summaryrefslogtreecommitdiff
path: root/docs/sessions.txt
diff options
context:
space:
mode:
Diffstat (limited to 'docs/sessions.txt')
-rw-r--r--docs/sessions.txt23
1 files changed, 20 insertions, 3 deletions
diff --git a/docs/sessions.txt b/docs/sessions.txt
index d39f42c3bf..8c54c1634a 100644
--- a/docs/sessions.txt
+++ b/docs/sessions.txt
@@ -27,7 +27,7 @@ If you don't want to use sessions, you might as well remove the
``SessionMiddleware`` line from ``MIDDLEWARE_CLASSES`` and ``'django.contrib.sessions'``
from your ``INSTALLED_APPS``. It'll save you a small bit of overhead.
-.. _middleware: http://www.djangoproject.com/documentation/middleware/
+.. _middleware: ../middleware/
Using sessions in views
=======================
@@ -141,7 +141,7 @@ Do this after you've verified that the test cookie worked.
Here's a typical usage example::
def login(request):
- if request.POST:
+ if request.method == 'POST':
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponse("You're logged in.")
@@ -217,6 +217,23 @@ browser-length cookies -- cookies that expire as soon as the user closes his or
her browser. Use this if you want people to have to log in every time they open
a browser.
+Clearing the session table
+==========================
+
+Note that session data can accumulate in the ``django_session`` database table
+and Django does *not* provide automatic purging. Therefore, it's your job to
+purge expired sessions on a regular basis.
+
+To understand this problem, consider what happens when a user uses a session.
+When a user logs in, Django adds a row to the ``django_session`` database
+table. Django updates this row each time the session data changes. If the user
+logs out manually, Django deletes the row. But if the user does *not* log out,
+the row never gets deleted.
+
+Django provides a sample clean-up script in ``django/bin/daily_cleanup.py``.
+That script deletes any session in the session table whose ``expire_date`` is
+in the past -- but your application may have different requirements.
+
Settings
========
@@ -273,7 +290,7 @@ Whether to save the session data on every request. If this is ``False``
(default), then the session data will only be saved if it has been modified --
that is, if any of its dictionary values have been assigned or deleted.
-.. _Django settings: http://www.djangoproject.com/documentation/settings/
+.. _Django settings: ../settings/
Technical details
=================
View Lorry Controller Status