Does django authentication logout function delete session line in django_session table?

Question

Does django authentication logout function delete session line in django_session table?

I am using the basic login and logout page using django. My login function adds a row to the django_session table in db. However, when I log out, it does not delete the session line. Since the session is no longer valid and all data associated with the session is deleted from the request, should the logout function delete the session row from the django_session table?

Here is my exit function:

@login_required
def logout_student(request):
    logout(request)
    # Redirect to a success page.
    return HttpResponseRedirect('/index/')

Thank you for your help.

+2

python django

deelaws 24 sept '12 at 23:45

source share

3 answers

, . , () cron.

+2

sdolan 24 . '12 23:47

. (, ) -
, ( )
, ./manage.py cleanup

it is really strange that you are manipulating sessions at the database level. It makes no sense for me to delete or cancel a session when I log out. I would also recommend using the Django generic logout view or django-registration and handle user logic (if any) in the signals

0

Marat 25 sept. '12 at 0:48

source share

K Z · Accepted Answer · 2012-09-25T00:55:14+0000

django_session , django.contrib.auth.logout(), request.session.flush()) session_key, django_session.

request.session.flush() . :

( , , ).
, cookie.

Django django.contrib.auth.logout():

def logout(request):
    """
    Removes the authenticated user ID from the request and flushes their
    session data.
    """
    # Dispatch the signal before the user is logged out so the receivers have a
    # chance to find out *who* logged out.
    user = getattr(request, 'user', None)
    if hasattr(user, 'is_authenticated') and not user.is_authenticated():
        user = None
    user_logged_out.send(sender=user.__class__, request=request, user=user)

    request.session.flush()
    if hasattr(request, 'user'):
        from django.contrib.auth.models import AnonymousUser
        request.user = AnonymousUser()

:

def delete(self, session_key=None):
    if session_key is None:
        if self.session_key is None:
            return
        session_key = self.session_key
    try:
        Session.objects.get(session_key=session_key).delete()
    except Session.DoesNotExist:
        pass

, Django django.contrib.auth.signals.user_logged_out, .

Does django authentication logout function delete session line in django_session table?

More articles: