Session management is very important because we store which projects the user is the owner of in the session. If sessions are lost, that information is lost and there is no way for the user to "reclaim" the project (I think?)
Firstly, the session cookie in the browser seems to last about 2 weeks, so could easily be lost if someone just didn't look for a while. Can this be extended?
Secondly, we are using "django.contrib.sessions.backends.cache" configured to store in Redis. Oddly, https://docs.djangoproject.com/en/3.2/topics/http/sessions/#using-cached-sessions says only to use this with memcache - not clear what it has against Redis tho? Also, there are warnings in that section that data may be evicted still.
At least, we should be documenting this somewhere because it means that the contents of the Redis store count as data that must be migrated if we, say, migrate live instances between servers. I wasn't aware of this and was just thinking it was file storage I would have to migrate, so I would have lost everyone's project ownership data!
Session management is very important because we store which projects the user is the owner of in the session. If sessions are lost, that information is lost and there is no way for the user to "reclaim" the project (I think?)
Firstly, the session cookie in the browser seems to last about 2 weeks, so could easily be lost if someone just didn't look for a while. Can this be extended?
Secondly, we are using "django.contrib.sessions.backends.cache" configured to store in Redis. Oddly, https://docs.djangoproject.com/en/3.2/topics/http/sessions/#using-cached-sessions says only to use this with memcache - not clear what it has against Redis tho? Also, there are warnings in that section that data may be evicted still.
At least, we should be documenting this somewhere because it means that the contents of the Redis store count as data that must be migrated if we, say, migrate live instances between servers. I wasn't aware of this and was just thinking it was file storage I would have to migrate, so I would have lost everyone's project ownership data!