Django sessions

Django sessions

Django sessions — Lets you store and retrieve arbitrary data on a per-site-visitor basis.

Django sessions — Stores data on the server side and abstracts the sending and receiving of cookies.

def login(request):
    m = Member.objects.get(username=request.POST['username'])
    if m.password == request.POST['password']:
        request.session['member_id'] =
        return HttpResponse("You're logged in.")
        return HttpResponse("Your username and password didn't match.")

Are implemented via a piece of middleware.

By default, Django stores sessions in your database.

Enabling sessions

Edit the MIDDLEWARE setting and make sure it contains 'django.contrib.sessions.middleware.SessionMiddleware'. The default created by django-admin startproject has SessionMiddleware activated.

By default, Django stores sessions in your database (using the model django.contrib.sessions.models.Session).

Using sessions in views

When SessionMiddleware is activated, each HttpRequest object – the first argument to any Django view function – will have a session attribute, which is a dictionary-like object.

Using sessions out of views

>>> from django.contrib.sessions.backends.db import SessionStore
>>> s = SessionStore()
>>> # stored as seconds since epoch since datetimes are not serializable in JSON.
>>> s['last_login'] = 1376587691
>>> s.create()
>>> s.session_key
>>> s = SessionStore(session_key='2b1189a188b44ad18c35e113ac6ceead')
>>> s['last_login']

Setting test cookies

from django.http import HttpResponse
from django.shortcuts import render

def login(request):
    if request.method == 'POST':
        if request.session.test_cookie_worked():
            return HttpResponse("You're logged in.")
            return HttpResponse("Please enable cookies and try again.")
    return render(request, 'foo/login_form.html')

Django provides a way to test whether the user’s browser accepts cookies.

Django sessions — Structure map

Clickable & Draggable!

Django sessions — Related pages: