django-sudo

Tool and Usage

Django-sudo provides a view decorator for Django web applications. It mimics the behavior of sudo on Linux systems and requires reauthentication.

Why this tool?

For some destructive events like removing an account, you may want to revalidate if the user really wants to continue. To ensure it is the actual owner of the account, django-sudo requests authentication again within the web application. GitHub uses this as well for some events like ownership changes and deletions.

How it works

Django-sudo works by setting a short living cookie that typically expires before the main authentication cookie. When a view has the @sudo_required decorator, then the presence of this cookie is checked. If not set, authentication will be requested to continue.

Usage and audience

This tool is categorized as a authentication library and Django security library.

django-sudo is commonly used for application security. Target users for this tool are developers.

Tool review

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 10 contributors
  • + The source code of this software is available

Author and Maintainers

Django-sudo is under development by Matt Robenolt.

Installation

Support operating systems

Django-sudo is known to work on Linux, macOS, and Microsoft Windows.

This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest release2.0.1 [2016-05-24]
License(s)BSD 3-clause
Last updatedSept. 25, 2017

Project health

78
This score is calculated by different factors, like project age, last release date, etc.

Links

 Documentation
GitHub iconGitHub project

Related terms