#34073: Refactor session middleware to allow easier overrides
-------------------------------------+-------------------------------------
Reporter: Michael | Owner: nobody
Gisi |
Type: | Status: new
Cleanup/optimization |
Component: | Version: 4.1
contrib.sessions |
Severity: Normal | Keywords: middleware
Triage Stage: | Has patch: 0
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
I've recently needed to manipulate the session cookie domain per-request.
In order to do so, I needed to create a new middleware class inheriting
from `SessionMiddleware`, overriding the `process_response` method.
Because the middleware logic reads the domain directly from settings, the
result is a largely copy-pasted method just to change the domain being set
on the cookie. This override is also liable to break if the middleware or
settings change in future Django releases.
In contrast, `SecurityMiddleware` was much easier to override, since any
settings are loaded as instance attributes in `__init__`.
The proposed solution would consist of loading settings in the session
middleware `__init__` e.g. `self.cookie_domain =
settings.SESSION_COOKIE_DOMAIN`.
Happy to submit a PR if this seems reasonable.
--
Ticket URL: <https://code.djangoproject.com/ticket/34073>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/01070183aeb1613d-56e81ba6-f720-4283-82a5-cd4beb9f32f3-000000%40eu-central-1.amazonses.com.
