--
Ticket URL: <https://code.djangoproject.com/ticket/30714>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
* status: new => closed
* resolution: => wontfix
Comment:
I'm not sure about this.
`SESSION_COOKIE_AGE` defaults to two weeks. (OK, one thinks). I don't
touch that. I simply enable `SESSION_EXPIRE_AT_BROWSER_CLOSE` and all of a
sudden I get a warning?
That seems less than ideal.
Either we need to rationalize these settings somehow. (Maybe
`SESSION_COOKIE_AGE == 0` entailing `SESSION_EXPIRE_AT_BROWSER_CLOSE`?) Or
accept that whilst related they're not strictly interdependent.
Happy to think about it, but a decision is needed first no? Going to say
`wontfix` plus possible discussion on DevelopersMailingList for that
reason. Happy to reopen later if we can come up with something.
--
Ticket URL: <https://code.djangoproject.com/ticket/30714#comment:1>
Comment (by Adam (Chainz) Johnson):
The check can use `settings.is_overridden` to check that the user has set
it, rather than it being the default coming from the global settings file
:)
I posted this ticket because it happened to me, found a project that had
both configured and it wasn't clear which was intended by the original
developer.
--
Ticket URL: <https://code.djangoproject.com/ticket/30714#comment:2>
Comment (by Carlton Gibson):
Yeah... still not convinced they're contraries.
`SESSION_EXPIRE_AT_BROWSER_CLOSE` tumps whatever value you have for
`SESSION_COOKIE_AGE`, so if you set, you meant that. I'm not at all
convinced we need a system check here.
--
Ticket URL: <https://code.djangoproject.com/ticket/30714#comment:3>
Comment (by Adam (Chainz) Johnson):
I think the confusion was that the behaviours don't combine. You can't
have a session that is maximum 30 minutes but also disappears if the
browser is closed. The docs could be clearer but I think a check is the
easiest way to prevent such misconfiguration,
--
Ticket URL: <https://code.djangoproject.com/ticket/30714#comment:4>