我有一位用户已登录。 如何延长/更新从请求收到的会话的到期日期? 提前谢谢!
答案 0 :(得分:5)
没有必要为此制作自定义中间件。
设置SESSION_SAVE_EVERY_REQUEST = True将使Django现有的SessionMiddleware完全按照您的意愿行事。
它有这段代码:
if modified or settings.SESSION_SAVE_EVERY_REQUEST:
if request.session.get_expire_at_browser_close():
max_age = None
expires = None
else:
max_age = request.session.get_expiry_age()
expires_time = time.time() + max_age
expires = cookie_date(expires_time)
# Save the session data and refresh the client cookie.
# Skip session save for 500 responses, refs #3881.
if response.status_code != 500:
request.session.save()
response.set_cookie(settings.SESSION_COOKIE_NAME,
request.session.session_key, max_age=max_age,
expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
path=settings.SESSION_COOKIE_PATH,
secure=settings.SESSION_COOKIE_SECURE or None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None)
答案 1 :(得分:4)
这是一些扩展经过身份验证的用户会话的中间件。如果他们的会话expiry_date距离不到30天,它会使他们的会话延长60天,从而使他们永久登录。
<强> custom_middleware.py:
from datetime import timedelta
from django.utils import timezone
EXTENDED_SESSION_DAYS = 60
EXPIRE_THRESHOLD = 30
class ExtendUserSession(object):
"""
Extend authenticated user's sessions so they don't have to log back in
every 2 weeks (set by Django's default `SESSION_COOKIE_AGE` setting).
"""
def process_request(self, request):
# Only extend the session for auth'd users
if request.user.is_authenticated():
now = timezone.now()
# Only extend the session if the current expiry_date is less than 30 days from now
if request.session.get_expiry_date() < now + timedelta(days=EXPIRE_THRESHOLD):
request.session.set_expiry(now + timedelta(days=EXTENDED_SESSION_DAYS))
然后,您需要在 Django的SessionMiddleware之后添加此自定义中间件,因此您的设置文件应如下所示:
<强>项目/ settings.py:
MIDDLEWARE_CLASSES = [
...
'django.contrib.sessions.middleware.SessionMiddleware',
'project.custom_middleware.ExtendUserSession',
...
]
答案 2 :(得分:2)
设置SESSION_COOKIE_AGE是出于我的目的而设计的。登录后,会在此期间自动设置Cookie。
您还可以使用SESSION_SAVE_EVERY_REQUEST设置为每个请求保存会话Cookie。