Django sessions abandoned in first tab when clicking link in second -

don't know if specific django, site 1 i've experienced with, , don't think i'm doing special session data (just using old-school database backend).

when user logs in (in tab a) , opens new tab (tab b) on same domain, cookie carries on second tab. however, if user clicks link in tab b, either refreshes tab or clicks link in tab, he's instantly logged out.

i've been googling around issue ages have had no luck, appreciate anyone's help. apologies if fundamental thing.

middleware_classes = (     'django.middleware.cache.updatecachemiddleware',     'bambu.sites.middleware.domainredirectmiddleware',     'nymbol.utils.middleware.requirehttpsmiddleware',     'django.middleware.common.commonmiddleware',     'django.contrib.sessions.middleware.sessionmiddleware',     'django.middleware.locale.localemiddleware',     'django.middleware.csrf.csrfviewmiddleware',     'django.contrib.auth.middleware.authenticationmiddleware',     'django.contrib.messages.middleware.messagemiddleware',     'maintenancemode.middleware.maintenancemodemiddleware',     'bambu.analytics.middleware.analyticsmiddleware',     'bambu.enqueue.middleware.enqueuemiddleware',     'bambu.minidetect.middleware.minidetectmiddleware',     'nymbol.utils.middleware.userplanmiddleware',     'nymbol.manager.middleware.apilegacymiddleware',     'django.middleware.cache.fetchfromcachemiddleware' )

bambu.sites.middleware.domainredirectmiddleware redirects visitors correct domain, site has number of alias domains
nymbol.utils.middleware.requirehttpsmiddleware redirects users of urls ssl versions of same)
maintenancemode.middleware.maintenancemodemiddleware displays 503 message when site being deployed after commit , push
bambu.analytics.middleware.analyticsmiddleware enqueues analytics javascript across requests
bambu.enqueue.middleware.enqueuemiddleware allows views , template tags enqueue css , javascript
bambu.minidetect.middleware.minidetectmiddleware detects whether browser mobile or not
nymbol.utils.middleware.userplanmiddleware stores payment plan user on in request object (as governs site-wide permissions)
nymbol.manager.middleware.apilegacymiddleware changes url pattern in 1 particular url (absolutely no bearing in issue)

it turns out issue having had nothing django, instead due insecure image urls being delivered on tls (ssl basically).

this bad explanation of issue, seemed when browser - chrome or firefox - detected http:// url being referenced secure url, abandoned session next time hit refresh or clicked link, i'd taken login page cookie no longer valid.

as say, not how it's going down, that's practical upshot, , correcting urls (which of course best-practice anyway) sorted issue completely.

Search This Blog

Brazzel

Django sessions abandoned in first tab when clicking link in second -

Comments

Post a Comment

Popular posts from this blog

apache - Remove .php and add trailing slash in url using htaccess not loading css -

Reading inputs from Keyboard in Objective C -

inno setup - TLabel or TNewStaticText - change .Font.Style on Focus like Cursor changes with .Cursor -