It would be better to use json.dumps() and json.loads() rather than self.encode()/self.decode(). The reason is that the latter pair of inherited methods (encode / decode) are both using Django cryptographic signing/signature verification. This is not really needed when we are saving the session data in Redis because the Redis cache is not going to be accessible to the public. So there is no possibility of bad data entering the cache (leaving aside the Django application deliberately setting bad data).
It would simplify the storage/load if the json serialization functions were used instead. And it would also eliminate the need for using any cryptography.
When saving the session data: https://github.com/martinrusev/django-redis-sessions/blob/53021b211673d797009c45106d92728c536ced20/redis_sessions/session.py#L156
And loading the session data: https://github.com/martinrusev/django-redis-sessions/blob/53021b211673d797009c45106d92728c536ced20/redis_sessions/session.py#L131
It would be better to use
json.dumps()
andjson.loads()
rather thanself.encode()
/self.decode()
. The reason is that the latter pair of inherited methods (encode / decode) are both using Django cryptographic signing/signature verification. This is not really needed when we are saving the session data in Redis because the Redis cache is not going to be accessible to the public. So there is no possibility of bad data entering the cache (leaving aside the Django application deliberately setting bad data).It would simplify the storage/load if the
json
serialization functions were used instead. And it would also eliminate the need for using any cryptography.