User object and session object usage.

[learn django]

Hi,

Am trying to write a customized authentication model.
In authenticate function I do the following.

    def authenticate(self, username=None, password=None):
        try:
            # Check if this user is valid on the mail server
            s.auth = HttpNtlmAuth(username, password, s)
        except:
            return None

        try:
            # Check if the user exists in Django's local database
            user = User.objects.get(email=username)
        except User.DoesNotExist:
            # Create a user in Django's local database
            user = User.objects.create_user(time.time(), username, 'passworddoesntmatter')

        return user

When does this user object get deleted eventually ?

Once the user is authenticated am going to associate it with session.
Will this authenticate function get called again and again if multiple requests are made in the same session ?

I want to take the logoff functionality out of the client so i will be setting expiry in the session.
When the session expires i.e expiry time is 0 or less, i will again authenticate the user and reset expiry time.
That way session remains intact. Is there a better approach to this ?

When clearsession is called session object will get deleted from DB, will it also trigger deletion of User object ?