Re: bug of session middleware --- session never expires

On Sunday 25 December 2016 18:42:16 Chaos Wong wrote: > Thanks for the advice. > It's indeed a rude way to force session to expire only depend on the > absolute time. User always encounters session-expired event when > posting something. > I will consider your way 3). But how the django know user

Re: bug of session middleware --- session never expires

Thanks for the advice. It's indeed a rude way to force session to expire only depend on the absolute time. User always encounters session-expired event when posting something. I will consider your way 3). But how the django know user has closed the browser ? 在 2016年12月26日星期一

Re: bug of session middleware --- session never expires

Thanks. I've traced the call stack, the expire_date is affected by SessionBase.*get* ("_session_expiry") ,//line 246 in django.contrib.session.backends.base.py and variable `_session_expiry` stored in SessionBase.*_session_cache *, which is set in method SessionBase.*set_expiry*(). //line

Re: bug of session middleware --- session never expires

Hi, On Sunday 25 December 2016 11:14:03 ludovic coues wrote: > I believe that is the intended behaviour. > > When I use a banking site for example, I don't want to be disconnected > while doing operations 5 minutes after login in. I want the session > to expire when I stop using it. There is

Re: bug of session middleware --- session never expires

I believe that is the intended behaviour. When I use a banking site for example, I don't want to be disconnected while doing operations 5 minutes after login in. I want the session to expire when I stop using it. Django's session middleware try to solve that use case which is what is needed 95%

bug of session middleware --- session never expires

django version is 1.10.4 Jsut as the source code shows, session middleware will refresh expires_time with value time.*time*()+max_age, if the the status code of