Fixed #395 -- Added SESSION_EXPIRE_AT_BROWSER_CLOSE setting, which regulates... (26b61aa8) · Commits · Dom Sekotill / django

django/conf/global_settings.py

+1 −0

Original line number	Diff line number	Diff line
		@@ -235,6 +235,7 @@ SESSION_COOKIE_NAME = 'sessionid' # Cookie name. This can be whatever yo
		SESSION_COOKIE_AGE = 60 * 60 * 24 * 7 * 2 # Age of cookie, in seconds (default: 2 weeks).
		SESSION_COOKIE_DOMAIN = None # A string like ".lawrence.com", or None for standard domain cookie.
		SESSION_SAVE_EVERY_REQUEST = False # Whether to save the session data on every request.
		SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Whether sessions expire when a user closes his browser.

		#########
		# CACHE #

+7 −2

Original line number	Diff line number	Diff line
		@@ -79,9 +79,14 @@ class SessionMiddleware:
		else:
		if modified or settings.SESSION_SAVE_EVERY_REQUEST:
		session_key = request.session.session_key or Session.objects.get_new_session_key()
		if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE:
		max_age = None
		expires = None
		else:
		max_age = settings.SESSION_COOKIE_AGE
		expires = datetime.datetime.strftime(datetime.datetime.utcnow() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT")
		new_session = Session.objects.save(session_key, request.session._session,
		datetime.datetime.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE))
		expires = datetime.datetime.strftime(datetime.datetime.utcnow() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE), "%a, %d-%b-%Y %H:%M:%S GMT")
		response.set_cookie(settings.SESSION_COOKIE_NAME, session_key,
		max_age=settings.SESSION_COOKIE_AGE, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN)
		max_age=max_age, expires=expires, domain=settings.SESSION_COOKIE_DOMAIN)
		return response

+24 −0

Original line number	Diff line number	Diff line
		@@ -197,6 +197,22 @@ will be sent on every request.
		Similarly, the ``expires`` part of a session cookie is updated each time the
		session cookie is sent.

		Browser-length sessions vs. persistent sessions
		===============================================

		You can control whether the session framework uses browser-length sessions vs.
		persistent sessions with the ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` setting.

		By default, ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` is set to ``False``, which
		means session cookies will be stored in users' browsers for as long as
		``SESSION_COOKIE_AGE``. Use this if you don't want people to have to log in
		every time they open a browser.

		If ``SESSION_EXPIRE_AT_BROWSER_CLOSE`` is set to ``True``, Django will use
		browser-length cookies -- cookies that expire as soon as the user closes his or
		her browser. Use this if you want people to have to log in every time they open
		a browser.

		Settings
		========

		@@ -225,6 +241,14 @@ Default: ``'sessionid'``

		The name of the cookie to use for sessions. This can be whatever you want.

		SESSION_EXPIRE_AT_BROWSER_CLOSE
		-------------------------------

		Default: ``False``

		Whether to expire the session when the user closes his or her browser. See
		"Browser-length sessions vs. persistent sessions" above.

		SESSION_SAVE_EVERY_REQUEST
		--------------------------

+8 −0

Original line number	Diff line number	Diff line
		@@ -603,6 +603,14 @@ Default: ``'sessionid'``
		The name of the cookie to use for sessions. This can be whatever you want.
		See the `session docs`_.

		SESSION_EXPIRE_AT_BROWSER_CLOSE
		-------------------------------

		Default: ``False``

		Whether to expire the session when the user closes his or her browser.
		See the `session docs`_.

		SESSION_SAVE_EVERY_REQUEST
		--------------------------