summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
authorTim Graham <timograham@gmail.com>2014-03-31 20:16:09 -0400
committerTim Graham <timograham@gmail.com>2014-04-05 12:50:51 -0400
commitfd23c06023a0585ee743c0752dc94da66694cf63 (patch)
treed5aead631b7e7dd4d813326cc6d6d660cf5e8dc5 /docs/ref
parent9494f29d4fffc30e6ae111a995ca1d07a0cbf439 (diff)
Fixed #21649 -- Added optional invalidation of sessions when user password changes.
Thanks Paul McMillan, Aymeric Augustin, and Erik Romijn for reviews.
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/middleware.txt9
1 files changed, 9 insertions, 0 deletions
diff --git a/docs/ref/middleware.txt b/docs/ref/middleware.txt
index 0898ca516a..f7a6768d3c 100644
--- a/docs/ref/middleware.txt
+++ b/docs/ref/middleware.txt
@@ -204,6 +204,15 @@ Adds the ``user`` attribute, representing the currently-logged-in user, to
every incoming ``HttpRequest`` object. See :ref:`Authentication in Web requests
<auth-web-requests>`.
+.. class:: SessionAuthenticationMiddleware
+
+.. versionadded:: 1.7
+
+Allows a user's sessions to be invalidated when their password changes. See
+:ref:`session-invalidation-on-password-change` for details. This middleware must
+appear after :class:`django.contrib.auth.middleware.AuthenticationMiddleware`
+in :setting:`MIDDLEWARE_CLASSES`.
+
CSRF protection middleware
--------------------------