Opened 6 years ago
Closed 6 years ago
#5549 closed (wontfix)
Remove duplicate code in SessionBase, SessionManager and Session
| Reported by: | adrian | Owned by: | heracek |
|---|---|---|---|
| Component: | contrib.sessions | Version: | master |
| Severity: | Keywords: | sprintdec01 | |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | yes | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | UI/UX: |
Description
In #5548, leosoto pointed out that these two methods are almost identical:
django.contrib.sessions.models.SessionManager.get_new_session_key
django.contrib.sessions.backends.base.SessionBase._get_new_session_key
These should be refactored to remove the duplication.
Attachments (2)
Change History (10)
comment:1 Changed 6 years ago by adrian
- Component changed from Core framework to django.contrib.sessions
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Triage Stage changed from Unreviewed to Accepted
comment:2 Changed 6 years ago by heracek
- Owner changed from nobody to heracek
Changed 6 years ago by heracek
comment:3 Changed 6 years ago by heracek
- Has patch set
- Keywords sprintdec01 added
- Summary changed from Remove duplicate code in SessionBase andSessionManager to Remove duplicate code in SessionBase, SessionManager and Session
comment:4 Changed 6 years ago by __hawkeye__
comment:5 Changed 6 years ago by anonymous
Also, there should be clear instructions how to clear all session data (as opposed to deleting individual keys).
request.session.clear() seems to do it, it should be documented (I assume this is correct looking at the code -- looks like the the corresponding row will be deleted from session table if session dict is empty) or an explicit, documented method for clearing the session should be added.
Perhaps a note like the following should be added:
Use request.session.clear() if you need to clear all session data. The corresponding session row will be automatically removed from the session table when session dictionary is empty.
Test cases should be added too, in the lines of the following:
>>> request = HttpRequest
>>> # attach session to HttpRequest
>>> request.session["foo"] = "bar"
>>> request.session.clear()
>>> request.session["foo"]
Traceback (most recent call last):
...
KeyError: 'foo'
comment:6 Changed 6 years ago by anonymous
See e.g. http://beaker.groovie.org/beaker/browser/beaker/session.py#L174 for session invalidation that really should be present in Django.
comment:7 Changed 6 years ago by mtredinnick
Anonymous, please don't hijack tickets for issues of your own. Your item has nothing to do with this ticket. If you want extra functionality added, read contributing.txt for how to propose it (discussion on django-dev and then maybe a ticket).
comment:8 Changed 6 years ago by russellm
- Resolution set to wontfix
- Status changed from new to closed
I'm going to mark this wontfix; the original problem was resolved in [6796] as part of #6081. The subsequent patch on this ticket is a backwards incompatible change that removes the ability to easily interact with session objects directly. Although you generally shouldn't be interacting with Session objects directly, I don't see any compelling reason to disable this functionality.
Patch removes duplicity in code and corrects session documentation