How to limit admin django session and renew time after user action
I am improving my django admin session security and I wanted to do 2 things:
- Limit my admin session time
- Renew my session time after every user action
What is the best way to do?
Found it. In Django you have 2 guys responsibles
To limit admin session:
SESSION_COOKIE_AGE = 30 # in seconds
To renew session time
SESSION_SAVE_EVERY_REQUEST = True