Yac*_*zmi 5 django session anonymous-users session-cookies
我试图跟踪AnonymousUsers以确定他们何时第一次来到网站,然后他们注册到网站.
为此,我创建了一个具有相关功能的中间件,但这最初假设每个AnonymousUsers已经有一个与之关联的会话(即sessionid cookie将在第一个响应中设置,相关会话已经在django_session中创建).注意:会话应用和中间件存在
看起来情况并非如此,在查看会话中间件时,当AnonymousUser首次出现在网站上时,会话永远不会被修改(用户会这样做,因为'_auth_user_id'和'_auth_user_backend'已设置),所以永远不会创建:
SessionMiddleware.process_response
def process_response(self, request, response):
"""
If request.session was modified, or if the configuration is to save the
session every time, save the changes and set a session cookie.
"""
try:
accessed = request.session.accessed
modified = request.session.modified
except AttributeError:
pass
else:
if accessed:
patch_vary_headers(response, ('Cookie',))
if modified or settings.SESSION_SAVE_EVERY_REQUEST:
if request.session.get_expire_at_browser_close():
max_age = None
expires = None
else:
max_age = request.session.get_expiry_age()
expires_time = time.time() + max_age
expires = cookie_date(expires_time)
# Save the session data and refresh the client cookie.
request.session.save()
response.set_cookie(settings.SESSION_COOKIE_NAME,
request.session.session_key, max_age=max_age,
expires=expires, domain=settings.SESSION_COOKIE_DOMAIN,
path=settings.SESSION_COOKIE_PATH,
secure=settings.SESSION_COOKIE_SECURE or None,
httponly=settings.SESSION_COOKIE_HTTPONLY or None)
return response
Run Code Online (Sandbox Code Playgroud)
尝试1
为了尝试克服这个问题,在我的中间件(位于会话中间件下面)中,我会在会话上强制执行save()来创建它:
if hasattr(request, 'session') and not request.session.session_key:
request.session.save()
Run Code Online (Sandbox Code Playgroud)
这将提供session_key,但不幸的是,当调用SessionMiddleware.process_response时,request.session.modified仍然等于False,因此没有设置sessionid cookie ...
尝试2
一种方法是以任意方式修改会话,以确保request.session.modified == True在SessionMiddleware.process_response中:
if hasattr(request, 'session') and not request.session.session_key:
request.session.save()
request.session['some_variable'] = True
Run Code Online (Sandbox Code Playgroud)
这似乎解决了我的问题,没有诉诸SESSION_SAVE_EVERY_REQUEST,这将是一个矫枉过正,但它似乎不太正确....
题
如何确保为没有先前访问的AnonymousUser创建会话,而不显式修改会话,或者具有SESSION_SAVE_EVERY_REQUEST=True?
谢谢你的帮助!
即使显式修改会话也可能失败(例如,将属性分配给会话属性).
您需要明确设置session.modified为true
if hasattr(request, 'session') and not request.session.session_key:
request.session.save()
request.session.modified = True
Run Code Online (Sandbox Code Playgroud)
看看文档在保存会话时所说的内容.