Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

A secure cookie-based session engine for Django.

Project Description

This is a session backend which uses Django’s secure cookie encoding and decoding functionality to store the whole session in the cookie, instead of talking to some database or cache instance.

Installation

Set this in your settings:

SESSION_ENGINE = ‘cookiesessions.engine’

Why would I want this?

With all of the other Django session backends every request from a user results in a request to some backend service, whether it be a database, memcached, or something else. Wouldn’t it be better if we could store that information with the client itself, and save ourselves the extra requests and latency?

Prior to Django 1.4, it was not possible, because you couldn’t trust the user’s cookie. Someone could have set their user_id in the cookie to someone else’s, and suddenly be logged in as that other user. Thankfully Django 1.4 supports securely signed cookies, meaning that we can ensure that the cookie was set by us, and only us.

Given that, it’s now possible to save ourselves these extra requests and latency, as well as retain the strong security that we have come to expect from web services built on Django.

Release History

Release History

This version
History Node

0.1.1

History Node

0.1

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
django-cookie-sessions-0.1.1.tar.gz (4.2 kB) Copy SHA256 Checksum SHA256 Source Jun 9, 2011

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting