id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
1180	Django session key generation flawed	wojtek@…	Malcolm Tredinnick	"{{{
            session_key = md5.new(str(random.randint(0, sys.maxint - 1)) + SECRET_KEY).hexdigest()
}}}

this is used throughout django and it often generates duplicate keys, today i spent 5 hours trying to find out what was causing my site to break and it was this (since I used this algorithm in another context without checking if a session with given key already exists).

i propose the following:
{{{
    session_key = md5.new(
        str(random.randint(0, sys.maxint - 1)) + ""#"" +
        str(random.randint(0, sys.maxint - 1)) + ""#"" +
        str(time.time()) + ""#"").hexdigest()
}}}

secret_key is pretty useless

regards"	defect	closed	contrib.sessions	dev	normal	fixed			Accepted	1	0	1	0	0	0