1đź‘Ť
The session is automatically available in all views. You don’t need to send it in the query string:
Session IDs in URLs
The Django sessions framework is entirely, and solely, cookie-based.
It does not fall back to putting session IDs in URLs as a last resort,
as PHP does. This is an intentional design decision. Not only does
that behavior make URLs ugly, it makes your site vulnerable to
session-ID theft via the “Referer” header.
All you have to do, is make sure the session hasn’t expired:
def home(request):
foo = request.session.get('foo')
if not foo:
print('Oops! Session has expired. Do something')
else:
print('Session is still valid, value of foo is {}'.format(foo))
return render(request, 'index.html', {'foo': foo})
Have a read of the documentation, sessions in django are very straightforward.
👤Burhan Khalid
Source:stackexchange.com