MCPcopy
hub / github.com/django/django / process_response

Method process_response

django/contrib/sessions/middleware.py:22–82  ·  view source on GitHub ↗

If request.session was modified, or if the configuration is to save the session every time, save the changes and set a session cookie or delete the session cookie if the session has been emptied.

(self, request, response)

Source from the content-addressed store, hash-verified

20 request.session = self.SessionStore(session_key)
21
22 def process_response(self, request, response):
23 """
24 If request.session was modified, or if the configuration is to save the
25 session every time, save the changes and set a session cookie or delete
26 the session cookie if the session has been emptied.
27 """
28 try:
29 accessed = request.session.accessed
30 modified = request.session.modified
31 empty = request.session.is_empty()
32 except AttributeError:
33 return response
34 # First check if we need to delete this cookie.
35 # The session should be deleted only if the session is entirely empty.
36 if settings.SESSION_COOKIE_NAME in request.COOKIES and empty:
37 response.delete_cookie(
38 settings.SESSION_COOKIE_NAME,
39 path=settings.SESSION_COOKIE_PATH,
40 domain=settings.SESSION_COOKIE_DOMAIN,
41 samesite=settings.SESSION_COOKIE_SAMESITE,
42 )
43 need_vary_cookie = True
44 else:
45 # If the session was accessed, it must be varied on, regardless of
46 # whether it was modified or will be saved.
47 need_vary_cookie = accessed
48 if (modified or settings.SESSION_SAVE_EVERY_REQUEST) and not empty:
49 if request.session.get_expire_at_browser_close():
50 max_age = None
51 expires = None
52 else:
53 max_age = request.session.get_expiry_age()
54 expires_time = time.time() + max_age
55 expires = http_date(expires_time)
56 # Save the session data and refresh the client cookie.
57 # Skip session save for 5xx responses.
58 if response.status_code < 500:
59 try:
60 request.session.save()
61 except UpdateError:
62 raise SessionInterrupted(
63 "The request's session was deleted before the "
64 "request completed. The user may have logged "
65 "out in a concurrent request, for example."
66 )
67 response.set_cookie(
68 settings.SESSION_COOKIE_NAME,
69 request.session.session_key,
70 max_age=max_age,
71 expires=expires,
72 domain=settings.SESSION_COOKIE_DOMAIN,
73 path=settings.SESSION_COOKIE_PATH,
74 secure=settings.SESSION_COOKIE_SECURE or None,
75 httponly=settings.SESSION_COOKIE_HTTPONLY or None,
76 samesite=settings.SESSION_COOKIE_SAMESITE,
77 )
78 # With a session cookie set, it must be varied on.
79 need_vary_cookie = True

Callers 1

Calls 10

http_dateFunction · 0.90
SessionInterruptedClass · 0.90
patch_vary_headersFunction · 0.90
delete_cookieMethod · 0.80
get_expiry_ageMethod · 0.80
timeMethod · 0.80
is_emptyMethod · 0.45
saveMethod · 0.45
set_cookieMethod · 0.45

Tested by 1