Django storing anonymous user data

Question

I have a django model which stores user and product data from a form input:

def ProductSelection(request, template_name='product_selection.html'):
    ...
    if user.is_authenticated():
        user = request.user
    else:
        # deal with anonymous user info
    project = Project.objects.create(
        user=user,
        product=form.cleaned_data["product"],
        quantity=form.cleaned_data["product_quantity"],
    )

Of course this is fine for authenticated users, but I also want to be able to store anonymous user projects, and if possible, associate them with the user when they eventually register and authenticate.

My idea is to create anonymous user with name = some_variable (timestamp concatenated with a random hash?), then save that username in session data. If I ensure that that session variable, if exists, is used to record all projects activity of that user, I should be able to update the projects with the user's real credentials when they register.

Is this overly complicated and brittle? Do I risk saving thousands of rows of data unnecessarily? What would be the optimal approach for this common issue?

Any guidance on this would be much appreciated.

Answer 1

You can use Django's session framework to store anonymous user data.

You can then either add a field to your Project model to hold the session_key value for anonymous users,

project = Project.objects.create(
    user=request.user,  # can be anonymous user
    session=request.session.session_key,
    product=form.cleaned_data["product"],
    quantity=form.cleaned_data["product_quantity"])

or simply store all the data a Project instance would have in the session

if user.is_authenticated():
    project = Project.objects.create(
        user=request.user,
        product=form.cleaned_data["product"],
        quantity=form.cleaned_data["product_quantity"])
else:
    # deal with anonymous user info
    request.session['project'] = {
        "product": form.cleaned_data["product"],
        "quantity": form.cleaned_Data["product_quantity"]}

You can retrieve the data from the session later, when creating a proper user.

Answer 2

Just to clarify, the below code is how implemented the solution in my case:

        project = Project.objects.create(
            session=request.session.session_key,
            # save all other fields
            ...
        )
        if request.user.is_authenticated():
            project.user = request.user
        else:
            # make a copy of the session key
            # this is done because the session_key changes
            # on login/ register 
            request.session['key_copy'] = request.session.session_key
        project.save()

And in my models.py:

 class Project(models.Model):
     user = models.ForeignKey(User, null=True, blank=True)
     ...

So a user field can be null, and in this case we use the session_key to keep a track of things.