Posted original on the Django Users group because I thought I was missing something: http://groups.google.com/group/django-users/browse_thread/thread/a612987d2c3487e4
Per what Tom mentions on the Django Users thread: - an authenticated user logging in under a different account keeps the session key, but session data is flushed - a non-authenticated user keeps the session data but gets a new session key This behavior is confusing especially the latter since data was persisted pre-auth to post-auth even though the session key changed. There is certainly utility for persisting post-auth (e.g. e-commerce), but this is not documented anywhere. How would everyone feel about making this a setting, e.g. SESSION_FLUSH_AT_LOGIN? If false, it would behave as it does now otherwise it would flush the non-auth session. -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
