Preface

In the last part of the Series, We made its so that our staff user can only have one user session at one time, however in the last series I decided not implement the session control towards normal user. For normal user I would prefer to display a list of all the session each user had, so that they can manually kill their session.

Going with this idea, I would now use a library called django-user-sessions. This library will display the list of user active session have the ability to kill all his/her session.

[courtesy of django-user-session]

Installation

Among all the post that I have been writing previously, most library are quick and easy in terms of installing and usage. However django-user-sessions package depends on GeoIP library. GeoIP library require a huge databased provided from Maxmind. You would need to navigate to a geolite2 page, register and download 2 files name GeoLite2-Country.mmdb.gz and GeoLite2-City.mmdb.gz as per instruction

Once your have the files, unzip the folder, copy and paste in your working environment like so

now lets install the GeoIP library and set the path directory

pipenv install geoip2
pipenv lock -r > requirements.txt

and in your settings add this line

# GeoIP2 settings
# https://docs.djangoproject.com/en/3.2/ref/contrib/gis/geoip2/
GEOIP_PATH = BASE_DIR.joinpath("GeoIP")

Now you should be able to use any package that require translation between IP to Geolocation

Installing django-user-session

lets now first install the library

pipenv install django-user-sessions
pipenv lock -r > requirements.txt

now for something a bit controversial:

1) Replacing 'django.contrib.sessions' with 'user_sessions' in your INSTALLED_APP in your settings.py file

INSTALLED_APPS = [
    # ...
    # 'django.contrib.sessions',

    # Django-user-sessions
    'user_sessions'
    # ...
]

2) Replacing your 'django.contrib.sessions.middleware.SessionMiddleware' with 'user_sessions.middleware.SessionMiddleware' in your MIDDLEWARE in your settings.py file

MIDDLEWARE = [
    # ...
    # 'django.contrib.sessions.middleware.SessionMiddleware',

    # Django-user-sessions
    'user_sessions.middleware.SessionMiddleware',
    # ...
]

3) Add UserSession url in your urls.py file

from django.contrib import admin
from django.urls import path, include

urlpatterns = [
    path('admin/', admin.site.urls),
    path('', include('user_sessions.urls', 'user_sessions')),
]

4) Setting the LOGOUT_REDIRECT_URL in settings.py file

# Common Django Settings
LOGOUT_REDIRECT_URL = '/'

5) we can now do a make migrations and also migrate with the following command in your terminal:

python manage.py makemirgations 
python manage.py migrate

6) If step 5 cause you some issue such as migrations conflict add the following line in your settings.py

SILENCED_SYSTEM_CHECKS = ['admin.E410']

7) This step is optional if you are working from behind a reverse proxy such as Nginx,

a) install django-xforwardedfor-middleware

pipenv install django-xforwardedfor-middleware==2.0
pipenv lock -r > requirements.txt

2) In your settings.py file, in your MIDDLEWARE add the following

MIDDLEWARE = [
    # ...
    # django-xforwardedfor-middleware
    # https://github.com/allo-/django-xforwardedfor-middleware
    'x_forwarded_for.middleware.XForwardedForMiddleware',
    # ...
]

End

By completing the steps listed here, the user of your web app can now maintain on their own from which platform his/her have active session and kill the session if needed.