Re: Newbie question: session-length data storage best practices?

2013-01-21 Thread Nikolas Stevenson-Molnar
Upon a second glance, it looks like the clearsession command will only have an effect as of Django 1.5. For <=1.4 if you're using the DB backend, you could always clear them out yourself with a query: now = datetime.datetime.now() Session.objects.filter(expire_date__lt=now).delete() _Nik On

Re: Newbie question: session-length data storage best practices?

2013-01-21 Thread Nikolas Stevenson-Molnar
Hi Spork, See this section of the sessions docs: https://docs.djangoproject.com/en/1.4/topics/http/sessions/#clearing-the-session-table While it mentions file and db backends specifically, I assume the cache backend would work similarly. I.e., you need to periodically run a cleanup of session

Re: Newbie question: session-length data storage best practices?

2013-01-21 Thread testbackupacct
Nik, My concerns are about security. I have some sensitive data associated with each user's session, and I'd like to make sure it is deleted when the user logs out or their session times out or closes their browser window. There's also some other clean up actions I'd like to do under the same

Re: Newbie question: session-length data storage best practices?

2013-01-19 Thread Nikolas Stevenson-Molnar
If I understand correctly, you just need to set SESSION_EXPIRE_AT_BROWSER_CLOSE = True in your settings: https://docs.djangoproject.com/en/1.4/topics/http/sessions/#browser-length-sessions-vs-persistent-sessions When the user closes their browser, the session ends. True, the associated data isn't

Re: Newbie question: session-length data storage best practices?

2013-01-19 Thread testbackupacct
Ok, you've made a very convincing argument. I really haven't spent much time thinking about scalability -- obviously it's time for me to do so! Thanks for taking the time to respond. Spork -- You received this message because you are subscribed to the Google Groups "Django users" group. To

Re: Newbie question: session-length data storage best practices?

2013-01-19 Thread Javier Guerra Giraldez
On Sat, Jan 19, 2013 at 3:03 PM, wrote: > If I'm reading the session docs correctly, if I add the data to the session > object, it'll get persisted, which I don't want. i think you _do_ want it to be persisted. remember that HTTP is a stateless protocol. to have it

Newbie question: session-length data storage best practices?

2013-01-19 Thread testbackupacct
Hi, I've got some data that I'll need read/write access to for the length of an authenticated session's lifetime. But once that browser tab is closed or the user logs out or the user session times out, I want that data to disappear. If I'm reading the session docs correctly, if I add the data