duplicate: Django Admin - Re-authentication?
I'm looking for a way to separate the session handling for the admin part of a site (django.contrib.admin) and the frontend - the rest.
A person should be able to log in to the admin (only if he has is_staff
and/or is_superuser
), but if he gets to the frontend he should remain not logged in for that part of the site. He should have to be able to login with another username into frontend.
So basically it's like two separate sessions for the admin and frontend. Login/Logout and Permission-check functionality is not a problem, different sessions is the problem. Any ideas?