Hey all. Just an FYI that django-impersonate 1.9.1 was just released
with much appreciated contributions from:

- Sarah Boyce
- Oscar Cortez
- Arne Brodowski

Covers the following issues:

https://todo.code.netlandish.com/~petersanchez/django-impersonate/67

https://todo.code.netlandish.com/~petersanchez/django-impersonate/69

https://todo.code.netlandish.com/~petersanchez/django-impersonate/70

Thanks! Applied here:

https://hg.code.netlandish.com/~petersanchez/django-impersonate/rev/77c3932f8751d8457a92596acb8b6a8ba2f73dbb

Thanks! Applied.

On 02/04, Jordi Gutiérrez Hermoso wrote:
># HG changeset patch
># User Jordi Gutiérrez Hermoso <jordigh@gnu.org>
># Date 1612473215 18000
>#      Thu Feb 04 16:13:35 2021 -0500
># Node ID 02c4ab3442b2f9c2df491b0663fae5caa8129418
># Parent  ccefd024a3fbf62b698bf38d750b7d03d1d74a65

Thanks! Applied here:

https://hg.code.netlandish.com/~petersanchez/django-impersonate/rev/c400cc81c4f6ff9bb0e94fb8485919ae283e08b0

I'll push a minor update to pypi shortly.

Just a heads up that I just pushed version 1.7.1 live. It's a bug fix
release and includes some small improvements to save some unnecessary
queries and change logging levels from `warning` to `debug`.

https://pypi.org/project/django-impersonate/

For reference:

https://todo.code.netlandish.com/~petersanchez/django-impersonate/60

https://lists.code.netlandish.com/~petersanchez/public-inbox/patches/7

https://lists.code.netlandish.com/~petersanchez/public-inbox/%3CCAJF%3Dk3%3DD3vguoC6ZhGJDQaRinJTU0H60zRyCQoT%2BfFVq7nonzQ%40mail.gmail.com%3E

On 12/22, Илья wrote:
>class ImpersonateMiddleware(MiddlewareMixin):
>    def process_request(self, request):
>        _usr = request.user  # save as local var to prevent infinite recursion
>        def _get_usr():
>            _usr.is_impersonate = False
>            return _usr
>
>        request.user = SimpleLazyObject(_get_usr)
>        request.impersonator = None
>
>        if '_impersonate' in request.session and request.user.is_authenticated:
>            ....

Interesting catch. I have some thoughts below.

On 12/21, Илья wrote:
>class ImpersonateMiddleware(MiddlewareMixin):
>    def process_request(self, request):
>        request.user.is_impersonate = False  # <----- this one
>        request.impersonator = None
>
>        if is_authenticated(request.user) and \  # <----- and this one
>           '_impersonate' in request.session:
>            new_user_id = request.session['_impersonate']
>            .....
>
>As a quick-and-dirty fix we can just remove the first line - but in

Thanks! This was applied.

On 12/10, Hugo Rodger-Brown wrote:
># HG changeset patch
># User Hugo Rodger-Brown <hugo@yunojuno.com>
># Date 1607608487 0
>#      Thu Dec 10 13:54:47 2020 +0000
># Branch downgrade-logging
># Node ID bd1429321fb4a7f4627448681d369d07875c5edf
># Parent  a174b1c67a73699e1ea51d1433db7d0f22c4e6ef
>Downgrade signals logging from warning to debug

Thank you! I applied this. I did some slight cleanup for formatting
(black) but otherwise left it untouched.

On 11/24, Leonhard Kuboschek wrote:
># HG changeset patch
># User Leonhard Kuboschek <leo@jacobs-alumni.de>
># Date 1606156336 -3600
>#      Mon Nov 23 19:32:16 2020 +0100

On 11/23, Leonhard Kuboschek wrote:
>+from datetime import datetime, timedelta

I wonder if it's not better to use the `django.utils.timezone` module
here? Also use UTC aware timestamps.

>+                start_time = datetime.fromtimestamp(request.session['_impersonate_start'])
>+                if datetime.now() - start_time > timedelta(seconds=settings.MAX_DURATION):

Use `datetime.utcfromtimestamp()` and `timezone.now()` which returns a
UTC aware copy of datetime.now(). We'd have to also use
`timezone.make_aware()` on the `start_time` variable when subtracting.

`if timezone.now() - timezone.make_aware(start_time) > ...`