On 18/08/2018 6:33 PM, Web Architect wrote:
Hi Mike,
Thanks for your response.
Ours is an ecommerce site and forcing logouts especially for our
regular users, might not be desirable from business point of view .
I wasn't suggesting forcing logouts on a regular basis. I was thinking
that doing so once would permit a clearing of the entire slate as you
seemed to be thinking and only real users would create new sessions.
That might be appropriate after you implement one or other of the
technical suggestions.
There is more to consider too. If it is an ecommerce site security is
particularly important. Personally I wouldn't hesitate to let regular
users know you have security at top-of-mind and that is behind any minor
inconvenience. It might even be seen as a business bonus!
Hence, ideally we would like to keep sessions where users's last
activity should be within a given time period like 3 months. We can
force out the users who aren't active since last 3 months.
Is there a way to do that in django?
Thanks.
On Saturday, August 18, 2018 at 5:11:23 AM UTC+5:30, Mike Dewhirst wrote:
On 17/08/2018 10:44 PM, Web Architect wrote:
> Hi,
>
> We are using persistent django sessions for our website where in
the
> session information is stored in MySQL. Over last couple of
years, the
> session data has grown to a huge number and we were planning to
clean
> it up.
> I know that there is a django management command 'clearsessions'
and
> we are using the same as a daily cronjob.
> But our challenge is we have long expiry timelines of like 100
years
> so that our users are never logged out (unless they clear their
> cookies etc). Hence, the clearsessions won't help.
>
> The solution we are looking for are removing the sessions which are
> never used for a long period. Let's say a user never came to our
site
> for 3 months after last logging in. We would like to purge those
> sessions. Would really appreciate if anyone could suggest any such
> solution - be it in Django or if we need to custom build it.
What are the consequences of deleting all sessions and forcing a new
login for everyone?
>
> Thanks.
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from
it, send
> an email to django-users...@googlegroups.com <javascript:>
> <mailto:django-users+unsubscr...@googlegroups.com <javascript:>>.
> To post to this group, send email to django...@googlegroups.com
<javascript:>
> <mailto:django...@googlegroups.com <javascript:>>.
> Visit this group at https://groups.google.com/group/django-users
<https://groups.google.com/group/django-users>.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/django-users/57001ae7-1361-43ed-98e3-a9ec072444fe%40googlegroups.com
<https://groups.google.com/d/msgid/django-users/57001ae7-1361-43ed-98e3-a9ec072444fe%40googlegroups.com>
>
<https://groups.google.com/d/msgid/django-users/57001ae7-1361-43ed-98e3-a9ec072444fe%40googlegroups.com?utm_medium=email&utm_source=footer
<https://groups.google.com/d/msgid/django-users/57001ae7-1361-43ed-98e3-a9ec072444fe%40googlegroups.com?utm_medium=email&utm_source=footer>>.
> For more options, visit https://groups.google.com/d/optout
<https://groups.google.com/d/optout>.
--
You received this message because you are subscribed to the Google
Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to django-users+unsubscr...@googlegroups.com
<mailto:django-users+unsubscr...@googlegroups.com>.
To post to this group, send email to django-users@googlegroups.com
<mailto:django-users@googlegroups.com>.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/a5867de1-730e-4d8c-93a1-0df41c65f595%40googlegroups.com
<https://groups.google.com/d/msgid/django-users/a5867de1-730e-4d8c-93a1-0df41c65f595%40googlegroups.com?utm_medium=email&utm_source=footer>.
For more options, visit https://groups.google.com/d/optout.
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/b9fad1b5-08d2-a931-7a07-2dd575a7122d%40dewhirst.com.au.
For more options, visit https://groups.google.com/d/optout.
