Thanks for info Tom. This behavior is confusing. I am going to post it on the Django Developers group.
On Nov 15, 11:40 am, Tom Evans <tevans...@googlemail.com> wrote: > On Tue, Nov 15, 2011 at 4:08 PM, Byron Ruth <bjr...@gmail.com> wrote: > > I have some data I persist in a user's session regardless if the user > > is anonymous or authenticated. I noticed after I logged in that my > > anonymous session data carried over in my authenticated session store. > > I thought this behavior was a bit unexpected although I could > > certainly see where this would be useful (e.g. e-commerce). > > > I am curious if this is by design and whether or not this should be a > > documented feature and possibly even potentially a setting to toggle > > the behavior. > > It depends - if you are already authenticated as a different user when > you login, then your session is flushed, but you keep the same session > key. If you are not already authenticated, then you keep your session, > but your session key is changed. > > Neither of these details are mentioned in the docs: > > https://docs.djangoproject.com/en/1.3/topics/auth/#django.contrib.aut... > > Cheers > > Tom -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
