python - Django session deletion effects another django application
问题描述
I have two applications running on the same server with different ports and with their SQLite DB's are also different which is used to store user sessions data.
if request.session.exists(stored_session_key) and stored_session_key != request.session.session_key:
Session.objects.get(session_key=stored_session_key).delete()
request.user.logged_in_user.session_key = request.session.session_key
request.user.logged_in_user.save()
I'm using this condition, to delete the previous session of the same user to logout from the previous device and keep login in the current device.
This was working as expected.
But I have two projects with the same logic.
Problem:
When I open two applications on the same browser(eg: In chrome, tab-1:https://ip_address:8000
, tab-2:https://ip_adress:8001
), I can able to login into one application at once. When I tried to login application two(even open login page of the application two), the application one is getting logged out.
Why this behavior and how to solve it?
My assumption:
Browser is sending different session_key, to the same running application when I log-in to a new application in the same browser?
解决方案
问题是为一个应用程序设置的会话 cookie 然后被发送到另一个应用程序,因为它们都在相同的主机名和路径上运行。因此,当您登录到一个应用程序时,它将设置一个会话 cookie 来替换任何以前的 cookie,并且您将退出另一个应用程序。
你有几个选择:
在不同的主机名上运行这两个应用程序(不同的端口是不够的)。
SESSION_COOKIE_NAME
为您的一个应用程序指定一个不同的。为您的一个应用程序上的所有 URL 使用不同的路径,然后
SESSION_COOKIE_PATH
在该应用程序上进行配置,以便其会话 cookie 与其他应用程序分开。
推荐阅读
- java - 我应该如何使用 getResource()?
- android - resources.getIdentifier() 总是为发布 apk 返回 0
- batch-file - 记录由另一个窗口打开的 cmd 窗口的输出
- firebase - Firebase 云功能异常缓慢
- php - add_filter WordPress 中的警报
- symfony - Symfony 4.0 为实体管理器“default”中的缓存“result_cache”配置的“array”类型的未知缓存
- google-cloud-platform - 从 Cloud Endpoint 调用托管在 Cloud Storage 上的静态 Html 时出现错误 401
- javascript - 简单数组的JS冒泡排序
- javascript - Supertest:如何为发布到另一个 API 端点的 API 端点编写测试?
- contacts - Phonegap - 将 VCard 数据保存到 Android 和 iOS 上的联系人(2019,Phonegap cli-9.0.0,phonegap builder v2)