Welcome to Elevate¶
What is this for?¶
Elevate provides an extra layer of security beyond initial user authentication.
Views can be decorated with
@elevate_required, and then users must
re-authenticate to access that resource. This might be useful for deleting objects,
canceling subscriptions, and other sensitive operations. After re-authentication,
the user has elevated permissions for the duration of
This duration is independent of the normal session duration, allowing for short
elevated permission durations while still retaining long user sessions.
$ pip install django-elevate
- Django 1.8 - 2.2
- Python 2.7 - 3.7