Context Navigation

← Previous Ticket
Next Ticket →

#28763 closed New feature (fixed)

Allow SessionStore's to be easily overridden to make dynamic the session cookie age

Reported by:	Jaime Herencia Enjuto	Owned by:	Hasan Ramezani
Component:	contrib.sessions	Version:	dev
Severity:	Normal	Keywords:
Cc:		Triage Stage:	Accepted
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	no
Easy pickings:	no	UI/UX:	no

Description

If I want to make dynamic my SESSION_COOKIE_AGE setting based on certain parameters of the session I need to reimplement in my SessionStore subclasses the following methods:

get_expiry_age
get_expiry_date

just to override the points where settings.SESSION_COOKIE_AGE is used.

Change History (9)

comment:1 by Jaime Herencia Enjuto, 6 years ago

Has patch:	set

I've created a pull request: https://github.com/django/django/pull/9314

Version 0, edited 6 years ago by Jaime Herencia Enjuto (next)

comment:2 by Jaime Herencia Enjuto, 6 years ago

Summary:	Allow SessionStore's to easily override or make dynamic the session cookie age → Allow SessionStore's to be easily overridden to make dynamic the session cookie age

comment:3 by Tomer Chachamu, 6 years ago

Owner:	changed from nobody to Tomer Chachamu
Status:	new → assigned
Triage Stage:	Unreviewed → Accepted

That seems useful.

comment:4 by Tomer Chachamu, 6 years ago

Owner:	Tomer Chachamu removed
Status:	assigned → new
Triage Stage:	Accepted → Unreviewed

Actually, it looks like you can call SessionStore.set_expiry? One place to do so would be in a middleware that's listed below the session middleware, when processing a response.

class SessionExpiryPolicyMiddleware(object):
    def __init__(self, get_response):
        self.get_response = get_response
   
    def __call__(self, request):

        response = self.get_response(request)

        if response.session.modified and response.status_code != 500:
             response.session.set_expiry(response.session.calculate_expiry())

        return response

comment:5 by Jaime Herencia Enjuto, 6 years ago

You are right that could be a way to achieve this, I know there are other ways to do this but don't you think that the responsible of calculating Session expirations should be the SessionStore not a middleware?

comment:6 by Tomer Chachamu, 6 years ago

I think it would be worth discussing in the django-developers mailing list.

comment:7 by Tim Graham, 6 years ago

Needs tests:	set
Triage Stage:	Unreviewed → Accepted

A test should be added so the change isn't inadvertently refactored away.

comment:8 by Mariusz Felisiak, 5 years ago

Needs tests:	unset
Owner:	set to Hasan Ramezani
Status:	new → assigned

comment:9 by Mariusz Felisiak <felisiak.mariusz@…>, 5 years ago

Resolution:	→ fixed
Status:	assigned → closed

In 9d6f981a:

Fixed #28763 -- Allowed overriding the session cookie age with SessionStore.get_session_cookie_age().

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues