Opened 16 years ago

Closed 14 years ago

Last modified 12 years ago

#8537 closed (fixed)

clarify session expiration

Reported by: anonymous Owned by: nobody
Component: Documentation Version: dev
Severity: Keywords:
Cc: Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

the "How to use sessions" documentation at http://www.djangoproject.com/documentation/sessions/ is inaccurate in its description of session expiration. In particular, the definition of what constitutes "activity" and the meaning of the set_expiry() call should be clarified.

First, it appears from reviewing the code and observing the session code on my website, that "activity" that resets the sessions expiration time is anything that _writes_ to the session. Reading from the session does not seem to reset the expiration time.

Second, set_expiry(foo) where foo is a datetime does not set the expiration to that datetime's value. Instead it seems to compute a delta between now() and foo and then push the expiration time this far into the future every time the session is written to. Similarly, set_expiry(foo) where foo is a timedelta does not cause the session to expire in foo seconds in the future but instead causes the session's expiration to be pushed foo seconds into the future every time the session is written to.

Attachments (1)

8537.diff (949 bytes ) - added by Tim Graham 14 years ago.

Download all attachments as: .zip

Change History (7)

comment:1 by TP, 16 years ago

Summary: TPclarify session expiration

comment:2 by Chris Beaven, 15 years ago

Keywords: session removed
Triage Stage: UnreviewedAccepted

Yep, explicitly documenting that only writes cause this time to reset seems reasonable.

Regarding the second point here, it belongs in a different ticket and it's invalid anyway - the expiry time is correctly set once, not every time the session is written to.

by Tim Graham, 14 years ago

Attachment: 8537.diff added

comment:3 by Tim Graham, 14 years ago

Has patch: set

comment:4 by Chris Beaven, 14 years ago

milestone: 1.2
Triage Stage: AcceptedReady for checkin

comment:5 by Russell Keith-Magee, 14 years ago

Resolution: fixed
Status: newclosed

(In [13113]) Fixed #8357 -- Clarified what constitutes activity when calculating session expiry. Thanks to timo for the patch.

comment:6 by Jacob, 12 years ago

milestone: 1.2

Milestone 1.2 deleted

Note: See TracTickets for help on using tickets.
Back to Top