Opened 5 years ago

Closed 5 years ago

#16879 closed Bug (invalid)

request.user does not synchronize using SET_SESSION_COOKIE

Reported by: Wim Feijen <wim@…> Owned by: nobody
Component: contrib.auth Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no



I have two sites running, on which I want to share request.user: meaning that if someone logs in to one site, he is automatically logged in to the other, and vice-versa.

I'm using
SESSION_COOKIE_DOMAIN = '' in both projects.

If I inspect the session data, both websites use the same session, having a shared cookie where
'sessionid': '28a1fa5874533465c0ff2889d4a.....'

But if I successfully log in to one site, then I remain anonymous on the other site. :(

I believe this to be a bug. Can some-one please confirm this? Or did I misunderstand the documentation?

Change History (2)

comment:1 Changed 5 years ago by Wim Feijen <wim@…>

Component: Uncategorizedcontrib.auth
Needs documentation: unset
Needs tests: unset
Patch needs improvement: unset
Type: UncategorizedBug

comment:2 Changed 5 years ago by Aymeric Augustin

Resolution: invalid
Status: newclosed

The identifier of the session is the same on both sites but the contents of the session is different. On one site, the session contains some information that says that the user is logged in. On the other it doesn't.

So this isn't a bug in Django.

I don't know what's the best way to share authentication. You may have to write a custom authentication backend. If you want to discuss that, the django-users mailing list is a better place than Trac anyway. Thanks!

Note: See TracTickets for help on using tickets.
Back to Top