Bugfix: When logging in when a session already existed and last visit…

… was more than AUTO_LOGOUT_DELAY minutes ago, user was wrongfully logged out immediately and had to log in again.

core/middleware.py

@@ -51,12 +51,20 @@ def process_request(self, request):
 class AutoLogoutMiddleware():
     def process_request(self, request):
         if hasattr(settings, 'AUTO_LOGOUT_DELAY'):
+
+            now = datetime.now()
+
             if not request.user.is_authenticated() :
+                # Set the last visit to now when attempting to log in, so that
+                # auto-logout feature doesn't immediately log the user out
+                # when the user is already logged out but the session is still
+                # active.
+                if request.path_info == '/accounts/login/' and request.method == 'POST':
+                    request.session['last_visit'] = now.strftime('%Y-%m-%d %H:%M:%S')
+
                 # Can't log out if not logged in
                 return
 
-            now = datetime.now()
-
             if 'last_visit' in request.session:
                 last_visit = datetime.strptime(request.session['last_visit'], '%Y-%m-%d %H:%M:%S')
                 if now - last_visit > timedelta(0, settings.AUTO_LOGOUT_DELAY * 60, 0):