Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>If you manually adds a row to <code>django_session</code> on login, then on <a href="https://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.logout" rel="nofollow"><code>django.contrib.auth.logout()</code></a>, the <a href="https://docs.djangoproject.com/en/dev/topics/http/sessions/#django.contrib.sessions.backends.base.SessionBase.flush" rel="nofollow"><code>request.session.flush()</code></a>) function will <strong>only</strong> delete the row with the same primary key <code>session_key</code> as the current session key from <code>django_session</code> table. </p> <p><code>request.session.flush()</code> is used to ensure that the previous session data can’t be accessed again from the user’s browser. It basically does two things:</p> <ol> <li>delete the current session data from the database (or cache, depends on which one you choose for your <a href="https://docs.djangoproject.com/en/dev/topics/http/sessions/" rel="nofollow">session backends</a>). </li> <li>regenerate the session key value that is sent back to the user in the cookie.</li> </ol> <p>The Django source code of <code>django.contrib.auth.logout()</code>:</p> <pre><code>def logout(request): """ Removes the authenticated user's ID from the request and flushes their session data. """ # Dispatch the signal before the user is logged out so the receivers have a # chance to find out *who* logged out. user = getattr(request, 'user', None) if hasattr(user, 'is_authenticated') and not user.is_authenticated(): user = None user_logged_out.send(sender=user.__class__, request=request, user=user) request.session.flush() if hasattr(request, 'user'): from django.contrib.auth.models import AnonymousUser request.user = AnonymousUser() </code></pre> <p>Delete method for database-based session:</p> <pre><code>def delete(self, session_key=None): if session_key is None: if self.session_key is None: return session_key = self.session_key try: Session.objects.get(session_key=session_key).delete() except Session.DoesNotExist: pass </code></pre> <p>To remove the manually added row, you can utilize Django signal <a href="https://docs.djangoproject.com/en/dev/topics/auth/#django.contrib.auth.django.contrib.auth.signals.user_logged_out" rel="nofollow"><code>django.contrib.auth.signals.user_logged_out</code></a> to delete row on user logout.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload