sessions.serializers.PickleSerializer

class serializers.PickleSerializer Supports arbitrary Python objects, but, as described above, can lead to a remote code execution vulnerability if SECRET_KEY becomes known by an attacker.

sessions.serializers.JSONSerializer

class serializers.JSONSerializer A wrapper around the JSON serializer from django.core.signing. Can only serialize basic data types. In addition, as JSON supports only string keys, note that using non-string keys in request.session won’t work as expected: >>> # initial assignment >>> request.session[0] = 'bar' >>> # subsequent requests following serialization & deserialization >>> # of session data >>> request.session[0] # KeyError >>&g

sessions.middleware.SessionMiddleware

class SessionMiddleware [source] Enables session support. See the session documentation.

sessions.base_session.BaseSessionManager.save()

save(session_key, session_dict, expire_date) Saves session data for a provided session key, or deletes the session in case the data is empty.

sessions.base_session.BaseSessionManager.encode()

encode(session_dict) Returns the given session dictionary serialized and encoded as a string. Encoding is performed by the session store class tied to a model class.

sessions.base_session.BaseSessionManager

class base_session.BaseSessionManager New in Django 1.9. encode(session_dict) Returns the given session dictionary serialized and encoded as a string. Encoding is performed by the session store class tied to a model class. save(session_key, session_dict, expire_date) Saves session data for a provided session key, or deletes the session in case the data is empty. Customization of SessionStore classes is achieved by overriding methods and properties described below:

sessions.base_session.AbstractBaseSession.session_key

session_key Primary key. The field itself may contain up to 40 characters. The current implementation generates a 32-character string (a random sequence of digits and lowercase ASCII letters).

sessions.base_session.AbstractBaseSession.session_data

session_data A string containing an encoded and serialized session dictionary.

sessions.base_session.AbstractBaseSession.get_decoded()

get_decoded() Returns decoded session data. Decoding is performed by the session store class.

sessions.base_session.AbstractBaseSession.expire_date

expire_date A datetime designating when the session expires. Expired sessions are not available to a user, however, they may still be stored in the database until the clearsessions management command is run.