
 description = "User authentication and authorization for Plain."
 authors = [{name = "Dave Gaeddert", email = "dave.gaeddert@dropseed.dev"}]
 readme = "README.md"