django-sudo

January 9, 2020 · View on GitHub

Sudo mode is an extra layer of security for your most sensitive pages.
This is an implementation of GitHub's Sudo Mode for Django.

What is this for?

django-sudo provides an extra layer of security for after a user is already logged in. Views can be decorated with @sudo_required, and then a user must re-enter their password to view that page. After verifying their password, that user has elevated permissions for the duration of SUDO_COOKIE_AGE. This duration is independent of the normal session duration allowing short elevated permission durations, but retain long user sessions.

Installation

$ pip install django-sudo

Compatibility

Django 1.9-1.11
Python 2.7, 3.6-3.7

Resources

Documentation
Security
Changelog