--- /dev/null
+import time
+
+from django.contrib.auth import logout
+
+from .settings import EXPIRE_AFTER
+
+
+class BetterSessionsMiddleware(object):
+ def process_request(self, request):
+ """ Update last activity time or logout. """
+ if request.user.is_authenticated():
+ now = time.time()
+ last_activity = request.session.get('last_activity', now)
+
+ if now - last_activity > EXPIRE_AFTER:
+ logout(request)
+ else:
+ request.session['last_activity'] = now