Ticket #832: sessions.diff

django/conf/global_settings.py

@@ -196 +196 @@
 SESSION_COOKIE_NAME = 'hotclub'           # Cookie name. This can be whatever you want.
 SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # Age of cookie, in seconds (default: 2 weeks).
 SESSION_COOKIE_DOMAIN = None              # A string like ".lawrence.com", or None for standard domain cookie.
+SESSION_COOKIE_PERSIST = True             # Whether session cookies persist across browser sessions.
 SESSION_SAVE_EVERY_REQUEST = False        # Whether to save the session data on every request.
 
 #########

django/middleware/sessions.py

@@ -1 @@
-from django.conf.settings import SESSION_COOKIE_NAME, SESSION_COOKIE_AGE, SESSION_COOKIE_DOMAIN, SESSION_SAVE_EVERY_REQUEST
+from django.conf.settings import SESSION_COOKIE_NAME, SESSION_COOKIE_AGE, SESSION_COOKIE_DOMAIN, SESSION_SAVE_EVERY_REQUEST, SESSION_COOKIE_PERSIST
 from django.models.core import sessions
 from django.utils.cache import patch_vary_headers
 import datetime
@@ -71 +71 @@
             session_key = request.session.session_key or sessions.get_new_session_key()
             new_session = sessions.save(session_key, request.session._session,
                 datetime.datetime.now() + datetime.timedelta(seconds=SESSION_COOKIE_AGE))
-            expires = datetime.datetime.strftime(datetime.datetime.utcnow() + datetime.timedelta(seconds=SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT")
+            if SESSION_COOKIE_PERSIST:
+                expires = datetime.datetime.strftime(datetime.datetime.utcnow() + datetime.timedelta(seconds=SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT")
+            else:
+                expires = None
             response.set_cookie(SESSION_COOKIE_NAME, session_key,
                 max_age=SESSION_COOKIE_AGE, expires=expires, domain=SESSION_COOKIE_DOMAIN)
         return response