Django: setting a session and getting session key in same view

Question

I want to store some things in a database, and am using the current session as a foreign key: from models.py

class Visited(models.Model):
    session = models.ForeignKey(Session)
    page = models.ForeignKey(Page)
    times_visited = models.PositiveIntegerField()
    ip_address = models.IPAddressField()
    date_last_visited = models.DateTimeField()
    def __unicode__(self):
        return u'(%s, %s)' % (str(self.session.session_key), str(self.page.name))

To make a new entry for this model I'm using the following to get the current session (in views.py):

Session.objects.get(session_key=request.session.session_key)

However if it is the first time a user has visited the site, and thus do not have a cookie set yet, the code above will produce a DoesNotExist error.

I know that even if there is now cookie set you can still set session objects. So I can think of a few hacks to make this work, such as:

• Set unique identifier as a session object (in addition to the session key)
• Temporarily store the data I wish to add to the database a session object, and use a decorator function to check if it exists before using a session.
• Just use the session objects and not store anything in the database (this would be technically possible, but for my implementation it would depend on Python dictionaries -with a few hundred entries- being at least as efficient as a database for things like sorting.)

But I would like a better solution I can live with. Are there any generally used or good solutions to this problem? Or am I even referencing sessions properly in my model?

Thank you for your help.

Answer 1

request.session is a SessionStore object with a unique session_key.

The session_key is created as soon as the attribute is accessed. But the session object itself is only saved to the database after the view has been processed (in the process_response method of the session middleware) by calling the save method of the SessionStore object.

It's not really documented, but looking at the source code I guess you are supposed to create a new session object like this:

if not request.session.exists(request.session.session_key):
    request.session.create() 

You could also create custom session middleware, that makes sure your new session object is always available before any of your views tries to access it:

from django.conf import settings
from django.contrib.sessions.middleware import SessionMiddleware

class CustomSessionMiddleware(SessionMiddleware):
    def process_request(self, request):
        engine = import_module(settings.SESSION_ENGINE)
        session_key = request.COOKIES.get(settings.SESSION_COOKIE_NAME, None)
        request.session = engine.SessionStore(session_key)
        if not request.session.exists(request.session.session_key):
            request.session.create() 

(Of course you must reference your new session middleware via the SESSION_ENGINE inside your settings.py)

But be aware - this approach will generate a new session object for every request if the user's browser does not support cookies ...

Answer 2

if you want to destroy session i would suggest a better idea is first use django shell.

from django.contrib.sessions.models import Session
Session.objects.all() #you see all sessions
Session.objects.all().delete() 

in last query you can filter according to your need. and hit a query