Enable cookie-based sessions #3050
Comments
|
I'd rather avoid cookie-based sessions for all the reasons listed in the Django documentation, foremost of which the performance implications. Although we don't currently store much in the way of session data, I expect that we will once we have the change to make some UI improvements (table column ordering, for example). As an alternative, NetBox v2.6 will introduce support for caching (via Redis). It's probably worth exploring that as an alternative to database- and file-based session storage, but that would be a separate FR. |
|
Ok. Can you suggest any alternate ideas for fixing/working around the issues that people are seeing with #2426? |
|
#2426 was a feature request that has been closed and implemented, but you're welcome to open a new bug for the issue (please be sure to complete the bug report template). |
|
Ok, I've opened #3118 |
Environment
Proposed Functionality
Allow users to set SESSION_ENGINE to "django.contrib.sessions.backends.signed_cookies" as described here: https://docs.djangoproject.com/en/2.2/topics/http/sessions/#cookie-session-backend
Use Case
My use case is a high-availability configuration where a VIP (netbox.example.com) is managed by keepalived on a master and hot standby replica. Users point to netbox.example.com in their browser. With cookie-based sessions, if the master crashed and keepalived flipped the VIP over to the replica, user sessions could transparently continue for read operations. (Also see this thread on the mailing list: https://groups.google.com/d/msg/netbox-discuss/1tYF9d-wRl8/pfs1iAYOBAAJ)
Jeremy hinted at the possibility of exposing SESSION_ENGINE in the #2426 discussion. If this is practical to implement, I think it could be helpful for many users who want to deploy netbox in various ways.
Database Changes
I don't know if any database changes are required.
External Dependencies
I don't know if any external dependencies are introduced.
The text was updated successfully, but these errors were encountered: