Session overload
18 views
Skip to first unread message
jjmurre
Jun 11, 2010, 6:41:48 AM6/11/10
to Django developers
Hi,
I am using long living session in the database backend. Because of
Robots I am getting a huge amount of sessions. I googled if there is
some kind of Session middleware that does user-agent blacklisting and
does not create new sessions in the database for Robots accessing the
site. I did not find anything. Would this be possible at all?
I could think of subclassing
django.contrib.sessions.backend.db.SessionStore and only create some
kind of in-memory Pseudo Session. I am afraid that I have to override
almost all methods of SessionStore for that.
Does anyone know of an existing solution for this problem? If not,
would my proposed solution be the way to go, or are there better
alternatives?
Regards,
Jan Murre
I am using long living session in the database backend. Because of
Robots I am getting a huge amount of sessions. I googled if there is
some kind of Session middleware that does user-agent blacklisting and
does not create new sessions in the database for Robots accessing the
site. I did not find anything. Would this be possible at all?
I could think of subclassing
django.contrib.sessions.backend.db.SessionStore and only create some
kind of in-memory Pseudo Session. I am afraid that I have to override
almost all methods of SessionStore for that.
Does anyone know of an existing solution for this problem? If not,
would my proposed solution be the way to go, or are there better
alternatives?
Regards,
Jan Murre
Tom Evans
Jun 11, 2010, 9:13:39 AM6/11/10
to django-d...@googlegroups.com
Subclass django.contrib.sessions.middleware.SessionMiddleware,
overriding process_request.
Determine whether you should or should not initiate a session from the
request object, and if you should, call the super class's
process_request method.
Replace django.contrib.sessions.middleware.SessionMiddleware in
settings.MIDDLEWARE_CLASSES with your replacement one.
Simples.
Cheers
Tom
Jan Murre
Jun 11, 2010, 2:43:11 PM6/11/10
to django-d...@googlegroups.com
Hi Tom,
Thanx for your help. That sounds like a very good approach.
I assume I have to put some dict-like object on the request to avoid
all kinds of attribute errors?
Regards, Jan
Jeremy Dunck
Jun 15, 2010, 7:03:49 PM6/15/10
to django-d...@googlegroups.com
On Fri, Jun 11, 2010 at 1:43 PM, Jan Murre <jan....@gmail.com> wrote:
> On Fri, Jun 11, 2010 at 3:13 PM, Tom Evans <teva...@googlemail.com> wrote:
>> On Fri, Jun 11, 2010 at 11:41 AM, jjmurre <jan....@gmail.com> wrote:
>>> Hi,
>>>
>>> I am using long living session in the database backend. Because of
>>> Robots I am getting a huge amount of sessions. I googled if there is
>>> some kind of Session middleware that does user-agent blacklisting and
>>> does not create new sessions in the database for Robots accessing the
>>> site. I did not find anything. Would this be possible at all?
> On Fri, Jun 11, 2010 at 3:13 PM, Tom Evans <teva...@googlemail.com> wrote:
>> On Fri, Jun 11, 2010 at 11:41 AM, jjmurre <jan....@gmail.com> wrote:
>>> Hi,
>>>
>>> I am using long living session in the database backend. Because of
>>> Robots I am getting a huge amount of sessions. I googled if there is
>>> some kind of Session middleware that does user-agent blacklisting and
>>> does not create new sessions in the database for Robots accessing the
>>> site. I did not find anything. Would this be possible at all?
FWIW, sessions should only be written to the DB if they are modified,
and you can avoid that by checking User.is_authenticated first.
Reply all
Reply to author
Forward
0 new messages