我们的Django部署每晚都会检查LDAP目录中仍然可以找到哪些活跃用户。如果他们无法再被找到,我们将把它们设置为非活动状态。如果他们下次尝试登录,登录将失败。以下是执行此操作的代码:
def synchronize_users_with_ad(sender, **kwargs):
"""Signal listener which synchronises all active users without a usable
password against the LDAP directory. If a user cannot be
found anymore, he or she is set to “inactive”.
"""
ldap_connection = LDAPConnection()
for user in User.objects.filter(is_active=True):
if not user.has_usable_password() and not existing_in_ldap(user):
user.is_active = user.is_staff = user.is_superuser = False
user.save()
user.groups.clear()
user.user_permissions.clear()
maintain.connect(synchronize_users_with_ad)
但是,如果他们仍然登录状态,则此会话仍在工作中。我们如何立即使它们无效?所有会话中间件的设置都是默认值。