[Answer]-How to handle Django sessions properly

by

1๐Ÿ‘

1) For this to find all sessions of current user โ€“ request.user โ€“ you will have to iterate through all session objects decode data and check the user id. Not very optimized. Something like:

May be you can optimize to iterate over non-expired sessions.

for s in Session.objects.all():
    data = s.get_decoded()
    if data['_auth_user_id'] == request.user.id:
        # you got session for current user

2) For this you need to manipulate session expiry data in custom middleware as you described.

3) To store session in different DB, you need to add database router.

Something like :

class SessionRouter(object):
    """
    A router to control all database operations 
    sessions.
    """
    def db_for_read(self, model, **hints):

        if model == Session or model == SessionStore
            return 'session_db'
        return None
        #similar more methods

And in settings

DATABASES = {
    'session_db': {
        #settings for session db
    },
    #any other databases.
๐Ÿ‘คRohan

Leave a comment