PyPI - plain.auth - Versions diffs - 0.11.0__tar.gz → 0.12.0__tar.gz - Mend

plain.auth 0.11.0tar.gz → 0.12.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

{plain_auth-0.11.0 → plain_auth-0.12.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: plain.auth
-Version: 0.11.0
+Version: 0.12.0
 Summary: User authentication and authorization for Plain.
 Author-email: Dave Gaeddert <dave.gaeddert@dropseed.dev>
 License-File: LICENSE

{plain_auth-0.11.0 → plain_auth-0.12.0}/plain/auth/sessions.py RENAMED Viewed

@@ -21,6 +21,20 @@ def get_session_auth_hash(user):
     return _get_session_auth_hash(user)
+def update_session_auth_hash(request, user):
+    """
+    Updating a user's password (for example) logs out all sessions for the user.
+    Take the current request and the updated user object from which the new
+    session hash will be derived and update the session hash appropriately to
+    prevent a password change from logging out the session from which the
+    password was changed.
+    """
+    request.session.cycle_key()
+    if request.user == user:
+        request.session[USER_HASH_SESSION_KEY] = get_session_auth_hash(user)
 def get_session_auth_fallback_hash(user):
     for fallback_secret in settings.SECRET_KEY_FALLBACKS:
         yield _get_session_auth_hash(user, secret=fallback_secret)

{plain_auth-0.11.0 → plain_auth-0.12.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "plain.auth"
-version = "0.11.0"
+version = "0.12.0"
 description = "User authentication and authorization for Plain."
 authors = [{name = "Dave Gaeddert", email = "dave.gaeddert@dropseed.dev"}]
 readme = "README.md"