48👍
Sorry for getting late to this post, but by any chance, did you change the SECRET_KEY variable on your project? sessions used to be cyphered using this salt, so if you changed it you have corrupted all your sessions, but don’t worry! is not a big deal, the worst-case scenario is for the sessions that were existing before this, those will need to log-in again, and that’s it 😉
8👍
You are getting this error because of this line: https://github.com/django/django/blob/master/django/contrib/sessions/backends/base.py#L109
Apparently, there’s something went terribly wrong with encryption of session data.
How to fix it? I’m not sure, I have a couple of ideas though:
- Do you use a custom session class?
- Do you use your Django session in another project?
- [Django]-Django CSRF Cookie Not Set
- [Django]-How to reset db in Django? I get a command 'reset' not found error
- [Django]-Can you give a Django app a verbose name for use throughout the admin?
3👍
Sometimes this problem happens when you open two different projects on the same runtime.
So first, stop your server, close completely and exit.
Now open your server again and start your current project on a fresh runtime.
- [Django]-How to catch the MultipleObjectsReturned error in django
- [Django]-Django and Middleware which uses request.user is always Anonymous
- [Django]-Cannot import name _uuid_generate_random in heroku django
3👍
I was working in local and fixed the "session data corrupted" issue by deleting the cookies of my browser for 127.0.0.1.
- [Django]-Django: Multiple forms possible when using FormView?
- [Django]-Unable log in to the django admin page with a valid username and password
- [Django]-Django. You don't have permission to edit anything
1👍
This sometimes happens because of your secret key in settings.py.
If you’ve set up a get_random_key() function to get a new key every time you reload the server (this is generally for production), then every time you update something in your code, the server autoreload will restart opening your files and of course restart the settings.py with a new key. That’s how the data session get corrupted.
For me I just set a key myself. You can let the default key be generated by django.
- [Django]-Django 1.7 migrate gets error "table already exists"
- [Django]-How to avoid AppConfig.ready() method running twice in Django
- [Django]-Django – FileField check if None
0👍
This worked for me:
import base64
import hashlib
import hmac
import json
def session_utoken(msg, secret_key, class_name='SessionStore'):
key_salt = "django.contrib.sessions" + class_name
sha1 = hashlib.sha1((key_salt + secret_key).encode('utf-8')).digest()
utoken = hmac.new(sha1, msg=msg, digestmod=hashlib.sha1).hexdigest()
return utoken
def decode(session_data, secret_key, class_name='SessionStore'):
encoded_data = base64.b64decode(session_data)
utoken, pickled = encoded_data.split(b':', 1)
expected_utoken = session_utoken(pickled, secret_key, class_name)
if utoken.decode() != expected_utoken:
raise BaseException('Session data corrupted "%s" != "%s"',
utoken.decode(),
expected_utoken)
return json.loads(pickled.decode('utf-8'))
s = Session.objects.get(session_key=session_key)
decode(s.session_data, 'YOUR_SECRET_KEY'))
credit to: http://joelinoff.com/blog/?p=920
- [Django]-Accessing the object in a django admin template
- [Django]-Empty Request.FILES with Django Upload forms
- [Django]-Django: get the first object from a filter query or create