How to expire session due to inactivity in Django?

Question

Our Django application has the following session management requirements.

1. Sessions expire when the user closes the browser.
2. Sessions expire after a pe

Answer 1

django-session-security does just that...

... with an additional requirement: if the server doesn't respond or an attacker disconnected the internet connection: it should expire anyway.

Disclamer: I maintain this app. But I've been watching this thread for a very, very long time :)