Menu
I am using Django-Python. Is there any way to set session never expire?
226
Django does not provide automatic purging of expired sessions. Therefore, it's your job to purge expired sessions on a regular basis. Django provides a clean-up management command for this purpose: clearsessions . It's recommended to call this command on a regular basis, for example as a daily cron job.
Django uses a cookie containing a special session id to identify each browser and its associated session with the site. The actual session data is stored in the site database by default (this is more secure than storing the data in a cookie, where they are more vulnerable to malicious users).
What is the default session timeout in Django? The setting you are looking for is SESSION_COOKIE_AGE , the default value is 1209600 which is two weeks, in seconds.
As of Django 1.4 (and later), you can also set the duration of a session by setting SESSION_COOKIE_AGE in the settings file.
SESSION_COOKIE_AGEDefault: 1209600 (2 weeks, in seconds)
The age of session cookies, in seconds.
198
I don't know about infinite sessions, but if you use your session middleware and use a huge AUTOLOGOUT time, it will work.
does 100 years sound ok?
on settings.py
# time in minutes
# 60min*24hours*365days*100years
AUTO_LOGOUT = 52560000
Create a middleware and add it to settings.py in the middleware section
from datetime import datetime, timedelta
from django.conf import settings
from django.contrib import auth
from django.utils.translation import ugettext as _
class AutoLogout:
def process_request(self, request):
if not request.user.is_authenticated():
# Can't log out if is not logged in
return
try:
# last click
last_touch = datetime.strptime(request.session['last_touch'], "%Y-%m-%d %H:%M:%S.%f")
# getting auto logout time
auto_logout_time = settings.AUTO_LOGOUT
try:
if datetime.now() - last_touch > timedelta(0, auto_logout_time * 60, 0):
del request.session['last_touch']
auth.logout(request)
request.session['warning'] = unicode(_("You have been logged out"))
return
except Exception as e:
# It should not reach this point
auth.logout(request)
del request.session['last_touch']
request.session['warning'] = unicode(_("You have been logged out"))
except KeyError:
pass
request.session['last_touch'] = str(datetime.now())
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
