django-sudo

LSE toolsLSE toolsdjango-sudo (239)django-sudo (239)

Tool and Usage

Project details
LicenseBSD 3-clause
Programming languagePython
AuthorMatt Robenolt
Latest release2.0.1 []

Project health

74
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

For some destructive events like removing an account, you may want to revalidate if the user really wants to continue. To ensure it is the actual owner of the account, django-sudo requests authentication again within the web application. GitHub uses this as well for some events like ownership changes and deletions.

How it works

Django-sudo works by setting a short living cookie that typically expires before the main authentication cookie. When a view has the @sudo_required decorator, then the presence of this cookie is checked. If not set, authentication will be requested to continue.

Usage and audience

django-sudo is commonly used for application security. Target users for this tool are developers.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 10 contributors
  • + The source code of this software is available

Author and Maintainers

Django-sudo is under development by Matt Robenolt.

Installation

Supported operating systems

Django-sudo is known to work on Linux, macOS, and Microsoft Windows.

django-sudo alternatives

Similar tools to django-sudo:

85

Bleach

Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. Read how it works in this review.

60

django-two-factor-auth

A complete Two-Factor Authentication for Django. It leverages the django-otp tooling together with Django's authentication framework.

84

django-axes

Django-axes is a reusable app for Django to limit the brute force login attempts for your web application.

All django-sudo alternatives

Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a authentication library and Django security library.

Related terms