0

According to the Django documentation here on session functionality:

request.session.flush()

Deletes the current session data from the session and deletes the session cookie. (django.contrib.auth.logout() function calls it)

But does it also automatically expire the session entry inside the database table?

Because if it doesn't, I think that might cause an unnecessary build up of non-usable but non-expired sessions inside the table.

AlanSTACK
  • 5,525
  • 3
  • 40
  • 99

1 Answers1

1

Yes, it does. If you look at the source the docstrings explicitly state that:

def flush(self):
    """
    Removes the current session data from the database and regenerates the
    key.
    """
    self.clear()
    self.delete()
    self._session_key = None

That being said, there will be a build up of expired sessions. That's why you should set up a scheduled job to clear them up using clearsessions management command:

Django does not provide automatic purging of expired sessions. Therefore, it’s your job to purge expired sessions on a regular basis. Django provides a clean-up management command for this purpose: clearsessions. It’s recommended to call this command on a regular basis, for example as a daily cron job.

Selcuk
  • 57,004
  • 12
  • 102
  • 110
  • Thank you for your response. But If I may ask how do i look at source code from the documentation? Are there links to the github lines I am not seeing or do I have to manually browse the repositories to find them? – AlanSTACK Sep 13 '16 at 05:10
  • I searched this manually, but they sometimes do include `[source]` links in the documentation. See [this one](https://docs.djangoproject.com/en/1.10/ref/utils/#module-django.utils.text) for an example. – Selcuk Sep 13 '16 at 06:19