How to delete objects whose id is stored in a session when it ends?

[laser_cg]

Hello everybody!

I am working with sessions with the database backend in an e-commerce
shop. I store the cart ID, the number of items in the cart and the
total prize in the session. But actually have two problems.

1. I set the SESSION_EXPIRE_AT_BROWSER_CLOSE = True, but Django does
not delete the session from the relation django_session when the
browser is closed. Why is that? Is that normal?

2. How can I erase the shopping cart whose ID is in the session, when
the session ends at browser close?
I guess I should execute some code similar to the following, but I do
not know where exactly:

cart = Cart.objects.get(request.session[cart_id]) # This code is
assuming that this is in a view
cart.delete()

Thank you so much. Replies will be wellcome.

[Tom Evans]

1) Yes, the browser does not send a special signal to your website
saying the user has closed their browser. There is no way to detect
precisely when a user terminates their session.

2) If you want to erase carts from expired sessions, then you need to
periodically (every hour, 30 minutes) purge your sessions. This
(realistically) has to happen from outside of the webserver (google:
django celery), and should find session objects whose expiry time has
been reached, look inside the session for carts and remove the cart if
there, before finally deleting the session object.

Cheers

Tom

[laser_cg]

Hello Tom, thank you for answering so quickly.

1. OK, so if a user closes the browser, the session is not deleted
because there is no way to notice that. However, when I use the admin
that Django provides and I logout, I can check that the session record
in the django_session table from the db is not deleted, even doing the
logout explicitly. I do not know what can be wrong. Have you got any
idea?

2. In short I will try the option of running a python script which
deletes the session information periodically through Django Celery. I
will comment how that worked.

Thank you.

On 9 abr, 11:04, Tom Evans <tevans...@googlemail.com> wrote:

[Rolando Espinoza La Fuente]

On Fri, Apr 9, 2010 at 6:05 PM, laser_cg <cau...@gmail.com> wrote:
> Hello Tom, thank you for answering so quickly.
>
> 1. OK, so if a user closes the browser, the session is not deleted
> because there is no way to notice that. However, when I use the admin
> that Django provides and I logout, I can check that the session record
> in the django_session table from the db is not deleted, even doing the
> logout explicitly. I do not know what can be wrong. Have you got any
> idea?

AFAIK, django "flushes" the session on logout. Deleting old one and
creating a fresh one for the user. So, the user will have always a session
in the db.

> 2. In short I will try the option of running a python script which
> deletes the session information periodically through Django Celery. I
> will comment how that worked.

Expired sessions had to be deleted manually by run "cleanup" command
http://docs.djangoproject.com/en/dev/ref/django-admin/#cleanup

You can try your self, just start the development server and check
the session keys with:

>>> from django.contrib.sessions.models import Session
>>> [s.session_key for s in Session.objects.all()]

Just login and check the sessions keys. Then logout and again
check the sessions keys

Regards,

~Rolando

[Caumons]

Hello and thank you so much for answering my questions. As I told you
to comment on my tests, here it is my explanation and solution.

I installed django celery as Tom said, but it seems to be too
complicated for my purpose, so I coded a python script which I execute
periodically through cron jobs, as I am delevoping under Ubuntu. The
command I use to run it is:
python /abs/path/to/manage.py shell < /abs/path/to/cleanScrpipt.py #
This is done like this because of the imports needed through manage.py

The script which cleans the db as I need is the following (it works
fine):

<code>
# -*- coding: utf-8 -*-
from django.contrib.sessions.models import Session
from compres.models import CarroCompra
import datetime

sessions = Session.objects.filter(expire_date__lt =
datetime.datetime.now())
for sessio in sessions:
dadesSessio = sessio.get_decoded()
if 'carro_id' in dadesSessio.keys():
carro = CarroCompra.objects.get(id=dadesSessio['carro_id'])
productesAlCarro = carro.productes_al_carro_s.all()
for producte in productesAlCarro:
producte.delete()
carro.delete()
sessio.delete()
</code>

I have investigated more about sessions and I have found some
interesting points to point out.
We assume that there are no records in django_session table. Let's
start:

1. I start a session through the admin created by Django.
--> A new record in the table is created representing the session
width a session_key
2. I close the admin session manually
--> The record changes its session_key, instead of being deleted. I
guess this is because of the flush, as Rolando said.
3. I start another session without closing the browser
--> The record changes its session_key once again.

If I repeat steps 1-3 I get the same result, just one record in the
django_session table that changes its session_key. However, if I close
the browser and start a new session, a new record is added in the
table. It does not matter if I closed the session manually or not, as
the result is always the same closing the browser: a new record is
added.

After this explanation and code, here are some more questions:
Is this normal? I mean, is there a way to indicate that when a user
explicitly logs out to delete the session from the table?
I have tried to run the script provided by Django to delete the
sessions and clean the db but I get the following error:
Error: Settings cannot be imported, because environment variable
DJANGO_SETTINGS_MODULE is undefined.

Once again, thank you so much!!

On 10 abr, 02:13, Rolando Espinoza La Fuente <dark...@gmail.com>
wrote:

> On Fri, Apr 9, 2010 at 6:05 PM, laser_cg <caum...@gmail.com> wrote:
> > Hello Tom, thank you for answering so quickly.
>
> > 1. OK, so if a user closes the browser, the session is not deleted
> > because there is no way to notice that. However, when I use the admin
> > that Django provides and I logout, I can check that the session record
> > in the django_session table from the db is not deleted, even doing the
> > logout explicitly. I do not know what can be wrong. Have you got any
> > idea?
>
> AFAIK, django "flushes" the session on logout. Deleting old one and
> creating a fresh one for the user. So, the user will have always a session
> in the db.
>
> > 2. In short I will try the option of running a python script which
> > deletes the session information periodically through Django Celery. I
> > will comment how that worked.
>

> Expired sessions had to be deleted manually by run "cleanup" commandhttp://docs.djangoproject.com/en/dev/ref/django-admin/#cleanup

>
> You can try your self, just start the development server and check
> the session keys with:
>
> >>> from django.contrib.sessions.models import Session
> >>> [s.session_key for s in Session.objects.all()]
>
> Just login and check the sessions keys. Then logout and again
> check the sessions keys
>
> Regards,
>
> ~Rolando

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.