When we visit a django website for the first time, django will generate a session to save some information of the current session. At the same time, a hash value session_key is generated and a cookie is generated and sent to the client.
If we have two django applications site1 and site2 running on different ports of the same server at the same time, at the same time we log in in different tabs of the same browser. Then this happens, when we log in to site2, the logged-in user on site1 will be kicked off.
This is related to the session framework of django, here is a brief introduction: when we visit a django website for the first time, django will generate a session to save some information of the current session. At the same time, it will generate a hash value
session_key and generate a cookie to send to the client. The name of this cookie is set according to the
SESSION_COOKIE_NAME in the setting, and the default is "sessionid" (emphasis added). In this way, the
session_key will be sent to the server along with the cookie next time. The server finds the corresponding session object according to the
session_key, and obtains the information of the current session, including the login information of course.
So there is only one truth in the above situation
When we log in to site1, we get a cookie called sessionid, which stores session_key1.
When we log in to site2, the cookie named sessionid will be updated, and now its value is
session_key2 (the browser stores cookies based on ip instead of port, so the cookie with the same name will be updated).
So now when we use the new
session_key to access site1, we will not get the original login information and we need to log in again.
So how to solve it, after understanding the above mechanism, only need to set
SESSION_COOKIE_NAME in the setting. For example, you can set
SESSION_COOKIE_NAME = ‘site2’ in site2, and use the default in site1. Of course, set site1 and site2 at the same time.