Django Session

What is Django Session?

Imagine when you visit a website, your computer talks to the website’s computer using a language called HTTP. This language is a bit forgetful; it doesn’t remember past conversations. So, if a website wants to remember things about you, like your preferences or if you’re logged in, it needs a way to do that.

That’s where sessions come in. In simple terms, sessions are like a memory for websites. They help the website remember things about you. Django, which is a tool used for building websites, uses sessions to keep track of your information, like if you’re signed in or what you like on the site. It gives each visitor a special ID, like a secret code, so when you come back, it knows it’s you. This special ID is stored in a cookie on your computer. The actual details, like your preferences, are kept safe on the website’s computer. It’s like having a secret key that only you and the website know, so your information stays secure.

Django sessions give developers a simple way to manage session data in views and templates, making it easy to share data between different parts of the application. To sum up, Django sessions offer a secure and customized online experience by streamlining the handling of user-specific data. They facilitate easy communication between the client and the server, giving developers the tools they need to easily design dynamic online applications.

For security purposes, instead of storing important data directly in the cookie on the user’s computer, Django keeps that data safe on the server side, kind of like in a secret vault (usually in a database). The only thing the cookie on your computer has is a special ID that helps the server recognize you. So, it’s like having a key to a secret locker – the key is in your pocket (the cookie), but the important stuff is kept safe in the locker (on the server). This way, even if someone looks at your key, they can’t access the valuable information without the server’s permission. Sessions also come in handy if someone’s web browser doesn’t like cookies, as they still work without any issues.

Steps to use session in Django
Firstly, we need to make sure that our Django project has session support enabled before we start using sessions. To enable sessions, there are two actions to follow.

1. Add ‘django.contrib.sessions‘ to INSTALLED_APPS:

Session support in your Django project is enabled with these configuration.

from django.shortcuts import render

def set_session(request):
# Save a greeting message in the session
request.session['greeting'] = 'Hello, Django Sessions!'
return render(request, 'session.html')

<!-- session.html -->

<!DOCTYPE html>
<html>
<head>
<title>Session Example</title>
</head>
<body>
<h1>Session Example</h1>
<p>Session Value: {{ request.session.greeting }}</p>
</body>
</html>

def index(request):
    # ...

    num_authors = Author.objects.count()  # The 'all()' is implied by default.

    # Number of visits to this view, as counted in the session variable.
    num_visits = request.session.get('num_visits', 0)
    request.session['num_visits'] = num_visits + 1

    context = {
        'num_books': num_books,
        'num_instances': num_instances,
        'num_instances_available': num_instances_available,
        'num_authors': num_authors,
        'num_visits': num_visits,
    }

    # Render the HTML template index.html with the data in the context variable.
    return render(request, 'index.html', context=context)

SESSION_COOKIE_AGE = 1800  # 30 minutes (in seconds)