author | Nishanth Amuluru <nishanth@fossee.in> |
Tue, 11 Jan 2011 14:57:16 +0530 | |
changeset 381 | da4c6b1cec7d |
parent 307 | c6bca38c1cbf |
permissions | -rw-r--r-- |
307
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
1 |
=================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
2 |
How to use sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
3 |
=================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
4 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
5 |
.. module:: django.contrib.sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
6 |
:synopsis: Provides session management for Django projects. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
7 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
8 |
Django provides full support for anonymous sessions. The session framework lets |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
9 |
you store and retrieve arbitrary data on a per-site-visitor basis. It stores |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
10 |
data on the server side and abstracts the sending and receiving of cookies. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
11 |
Cookies contain a session ID -- not the data itself. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
12 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
13 |
Enabling sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
14 |
================= |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
15 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
16 |
Sessions are implemented via a piece of :doc:`middleware </ref/middleware>`. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
17 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
18 |
To enable session functionality, do the following: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
19 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
20 |
* Edit the ``MIDDLEWARE_CLASSES`` setting and make sure |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
21 |
``MIDDLEWARE_CLASSES`` contains ``'django.contrib.sessions.middleware.SessionMiddleware'``. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
22 |
The default ``settings.py`` created by ``django-admin.py startproject`` has |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
23 |
``SessionMiddleware`` activated. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
24 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
25 |
If you don't want to use sessions, you might as well remove the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
26 |
``SessionMiddleware`` line from ``MIDDLEWARE_CLASSES`` and ``'django.contrib.sessions'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
27 |
from your ``INSTALLED_APPS``. It'll save you a small bit of overhead. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
28 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
29 |
Configuring the session engine |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
30 |
============================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
31 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
32 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
33 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
34 |
By default, Django stores sessions in your database (using the model |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
35 |
``django.contrib.sessions.models.Session``). Though this is convenient, in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
36 |
some setups it's faster to store session data elsewhere, so Django can be |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
37 |
configured to store session data on your filesystem or in your cache. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
38 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
39 |
Using database-backed sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
40 |
------------------------------ |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
41 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
42 |
If you want to use a database-backed session, you need to add |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
43 |
``'django.contrib.sessions'`` to your ``INSTALLED_APPS`` setting. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
44 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
45 |
Once you have configured your installation, run ``manage.py syncdb`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
46 |
to install the single database table that stores session data. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
47 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
48 |
Using cached sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
49 |
--------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
50 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
51 |
For better performance, you may want to use a cache-based session backend. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
52 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
53 |
.. versionchanged:: 1.1 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
54 |
Django 1.0 did not include the ``cached_db`` session backend. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
55 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
56 |
To store session data using Django's cache system, you'll first need to make |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
57 |
sure you've configured your cache; see the :doc:`cache documentation |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
58 |
</topics/cache>` for details. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
59 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
60 |
.. warning:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
61 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
62 |
You should only use cache-based sessions if you're using the Memcached |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
63 |
cache backend. The local-memory cache backend doesn't retain data long |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
64 |
enough to be a good choice, and it'll be faster to use file or database |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
65 |
sessions directly instead of sending everything through the file or |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
66 |
database cache backends. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
67 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
68 |
Once your cache is configured, you've got two choices for how to store data in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
69 |
the cache: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
70 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
71 |
* Set :setting:`SESSION_ENGINE` to |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
72 |
``"django.contrib.sessions.backends.cache"`` for a simple caching session |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
73 |
store. Session data will be stored directly your cache. However, session |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
74 |
data may not be persistent: cached data can be evicted if the cache fills |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
75 |
up or if the cache server is restarted. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
76 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
77 |
* For persistent, cached data, set :setting:`SESSION_ENGINE` to |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
78 |
``"django.contrib.sessions.backends.cached_db"``. This uses a |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
79 |
write-through cache -- every write to the cache will also be written to |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
80 |
the database. Session reads only use the database if the data is not |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
81 |
already in the cache. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
82 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
83 |
Both session stores are quite fast, but the simple cache is faster because it |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
84 |
disregards persistence. In most cases, the ``cached_db`` backend will be fast |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
85 |
enough, but if you need that last bit of performance, and are willing to let |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
86 |
session data be expunged from time to time, the ``cache`` backend is for you. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
87 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
88 |
If you use the ``cached_db`` session backend, you also need to follow the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
89 |
configuration instructions for the `using database-backed sessions`_. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
90 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
91 |
Using file-based sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
92 |
------------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
93 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
94 |
To use file-based sessions, set the ``SESSION_ENGINE`` setting to |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
95 |
``"django.contrib.sessions.backends.file"``. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
96 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
97 |
You might also want to set the ``SESSION_FILE_PATH`` setting (which defaults |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
98 |
to output from ``tempfile.gettempdir()``, most likely ``/tmp``) to control |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
99 |
where Django stores session files. Be sure to check that your Web server has |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
100 |
permissions to read and write to this location. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
101 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
102 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
103 |
Using sessions in views |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
104 |
======================= |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
105 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
106 |
When ``SessionMiddleware`` is activated, each ``HttpRequest`` object -- the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
107 |
first argument to any Django view function -- will have a ``session`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
108 |
attribute, which is a dictionary-like object. You can read it and write to it. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
109 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
110 |
A session object has the following standard dictionary methods: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
111 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
112 |
* ``__getitem__(key)`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
113 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
114 |
Example: ``fav_color = request.session['fav_color']`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
115 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
116 |
* ``__setitem__(key, value)`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
117 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
118 |
Example: ``request.session['fav_color'] = 'blue'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
119 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
120 |
* ``__delitem__(key)`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
121 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
122 |
Example: ``del request.session['fav_color']``. This raises ``KeyError`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
123 |
if the given ``key`` isn't already in the session. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
124 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
125 |
* ``__contains__(key)`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
126 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
127 |
Example: ``'fav_color' in request.session`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
128 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
129 |
* ``get(key, default=None)`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
130 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
131 |
Example: ``fav_color = request.session.get('fav_color', 'red')`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
132 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
133 |
* ``keys()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
134 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
135 |
* ``items()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
136 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
137 |
* ``setdefault()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
138 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
139 |
* ``clear()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
140 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
141 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
142 |
``setdefault()`` and ``clear()`` are new in this version. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
143 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
144 |
It also has these methods: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
145 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
146 |
* ``flush()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
147 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
148 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
149 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
150 |
Delete the current session data from the session and regenerate the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
151 |
session key value that is sent back to the user in the cookie. This is |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
152 |
used if you want to ensure that the previous session data can't be |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
153 |
accessed again from the user's browser (for example, the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
154 |
:func:`django.contrib.auth.logout()` function calls it). |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
155 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
156 |
* ``set_test_cookie()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
157 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
158 |
Sets a test cookie to determine whether the user's browser supports |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
159 |
cookies. Due to the way cookies work, you won't be able to test this |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
160 |
until the user's next page request. See `Setting test cookies`_ below for |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
161 |
more information. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
162 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
163 |
* ``test_cookie_worked()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
164 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
165 |
Returns either ``True`` or ``False``, depending on whether the user's |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
166 |
browser accepted the test cookie. Due to the way cookies work, you'll |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
167 |
have to call ``set_test_cookie()`` on a previous, separate page request. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
168 |
See `Setting test cookies`_ below for more information. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
169 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
170 |
* ``delete_test_cookie()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
171 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
172 |
Deletes the test cookie. Use this to clean up after yourself. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
173 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
174 |
* ``set_expiry(value)`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
175 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
176 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
177 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
178 |
Sets the expiration time for the session. You can pass a number of |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
179 |
different values: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
180 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
181 |
* If ``value`` is an integer, the session will expire after that |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
182 |
many seconds of inactivity. For example, calling |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
183 |
``request.session.set_expiry(300)`` would make the session expire |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
184 |
in 5 minutes. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
185 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
186 |
* If ``value`` is a ``datetime`` or ``timedelta`` object, the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
187 |
session will expire at that specific date/time. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
188 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
189 |
* If ``value`` is ``0``, the user's session cookie will expire |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
190 |
when the user's Web browser is closed. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
191 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
192 |
* If ``value`` is ``None``, the session reverts to using the global |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
193 |
session expiry policy. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
194 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
195 |
Reading a session is not considered activity for expiration |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
196 |
purposes. Session expiration is computed from the last time the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
197 |
session was *modified*. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
198 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
199 |
* ``get_expiry_age()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
200 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
201 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
202 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
203 |
Returns the number of seconds until this session expires. For sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
204 |
with no custom expiration (or those set to expire at browser close), this |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
205 |
will equal ``settings.SESSION_COOKIE_AGE``. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
206 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
207 |
* ``get_expiry_date()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
208 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
209 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
210 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
211 |
Returns the date this session will expire. For sessions with no custom |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
212 |
expiration (or those set to expire at browser close), this will equal the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
213 |
date ``settings.SESSION_COOKIE_AGE`` seconds from now. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
214 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
215 |
* ``get_expire_at_browser_close()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
216 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
217 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
218 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
219 |
Returns either ``True`` or ``False``, depending on whether the user's |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
220 |
session cookie will expire when the user's Web browser is closed. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
221 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
222 |
You can edit ``request.session`` at any point in your view. You can edit it |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
223 |
multiple times. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
224 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
225 |
Session object guidelines |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
226 |
------------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
227 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
228 |
* Use normal Python strings as dictionary keys on ``request.session``. This |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
229 |
is more of a convention than a hard-and-fast rule. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
230 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
231 |
* Session dictionary keys that begin with an underscore are reserved for |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
232 |
internal use by Django. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
233 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
234 |
* Don't override ``request.session`` with a new object, and don't access or |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
235 |
set its attributes. Use it like a Python dictionary. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
236 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
237 |
Examples |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
238 |
-------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
239 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
240 |
This simplistic view sets a ``has_commented`` variable to ``True`` after a user |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
241 |
posts a comment. It doesn't let a user post a comment more than once:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
242 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
243 |
def post_comment(request, new_comment): |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
244 |
if request.session.get('has_commented', False): |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
245 |
return HttpResponse("You've already commented.") |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
246 |
c = comments.Comment(comment=new_comment) |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
247 |
c.save() |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
248 |
request.session['has_commented'] = True |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
249 |
return HttpResponse('Thanks for your comment!') |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
250 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
251 |
This simplistic view logs in a "member" of the site:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
252 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
253 |
def login(request): |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
254 |
m = Member.objects.get(username=request.POST['username']) |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
255 |
if m.password == request.POST['password']: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
256 |
request.session['member_id'] = m.id |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
257 |
return HttpResponse("You're logged in.") |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
258 |
else: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
259 |
return HttpResponse("Your username and password didn't match.") |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
260 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
261 |
...And this one logs a member out, according to ``login()`` above:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
262 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
263 |
def logout(request): |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
264 |
try: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
265 |
del request.session['member_id'] |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
266 |
except KeyError: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
267 |
pass |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
268 |
return HttpResponse("You're logged out.") |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
269 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
270 |
The standard ``django.contrib.auth.logout()`` function actually does a bit |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
271 |
more than this to prevent inadvertent data leakage. It calls |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
272 |
``request.session.flush()``. We are using this example as a demonstration of |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
273 |
how to work with session objects, not as a full ``logout()`` implementation. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
274 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
275 |
Setting test cookies |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
276 |
==================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
277 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
278 |
As a convenience, Django provides an easy way to test whether the user's |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
279 |
browser accepts cookies. Just call ``request.session.set_test_cookie()`` in a |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
280 |
view, and call ``request.session.test_cookie_worked()`` in a subsequent view -- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
281 |
not in the same view call. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
282 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
283 |
This awkward split between ``set_test_cookie()`` and ``test_cookie_worked()`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
284 |
is necessary due to the way cookies work. When you set a cookie, you can't |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
285 |
actually tell whether a browser accepted it until the browser's next request. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
286 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
287 |
It's good practice to use ``delete_test_cookie()`` to clean up after yourself. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
288 |
Do this after you've verified that the test cookie worked. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
289 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
290 |
Here's a typical usage example:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
291 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
292 |
def login(request): |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
293 |
if request.method == 'POST': |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
294 |
if request.session.test_cookie_worked(): |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
295 |
request.session.delete_test_cookie() |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
296 |
return HttpResponse("You're logged in.") |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
297 |
else: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
298 |
return HttpResponse("Please enable cookies and try again.") |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
299 |
request.session.set_test_cookie() |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
300 |
return render_to_response('foo/login_form.html') |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
301 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
302 |
Using sessions out of views |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
303 |
=========================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
304 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
305 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
306 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
307 |
An API is available to manipulate session data outside of a view:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
308 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
309 |
>>> from django.contrib.sessions.backends.db import SessionStore |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
310 |
>>> s = SessionStore(session_key='2b1189a188b44ad18c35e113ac6ceead') |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
311 |
>>> s['last_login'] = datetime.datetime(2005, 8, 20, 13, 35, 10) |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
312 |
>>> s['last_login'] |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
313 |
datetime.datetime(2005, 8, 20, 13, 35, 0) |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
314 |
>>> s.save() |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
315 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
316 |
If you're using the ``django.contrib.sessions.backends.db`` backend, each |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
317 |
session is just a normal Django model. The ``Session`` model is defined in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
318 |
``django/contrib/sessions/models.py``. Because it's a normal model, you can |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
319 |
access sessions using the normal Django database API:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
320 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
321 |
>>> from django.contrib.sessions.models import Session |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
322 |
>>> s = Session.objects.get(pk='2b1189a188b44ad18c35e113ac6ceead') |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
323 |
>>> s.expire_date |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
324 |
datetime.datetime(2005, 8, 20, 13, 35, 12) |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
325 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
326 |
Note that you'll need to call ``get_decoded()`` to get the session dictionary. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
327 |
This is necessary because the dictionary is stored in an encoded format:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
328 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
329 |
>>> s.session_data |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
330 |
'KGRwMQpTJ19hdXRoX3VzZXJfaWQnCnAyCkkxCnMuMTExY2ZjODI2Yj...' |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
331 |
>>> s.get_decoded() |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
332 |
{'user_id': 42} |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
333 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
334 |
When sessions are saved |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
335 |
======================= |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
336 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
337 |
By default, Django only saves to the session database when the session has been |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
338 |
modified -- that is if any of its dictionary values have been assigned or |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
339 |
deleted:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
340 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
341 |
# Session is modified. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
342 |
request.session['foo'] = 'bar' |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
343 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
344 |
# Session is modified. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
345 |
del request.session['foo'] |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
346 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
347 |
# Session is modified. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
348 |
request.session['foo'] = {} |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
349 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
350 |
# Gotcha: Session is NOT modified, because this alters |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
351 |
# request.session['foo'] instead of request.session. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
352 |
request.session['foo']['bar'] = 'baz' |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
353 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
354 |
In the last case of the above example, we can tell the session object |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
355 |
explicitly that it has been modified by setting the ``modified`` attribute on |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
356 |
the session object:: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
357 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
358 |
request.session.modified = True |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
359 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
360 |
To change this default behavior, set the ``SESSION_SAVE_EVERY_REQUEST`` setting |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
361 |
to ``True``. If ``SESSION_SAVE_EVERY_REQUEST`` is ``True``, Django will save |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
362 |
the session to the database on every single request. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
363 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
364 |
Note that the session cookie is only sent when a session has been created or |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
365 |
modified. If ``SESSION_SAVE_EVERY_REQUEST`` is ``True``, the session cookie |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
366 |
will be sent on every request. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
367 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
368 |
Similarly, the ``expires`` part of a session cookie is updated each time the |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
369 |
session cookie is sent. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
370 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
371 |
Browser-length sessions vs. persistent sessions |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
372 |
=============================================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
373 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
374 |
You can control whether the session framework uses browser-length sessions vs. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
375 |
persistent sessions with the ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` setting. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
376 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
377 |
By default, ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` is set to ``False``, which |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
378 |
means session cookies will be stored in users' browsers for as long as |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
379 |
``SESSION_COOKIE_AGE``. Use this if you don't want people to have to log in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
380 |
every time they open a browser. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
381 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
382 |
If ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` is set to ``True``, Django will use |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
383 |
browser-length cookies -- cookies that expire as soon as the user closes his or |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
384 |
her browser. Use this if you want people to have to log in every time they open |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
385 |
a browser. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
386 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
387 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
388 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
389 |
This setting is a global default and can be overwritten at a per-session level |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
390 |
by explicitly calling ``request.session.set_expiry()`` as described above in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
391 |
`using sessions in views`_. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
392 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
393 |
Clearing the session table |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
394 |
========================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
395 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
396 |
If you're using the database backend, note that session data can accumulate in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
397 |
the ``django_session`` database table and Django does *not* provide automatic |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
398 |
purging. Therefore, it's your job to purge expired sessions on a regular basis. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
399 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
400 |
To understand this problem, consider what happens when a user uses a session. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
401 |
When a user logs in, Django adds a row to the ``django_session`` database |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
402 |
table. Django updates this row each time the session data changes. If the user |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
403 |
logs out manually, Django deletes the row. But if the user does *not* log out, |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
404 |
the row never gets deleted. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
405 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
406 |
Django provides a sample clean-up script: ``django-admin.py cleanup``. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
407 |
That script deletes any session in the session table whose ``expire_date`` is |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
408 |
in the past -- but your application may have different requirements. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
409 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
410 |
Settings |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
411 |
======== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
412 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
413 |
A few :doc:`Django settings </ref/settings>` give you control over session behavior: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
414 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
415 |
SESSION_ENGINE |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
416 |
-------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
417 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
418 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
419 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
420 |
.. versionchanged:: 1.1 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
421 |
The ``cached_db`` backend was added |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
422 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
423 |
Default: ``django.contrib.sessions.backends.db`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
424 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
425 |
Controls where Django stores session data. Valid values are: |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
426 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
427 |
* ``'django.contrib.sessions.backends.db'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
428 |
* ``'django.contrib.sessions.backends.file'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
429 |
* ``'django.contrib.sessions.backends.cache'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
430 |
* ``'django.contrib.sessions.backends.cached_db'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
431 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
432 |
See `configuring the session engine`_ for more details. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
433 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
434 |
SESSION_FILE_PATH |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
435 |
----------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
436 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
437 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
438 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
439 |
Default: ``/tmp/`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
440 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
441 |
If you're using file-based session storage, this sets the directory in |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
442 |
which Django will store session data. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
443 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
444 |
SESSION_COOKIE_AGE |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
445 |
------------------ |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
446 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
447 |
Default: ``1209600`` (2 weeks, in seconds) |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
448 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
449 |
The age of session cookies, in seconds. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
450 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
451 |
SESSION_COOKIE_DOMAIN |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
452 |
--------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
453 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
454 |
Default: ``None`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
455 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
456 |
The domain to use for session cookies. Set this to a string such as |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
457 |
``".lawrence.com"`` (note the leading dot!) for cross-domain cookies, or use |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
458 |
``None`` for a standard domain cookie. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
459 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
460 |
SESSION_COOKIE_NAME |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
461 |
------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
462 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
463 |
Default: ``'sessionid'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
464 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
465 |
The name of the cookie to use for sessions. This can be whatever you want. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
466 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
467 |
SESSION_COOKIE_PATH |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
468 |
------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
469 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
470 |
.. versionadded:: 1.0 |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
471 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
472 |
Default: ``'/'`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
473 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
474 |
The path set on the session cookie. This should either match the URL path of |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
475 |
your Django installation or be parent of that path. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
476 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
477 |
This is useful if you have multiple Django instances running under the same |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
478 |
hostname. They can use different cookie paths, and each instance will only see |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
479 |
its own session cookie. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
480 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
481 |
SESSION_COOKIE_SECURE |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
482 |
--------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
483 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
484 |
Default: ``False`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
485 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
486 |
Whether to use a secure cookie for the session cookie. If this is set to |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
487 |
``True``, the cookie will be marked as "secure," which means browsers may |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
488 |
ensure that the cookie is only sent under an HTTPS connection. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
489 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
490 |
SESSION_EXPIRE_AT_BROWSER_CLOSE |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
491 |
------------------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
492 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
493 |
Default: ``False`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
494 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
495 |
Whether to expire the session when the user closes his or her browser. See |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
496 |
"Browser-length sessions vs. persistent sessions" above. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
497 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
498 |
SESSION_SAVE_EVERY_REQUEST |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
499 |
-------------------------- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
500 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
501 |
Default: ``False`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
502 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
503 |
Whether to save the session data on every request. If this is ``False`` |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
504 |
(default), then the session data will only be saved if it has been modified -- |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
505 |
that is, if any of its dictionary values have been assigned or deleted. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
506 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
507 |
.. _Django settings: ../settings/ |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
508 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
509 |
Technical details |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
510 |
================= |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
511 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
512 |
* The session dictionary should accept any pickleable Python object. See |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
513 |
`the pickle module`_ for more information. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
514 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
515 |
* Session data is stored in a database table named ``django_session`` . |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
516 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
517 |
* Django only sends a cookie if it needs to. If you don't set any session |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
518 |
data, it won't send a session cookie. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
519 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
520 |
.. _`the pickle module`: http://docs.python.org/library/pickle.html |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
521 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
522 |
Session IDs in URLs |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
523 |
=================== |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
524 |
|
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
525 |
The Django sessions framework is entirely, and solely, cookie-based. It does |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
526 |
not fall back to putting session IDs in URLs as a last resort, as PHP does. |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
527 |
This is an intentional design decision. Not only does that behavior make URLs |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
528 |
ugly, it makes your site vulnerable to session-ID theft via the "Referer" |
c6bca38c1cbf
Added buildout stuff and made changes accordingly
Nishanth Amuluru <nishanth@fossee.in>
parents:
diff
changeset
|
529 |
header. |