'WSGIRequest' object has no attribute 'session' while upgrading from django 1.3 to 1.9

Question

Similar to this question 'WSGIRequest' object has no attribute 'session'

But my MIDDLEWARE classes are in the correct order.

INSTALLED_APPS = [
    'django.contrib.sessions',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'membership',
    'treebeard',
    'haystack',
    'reversion',
]

MIDDLEWARE = [
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

I am redirecting to login

url(r'^$',  RedirectView.as_view(url='login/')),
url(r'^login/$', 'membership.views.loginView', name='login'),

and then

def loginView(request):
    a = request.session

Throws the error

Answer 1

MIDDLEWARE is a new setting in 1.10 that will replace the old MIDDLEWARE_CLASSES.

Since you're currently on 1.9, Django doesn't recognize the MIDDLEWARE setting. You should use the MIDDLEWARE_CLASSES setting instead:

MIDDLEWARE_CLASSES = [
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

Answer 2

Django 2.0

You can try this in your settings.py, MIDDLEWARE_CLASSES = [....]:

• Change MIDDLEWARE_CLASSES=[...] to MIDDLEWARE=[...]

• Remove SessionAuthenticationMiddleware from the MIDDLEWARE=[...] list.

The MIDDLEWARE_CLASSES setting is deprecated in Django 1.10, and removed in Django 2.0.

The SessionAuthenticationMiddleware class is removed. It provided no functionality since session authentication is unconditionally enabled in Django 1.10.

Answer 3

Check the order of the middleware, if you are trying to access it on some middlewares which are listed above the session middleware, you will get this error.

Answer 4

This error can also be thrown when you have a typo. i.e.

request.sesion ... 

instead of

request.session ...