MCPcopy
hub / github.com/django/django / update_session_auth_hash

Function update_session_auth_hash

django/contrib/auth/__init__.py:377–388  ·  view source on GitHub ↗

Updating a user's password logs out all sessions for the user. Take the current request and the updated user object from which the new session hash will be derived and update the session hash appropriately to prevent a password change from logging out the session from which the

(request, user)

Source from the content-addressed store, hash-verified

375
376
377def update_session_auth_hash(request, user):
378 """
379 Updating a user's password logs out all sessions for the user.
380
381 Take the current request and the updated user object from which the new
382 session hash will be derived and update the session hash appropriately to
383 prevent a password change from logging out the session from which the
384 password was changed.
385 """
386 request.session.cycle_key()
387 if hasattr(user, "get_session_auth_hash") and request.user == user:
388 request.session[HASH_SESSION_KEY] = user.get_session_auth_hash()
389
390
391async def aupdate_session_auth_hash(request, user):

Callers 2

user_change_passwordMethod · 0.90
form_validMethod · 0.90

Calls 2

get_session_auth_hashMethod · 0.80
cycle_keyMethod · 0.45

Tested by

no test coverage detected