How to detect (daily) User Login when using cookies?

Discussion:

Tobias Dacoir

2015-01-23 09:43:40 UTC

I'm using django-allauth and I receive a signal when a user logs in. Now I
want to store each day the user logs in. However, when the user does not
logout he can still log in the next day thanks to the cookies. I know that
I can set SESSION_EXPIRE_AT_BROWSER_CLOSE to True in settings.py. But this
may annoy some Users.

So is there a way to use cookies but still tell if a User has accessed the
site for the first time today?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+***@googlegroups.com.
To post to this group, send email to django-***@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/0acff60c-f658-4f2a-8318-47e08a6ffe98%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Collin Anderson

2015-01-27 20:00:15 UTC

Permalink

Hi,

Would it make sense to simply keep a record of when the last time you've
seen the user is?

Collin

Post by Tobias Dacoir
I'm using django-allauth and I receive a signal when a user logs in. Now I
want to store each day the user logs in. However, when the user does not
logout he can still log in the next day thanks to the cookies. I know that
I can set SESSION_EXPIRE_AT_BROWSER_CLOSE to True in settings.py. But this
may annoy some Users.
So is there a way to use cookies but still tell if a User has accessed the
site for the first time today?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+***@googlegroups.com.
To post to this group, send email to django-***@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/ff24698c-f21d-4a28-a78e-55093d8cf15b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Tobias Dacoir

2015-01-28 09:58:30 UTC

Permalink

Yes that would be enough. I know in the User Model there is last_login but
that is only updated when the User actually logs in. And the signal from
django-allauth is also only send when the user uses the login form. The
only other alternative I found was to check in every view I have for
request.user and store / update datetime.now. But this is quite ugly.

Post by Collin Anderson
Hi,
Would it make sense to simply keep a record of when the last time you've
seen the user is?
Collin

Post by Tobias Dacoir
I'm using django-allauth and I receive a signal when a user logs in. Now
I want to store each day the user logs in. However, when the user does not
logout he can still log in the next day thanks to the cookies. I know that
I can set SESSION_EXPIRE_AT_BROWSER_CLOSE to True in settings.py. But this
may annoy some Users.
So is there a way to use cookies but still tell if a User has accessed
the site for the first time today?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+***@googlegroups.com.
To post to this group, send email to django-***@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/e208c5f2-2669-4305-a2c0-89ef866de459%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Collin Anderson

2015-01-30 13:50:02 UTC

Permalink

Hi,

If you use a custom authentication backend, you could update it every time
get_user(request) is called.

Collin

Post by Tobias Dacoir
Yes that would be enough. I know in the User Model there is last_login but
that is only updated when the User actually logs in. And the signal from
django-allauth is also only send when the user uses the login form. The
only other alternative I found was to check in every view I have for
request.user and store / update datetime.now. But this is quite ugly.

Post by Collin Anderson
Hi,
Would it make sense to simply keep a record of when the last time you've
seen the user is?
Collin

Post by Tobias Dacoir
I'm using django-allauth and I receive a signal when a user logs in. Now
I want to store each day the user logs in. However, when the user does not
logout he can still log in the next day thanks to the cookies. I know that
I can set SESSION_EXPIRE_AT_BROWSER_CLOSE to True in settings.py. But this
may annoy some Users.
So is there a way to use cookies but still tell if a User has accessed
the site for the first time today?

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+***@googlegroups.com.
To post to this group, send email to django-***@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/d2d6d493-2c95-43c1-a1ae-c08b9e0fbea4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Tom Evans

2015-01-30 14:55:12 UTC

Permalink

Post by Collin Anderson
Hi,
If you use a custom authentication backend, you could update it every time
get_user(request) is called.

HTTP is stateless, authentication happens every request, so that gets
called on every request, causing session modification on each request.

How about:

from django.utils import timezone

class DailyLoginMiddleware(object):
def process_request(self, request):
if request.user.is_authenticated():
today = timezone.now().strftime('%Y%m%d')
if request.session.get('last_seen') != today:
request.session['last_seen'] = today
setattr(request, 'new_today', True)

Store todays date in the session, check to see if it is changed, only
modify the session if the date has changed, set an attribute on the
request so that later views can include that information.

Cheers

Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+***@googlegroups.com.
To post to this group, send email to django-***@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAFHbX1JE6ZrMzLAdxCuOowe3hL3%3DmOZOPRx13YAzFqKSfufG4A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Tobias Dacoir

2015-01-30 15:34:42 UTC

Permalink

Thanks. Though I do not use a Custom Authentication Backend, it should be
possible to inherit from the Default one and just overwrite the get_user
Method.
I will test it out.

Post by Tom Evans

Post by Collin Anderson
Hi,
If you use a custom authentication backend, you could update it every

time

Post by Collin Anderson
get_user(request) is called.

HTTP is stateless, authentication happens every request, so that gets
called on every request, causing session modification on each request.
from django.utils import timezone
today = timezone.now().strftime('%Y%m%d')
request.session['last_seen'] = today
setattr(request, 'new_today', True)
Store todays date in the session, check to see if it is changed, only
modify the session if the date has changed, set an attribute on the
request so that later views can include that information.
Cheers
Tom

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+***@googlegroups.com.
To post to this group, send email to django-***@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/0a7e4a2e-2f05-45e4-9633-14d60dce78a8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.