45π
If you set your session cookie domain to start with a β.β character it will let you handle wildcard sub-domains and share a session cookie (login session) across multiple subdomains.
In settings.py: SESSION_COOKIE_DOMAIN=".stackoverflow.com"
The above would allow a cookie to be shared across user1.stackoverflow.com and user2.stackoverflow.com.
If you really do want the urlβs to be different for the same site, would you want the same user to switch between the two sites on one login session? Or do you just want the ability to have two different users login to the site from two different urlβs (that are not sub-domains?)
9π
The standard SessionMiddleware only supports one SESSION_COOKIE_DOMAIN, which is only good for one domain and subdomains thereof.
Hereβs a variation that will set the cookie domain dynamically based on the request host. To use it, just update your MIDDLEWARE_CLASSES to use this one SessionHostDomainMiddleware, instead of SessionMiddleware. This better, @jcdyer and @interstar?
import time
from django.conf import settings
from django.utils.cache import patch_vary_headers
from django.utils.http import cookie_date
from django.contrib.sessions.middleware import SessionMiddleware
class SessionHostDomainMiddleware(SessionMiddleware):
def process_response(self, request, response):
"""
If request.session was modified, or if the configuration is to save the
session every time, save the changes and set a session cookie.
"""
try:
accessed = request.session.accessed
modified = request.session.modified
except AttributeError:
pass
else:
if accessed:
patch_vary_headers(response, ('Cookie',))
if modified or settings.SESSION_SAVE_EVERY_REQUEST:
if request.session.get_expire_at_browser_close():
max_age = None
expires = None
else:
max_age = request.session.get_expiry_age()
expires_time = time.time() + max_age
expires = cookie_date(expires_time)
# Save the session data and refresh the client cookie.
# Skip session save for 500 responses, refs #3881.
if response.status_code != 500:
request.session.save()
host = request.get_host().split(':')[0]
response.set_cookie(settings.SESSION_COOKIE_NAME,
request.session.session_key, max_age=max_age,
expires=expires, domain=host,
path=settings.SESSION_COOKIE_PATH,
secure=settings.SESSION_COOKIE_SECURE or None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None)
return response
- [Django]-Django: get the first object from a filter query or create
- [Django]-Disable button after submit with jQuery
- [Django]-Class has no objects member
- [Django]-Why Django model signals are not working?
- [Django]-Django β view sql query without publishing migrations
- [Django]-Can I make STATICFILES_DIR same as STATIC_ROOT in Django 1.3?
1π
I am using django 3.1.4, it worked for me.
Create a middleware like this, I am creating inside my app utilities.middleware
class CrossDomainSessionMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
response = self.get_response(request)
if response.cookies:
host = request.get_host()
# check if it's a different domain
if host not in settings.SESSION_COOKIE_DOMAIN:
domain = ".{domain}".format(domain=host)
for cookie in response.cookies:
if 'domain' in response.cookies[cookie]:
response.cookies[cookie]['domain'] = domain
return response
Now place this middleware above SessionMiddleware inside settings.py
'utilities.middlware.CrossDomainSessionMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
Make sure you have these two variable in your settings.py
SESSION_COOKIE_DOMAIN = '.domain.com'
SESSION_COOKIE_NAME = 'domainsessionid'
- [Django]-How do I perform query filtering in django templates
- [Django]-Using IntellijIdea within an existing virtualenv
- [Django]-Does get_or_create() have to save right away? (Django)