Django signals in login

Question

What is django signal in login function used for? The user is already added in the request session table. So what is the last line call to signal does in Django auth.login function?

 @sensitive_post_parameters() 
 @csrf_protect
 @never_cache
 def login(request, user):
  """
  Persist a user id and a backend in the request. This way a user doesn't
  have to reauthenticate on every request. Note that data set during
  the anonymous session is retained when the user logs in.
  """
  session_auth_hash = ''
  if user is None:
     user = request.user
  if hasattr(user, 'get_session_auth_hash'):
     session_auth_hash = user.get_session_auth_hash()

  if SESSION_KEY in request.session:
    if _get_user_session_key(request) != user.pk or (
            session_auth_hash and
            request.session.get(HASH_SESSION_KEY) != session_auth_hash):
        # To avoid reusing another user's session, create a new, empty
        # session if the existing session corresponds to a different
        # authenticated user.
        request.session.flush()
  else:
    request.session.cycle_key()
  request.session[SESSION_KEY] = user._meta.pk.value_to_string(user)
  request.session[BACKEND_SESSION_KEY] = user.backend
  request.session[HASH_SESSION_KEY] = session_auth_hash
  if hasattr(request, 'user'):
    request.user = user
  rotate_token(request)
  user_logged_in.send(sender=user.__class__, request=request, user=user)

Answer 1

The user_logged_in signal sent at the end of login() has been defined so that it can be used for notification when a user logs in. It also updates the last_login attribute for the currently logged-in user(as @ozgur mentioned above).

From Login and Logout Signals documentation:

The auth framework uses two signals (user_logged_in and user_logged_out) that can be used for notification when a user logs in or out.

The arguments sent with this signal are:

1. sender : The class of the user that just logged in.
2. request : The current HttpRequest instance.
3. user : The user instance that just logged in.

Using this helps in allowing decoupled applications to get notified when a user has logged in.

Lets say you want to be notified whenever a user logs in and do some actions, then you can use this signal so that your receiver gets notified on a user login. To receive a signal, you need to register a receiver function that gets called when the signal is sent by using the Signal.connect() method.

For example:

perform_some_action_on_login is a receiver function which will perform some extra actions whenever a user logs in.

from django.contrib.auth.signals import user_logged_in

def perform_some_action_on_login(sender, user, **kwargs):
    """
    A signal receiver which performs some actions for
    the user logging in.
    """
    ...
    # your code here

After defining the register function, connect this receiver function with user_logged_in signal

user_logged_in.connect(perform_some_action_on_login)

Now whenever a user logs in, a user_logged_in signal is sent which is received by the receiver function perform_some_actions_on_login. It then performs those extra actions.

Answer 2

try to put the following code in the _ _init__.py of your app

from django.contrib.auth.signals import user_logged_in
from django.dispatch import receiver


@receiver(user_logged_in)
def on_login(sender, user, request, **kwargs):
    print('User just logged in....')