I am using django framework and I need to auto logout users after password changes (not password reset via mail).
I am using django's :"contrib.auth.views.password_change" to help me do this,
i.e., I'm not having a separate view and as a result I'm also using password_change_done view of Django.
I need to know whether there's any way I can auto logout/destroy sessions after password change while using django's default views?
password_change has a post_change_redirect, so you can replace it:
from django.contrib.auth.views import password_change
from django.core.urlresolvers import reverse
def my_password_change(request):
return password_change(request=request,post_change_redirect=reverse('logout'))
Then in your urls.py, set my_password_change as the view that accepts the passowrd change request:
url(r'^password_change/done/$',my_password_change,name="my_password_change")