if modified or settings.SESSION_SAVE_EVERY_REQUEST:
if request.session.get_expire_at_browser_close():
max_age = None
expires = None
else:
max_age = request.session.get_expiry_age()
expires_time = time.time() + max_age
expires = cookie_date(expires_time)
# Save the session data and refresh the client cookie.
# Skip session save for 500 responses, refs #3881.
if response.status_code != 500:
request.session.save()
response.set_cookie(settings.SESSION_COOKIE_NAME,
request.session.session_key, max_age=max_age,
expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
path=settings.SESSION_COOKIE_PATH,
secure=settings.SESSION_COOKIE_SECURE or None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None)
from datetime import timedelta
from django.utils import timezone
EXTENDED_SESSION_DAYS = 60
EXPIRE_THRESHOLD = 30
class ExtendUserSession(object):
"""
Extend authenticated user's sessions so they don't have to log back in
every 2 weeks (set by Django's default `SESSION_COOKIE_AGE` setting).
"""
def process_request(self, request):
# Only extend the session for auth'd users
if request.user.is_authenticated():
now = timezone.now()
# Only extend the session if the current expiry_date is less than 30 days from now
if request.session.get_expiry_date() < now + timedelta(days=EXPIRE_THRESHOLD):
request.session.set_expiry(now + timedelta(days=EXTENDED_SESSION_DAYS))
不需要为此定制中间件。
设置
SESSION_SAVE_EVERY_REQUEST = True
将使Django的现有SessionMiddleware
完全按照您的要求执行。它有以下代码:
下面是一些扩展经过身份验证的用户会话的中间件。如果他们的会话
expiry_date
不到30天,则它通过将会话再延长60天来保持他们的永久登录。自定义中间件.py:
然后需要在Django的SessionMiddleware之后添加这个自定义中间件,因此您的设置文件应该如下所示:
项目/设置.py:
我相信设置SESSION_COOKIE_AGE就是为了这个目的而设计的。在此期间自动设置登录cookie之后。
还可以使用SESSION_SAVE_EVERY_REQUEST设置在每个请求上保存会话cookie。
相关问题 更多 >
编程相关推荐