Wednesday, January 27, 2016

Re: Questions about session

Hello,

>
> I answered a very similar question to this a few days ago:
> https://groups.google.com/forum/#!msg/django-users/L3pUwDYs6jw/bSYVs81tEwAJ
> <https://groups.google.com/forum/#%21msg/django-users/L3pUwDYs6jw/bSYVs81tEwAJ>
>
thanks for the link. I agree with you for the fact that updating session
might be a problem because it should be done for each views explicitely.
It seems that in fact django does it by itself on each request (and I
didn't know that). My problem is that I have to use a custom user models
because of extra information and permissions. You seem to imply that in
the case of a custom auth backend I might have to use the
request.session variable. I do a custom authentication because the way
the password is computed in the external application I'm taking the info
is not the same as django'one but it looks like the way to go is to
extend the login() function of django.contrib.auth to add the
information I need in the template.

> TL;DR; You can keep everything in the session if you want, but its a
> ton more work and probably error prone. Django's approach is a fresh
> batch of data calls every time.
Better stick to this philosophy then and understand how to add
information to request.user.

thanks,

L.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/56A8B032.2080405%40lpn.cnrs.fr.
For more options, visit https://groups.google.com/d/optout.

No comments:

Post a Comment