[Django] #22938: clearsessions not remore session files from tmp
Django
----------------------------------+--------------------
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Severity: Normal | Keywords:
Triage Stage: Unreviewed | Has patch: 0
Easy pickings: 0 | UI/UX: 0
----------------------------------+--------------------
My Django app uses file based session engine. I am currently experience
issues with cleaning session files from tmp directory. Basically running
'''clearsessions''' doesn't remove them at all.
I have been playing a bit with that to try various configurations and
debugging Django code. Basically, {{{get_expiry_age}}}
https://github.com/django/django/blob/stable/1.6.x/django/contrib/sessions/backends/file.py#L90
returns cookie age rather then negative value.
That seems to be due to {{{session_data.get('_session_expiry')}}} being
None. Is that a bug in file based session backend?
--
Ticket URL: <https://code.djangoproject.com/ticket/22938>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Unreviewed
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Changes (by anonymous):
* needs_better_patch: => 0
* needs_tests: => 0
* needs_docs: => 0
Comment:
My settings:
{{{
SESSION_ENGINE = 'django.contrib.sessions.backends.file'
SESSION_FILE_PATH = tempfile.gettempdir()
SESSION_COOKIE_AGE = 10 # 1 day in sec (86400)
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:1>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Changes (by timo):
* stage: Unreviewed => Accepted
Comment:
I think removing `expiry=session_data.get('_session_expiry')` from the
`get_expiry_age()` call you linked above would fix it. Could you test
that? If it works and you could submit a patch with a regression test,
that would be great.
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:2>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by anonymous):
I am afraid removing {{{expiry=session_data.get('_session_expiry')}}} as
mentioned above throws an exception
patch https://github.com/aleksandra-
tarkowska/django/commit/e972ea8be732462628faa877627260545bb8661c
{{{
Exception Type: RuntimeError
Exception Value: maximum recursion depth exceeded in cmp
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:3>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by anonymous):
{{{
File "/omero/dist/lib/python/django/core/handlers/base.py", line 201, in
get_response
response = middleware_method(request, response)
File "/omero/dist/lib/python/django/contrib/sessions/middleware.py",
line 28, in process_response
if request.session.get_expire_at_browser_close():
File "/omero/dist/lib/python/django/contrib/sessions/backends/base.py",
line 258, in get_expire_at_browser_close
if self.get('_session_expiry') is None:
File "/omero/dist/lib/python/django/contrib/sessions/backends/base.py",
line 58, in get
return self._session.get(key, default)
File "/omero/dist/lib/python/django/contrib/sessions/backends/base.py",
line 173, in _get_session
self._session_cache = self.load()
File "/omero/dist/lib/python/django/contrib/sessions/backends/file.py",
line 91, in load
modification=self._last_modification())
File "/omero/dist/lib/python/django/contrib/sessions/backends/base.py",
line 194, in get_expiry_age
expiry = self.get('_session_expiry')
File "/omero/dist/lib/python/django/contrib/sessions/backends/base.py",
line 58, in get
return self._session.get(key, default)
File "/omero/dist/lib/python/django/contrib/sessions/backends/base.py",
line 173, in _get_session
... looping
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:4>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by atarkowska@…):
Can I ask what exactly set {{{expire_date}}} in file based session
backend?
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:5>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by timo):
It looks like `clearsessions` only works for file-based sessions that have
had `set_expiry()` called on them (nothing within Django itself calls this
method). See #18194 for the ticket where this was implemented. It may be
better to work address the problem via #19201 than to try to solve this
ticket piecemeal for the file backend. Note that `get_expiry_age()` is
working
[https://docs.djangoproject.com/en/1.6/topics/http/sessions/#django.contrib.sessions.backends.base.SessionBase.get_expiry_age
as documented].
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:6>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by atarkowska@…):
Basically {{{request.session.get_expiry_date()}}} is set but not
propagated to {{{_session_expiry}}}
It is true that only calling
{{{
request.session.set_expiry(datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE))
}}}
does work but {{{clearsession}}} still not remove expired files
{{{
delta 0:00:28.355096
sessionidhb39w1m0mehdpglp0esl2bry7gftd38n expiry_age: 28
_last_modification: 2014-07-02 16:20:28 _session_expiry: 2014-07-02
16:20:56.355096
delta 0:00:30.383044
sessionidynbrmr6cyjxgahkkc3omhbbg52s0axbt expiry_age: 30
_last_modification: 2014-07-02 16:23:18 _session_expiry: 2014-07-02
16:23:48.383044
}}}
This will never happen because delta will always be positive
https://github.com/django/django/blob/stable/1.6.x/django/contrib/sessions/backends/base.py#L200
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:7>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by atarkowska@…):
The other thing I noticed that {{{expory_age}}} returned by
{{{get_expiry_age}}} is changing. If call more requests containing
{{{request.session.modified = True}}} this value is going down but the
best I could achieve is 3 sec
{{{
sessionid44iuant7vkklpqqak09paaprh6wngjve expiry_age: 3
_last_modification: 2014-07-02 16:29:02 _session_expiry: 2014-07-02
16:29:05.224180
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:8>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by atarkowska@…):
This [https://github.com/aleksandra-
tarkowska/django/commit/caf45c3f4123cf573bbd0bbd7db5f7c1fe22bef7 commit]
should resolve the issue. Basically the problem was that {{{delta = expiry
- modification}}} was always positive because {{{modification}}} time was
always before {{{expiry}}}. Now modification is set to the current time.
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:9>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Comment (by atarkowska@…):
My previous patch only works if {{{_session_expiry}}} is set. Perhaps is
better idea to add function to test expiry date. That final changes I will
be adapting to my Django app are [https://github.com/aleksandra-
tarkowska/django/commit/4f9ca3ec637d18f70b01faa64129a2ced9f81260 here]
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:10>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Needs tests: 1 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Changes (by timgraham):
* has_patch: 0 => 1
* needs_tests: 0 => 1
Comment:
[https://github.com/django/django/pull/4386 PR], but lacking a test.
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:11>
Django
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Changes (by timgraham):
* needs_tests: 1 => 0
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:12>
Django
----------------------------------+------------------------------------
Reporter: atarkowska@… | Owner: nobody
Type: Bug | Status: new
Component: contrib.sessions | Version: 1.6
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Easy pickings: 0 | UI/UX: 0
Changes (by timgraham):
* needs_better_patch: 0 => 1
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:13>
Django
----------------------------------+------------------------------------
Type: Bug | Status: closed
Component: contrib.sessions | Version: 1.6
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Changes (by Tim Graham <timograham@…>):
* status: new => closed
* resolution: => fixed
Comment:
In [changeset:"c055224763e11b29cce0a7c10751354c40dac63e" c0552247]:
{{{
#!CommitTicketReference repository=""
revision="c055224763e11b29cce0a7c10751354c40dac63e"
Fixed #22938 -- Allowed clearsessions to remove file-based sessions.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:14>
Django
----------------------------------+------------------------------------
Type: Bug | Status: closed
Component: contrib.sessions | Version: 1.6
Severity: Normal | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 1
Comment (by Tim Graham <timograham@…>):
In [changeset:"a3fffdca2472885a99e1ea9159a685753cd45738" a3fffdc]:
{{{
#!CommitTicketReference repository=""
revision="a3fffdca2472885a99e1ea9159a685753cd45738"
Fixed #25558 -- Fixed nondeterministic test failure on Windows:
test_clearsessions_command.
The test session without an expiration date added in refs #22938 wasn't
always deleted on Windows because get_expiry_age() returns zero and the
file backend didn't consider that an expired session.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/22938#comment:15>