Django Sessions - HttpResponseRedirect

1,213 views
Skip to first unread message

M Oklah

unread,
Jul 1, 2012, 8:49:14 AM7/1/12
to django...@googlegroups.com

Hello,

Why is it that the session id changes after a redirect is initiated from a view function? This is basically the scenario, after the browser makes a POST request to a custom login() view function, the view function authenticates the user and redirects (302) the user back to a page, but the redirect response from the server is instructing the browser to change the session id. Is this the expected behavior? Please see the HTTP Response/Redirect below..

http://127.0.0.1:8000/guest/login/
 
POST /guest/login/ HTTP/1.1
Host: 127.0.0.1:8000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:13.0) Gecko/20100101 Firefox/13.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://127.0.0.1:8000/
Cookie: csrftoken=waqBLcwTQXnnZHzSdpDkgyFh3IqcVMzY; sessionid=e658157220dfca598cb1ab271a28970f; __utma=96992031.449557637.1341146315.1341146315.1341146315.1; __utmb=96992031.2.10.1341146315; __utmc=96992031; __utmz=96992031.1341146315.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); djdt=hide
Content-Type: application/x-www-form-urlencoded
Content-Length: 94
csrfmiddlewaretoken=waqBLcwTQXnnZHzSdpDkgyFh3IqcVMzY&username=X&password=X&x=38&y=6


HTTP/1.0 302 FOUND
Date: Sun, 01 Jul 2012 12:39:23 GMT
Server: WSGIServer/0.1 Python/2.7.1
Vary: Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Location: http://127.0.0.1:8000/
Content-Language: en-us
Set-Cookie: sessionid=e6a5292ff37521bc223840a3b5da8acb; expires=Sun, 15-Jul-2012 12:39:23 GMT; httponly; Max-Age=1209600; Path=/



Thanks,

-Moe

Alagappan

unread,
Jul 1, 2012, 9:08:26 AM7/1/12
to django...@googlegroups.com
I think someone has faced a similar issue as yours. Find more details at:
http://stackoverflow.com/questions/6950077/session-id-changes-when-using-redirect-in-view

Regards,
Alagappan

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

M Oklah

unread,
Jul 1, 2012, 9:10:18 AM7/1/12
to django...@googlegroups.com
I saw that post and set request.session.modified = True before redirecting in the view with no luck!

Any other ideas?

Thanks,

-Moe
Reply all
Reply to author
Forward
0 new messages