diff --git a/django/conf/global_settings.py b/django/conf/global_settings.py index ad7a0a54f7..a272f01970 100644 --- a/django/conf/global_settings.py +++ b/django/conf/global_settings.py @@ -195,6 +195,7 @@ MIDDLEWARE_CLASSES = ( SESSION_COOKIE_NAME = 'hotclub' # Cookie name. This can be whatever you want. SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # Age of cookie, in seconds (default: 2 weeks). SESSION_COOKIE_DOMAIN = None # A string like ".lawrence.com", or None for standard domain cookie. +SESSION_SAVE_EVERY_REQUEST = False # Whether to save the session data on every request. ######### # CACHE # diff --git a/django/middleware/sessions.py b/django/middleware/sessions.py index 8b9f21f78d..df7473e904 100644 --- a/django/middleware/sessions.py +++ b/django/middleware/sessions.py @@ -1,4 +1,4 @@ -from django.conf.settings import SESSION_COOKIE_NAME, SESSION_COOKIE_AGE, SESSION_COOKIE_DOMAIN +from django.conf.settings import SESSION_COOKIE_NAME, SESSION_COOKIE_AGE, SESSION_COOKIE_DOMAIN, SESSION_SAVE_EVERY_REQUEST from django.models.core import sessions from django.utils.cache import patch_vary_headers import datetime @@ -67,7 +67,7 @@ class SessionMiddleware: modified = request.session.modified except AttributeError: modified = False - if modified: + if modified or SESSION_SAVE_EVERY_REQUEST: session_key = request.session.session_key or sessions.get_new_session_key() new_session = sessions.save(session_key, request.session._session, datetime.datetime.now() + datetime.timedelta(seconds=SESSION_COOKIE_AGE)) diff --git a/docs/sessions.txt b/docs/sessions.txt index a070eda2dd..c4058c0163 100644 --- a/docs/sessions.txt +++ b/docs/sessions.txt @@ -41,7 +41,8 @@ It implements the following standard dictionary methods: Example: ``request.session['fav_color'] = 'blue'`` * ``__delitem__(key)`` - Example: ``del request.session['fav_color']`` + Example: ``del request.session['fav_color']``. This raises ``KeyError`` + if the given ``key`` isn't already in the session. * ``get(key, default=None)`` Example: ``fav_color = request.session.get('fav_color', 'red')`` @@ -158,10 +159,41 @@ This is necessary because the dictionary is stored in an encoded format:: >>> s.get_decoded() {'user_id': 42} -Session cookies -=============== +When sessions are saved +======================= -A few `Django settings`_ give you control over the session cookie: +By default, Django only saves to the session database when the session has been +modified -- that is if any of its dictionary values have been assigned or +deleted:: + + # Session is modified. + request.session['foo'] = 'bar' + + # Session is modified. + del request.session['foo'] + + # Session is modified. + request.session['foo'] = {} + + # Gotcha: Session is NOT modified, because this alters + # request.session['foo'] instead of request.session. + request.session['foo']['bar'] = 'baz' + +To change this default behavior, set the ``SESSION_SAVE_EVERY_REQUEST`` setting +to ``True``. If ``SESSION_SAVE_EVERY_REQUEST`` is ``True``, Django will save +the session to the database on every single request. + +Note that the session cookie is only sent when a session has been created or +modified. If ``SESSION_SAVE_EVERY_REQUEST`` is ``True``, the session cookie +will be sent on every request. + +Similarly, the ``expires`` part of a session cookie is updated each time the +session cookie is sent. + +Settings +======== + +A few `Django settings`_ give you control over session behavior: SESSION_COOKIE_AGE ------------------ @@ -189,6 +221,15 @@ The name of the cookie to use for sessions. This can be whatever you want. ``'hotclub'`` is a reference to the Hot Club of France, the band Django Reinhardt played in. +SESSION_SAVE_EVERY_REQUEST +-------------------------- + +Default: ``False`` + +Whether to save the session data on every request. If this is ``False`` +(default), then the session data will only be saved if it has been modified -- +that is, if any of its dictionary values have been assigned or deleted. + .. _Django settings: http://www.djangoproject.com/documentation/settings/ Technical details diff --git a/docs/settings.txt b/docs/settings.txt index 8098856f85..7fe9a56237 100644 --- a/docs/settings.txt +++ b/docs/settings.txt @@ -533,6 +533,13 @@ See the `session docs`_. ``'hotclub'`` is a reference to the Hot Club of France, the band Django Reinhardt played in. +SESSION_SAVE_EVERY_REQUEST +-------------------------- + +Default: ``False`` + +Whether to save the session data on every request. See the `session docs`_. + SITE_ID -------