Home/ Questions/Q 3783122
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-19T11:10:47+00:00

I’m building an application in which the client pings the server every now and

  • 0

I’m building an application in which the client pings the server every now and then (let’s not get into why). When the server handles these requests, it checks whether the client is logged in or not using request.user.is_authenticated()

It looks something like this:

def handle_ping_request(request):
    if request.user.is_authenticated():
       # Do something...
    else:
       # Do Something else...

I’ve noticed that sometimes the server receives a log-in request immediately followed by a ping request (from the same user). The client is then successfully logged-in, the response returns with a new session ID (of the logged in user) and (I guess that) the old session-ID (of the anonymous user) is removed. When the ping request is processed, its request contains the old session-ID. Thus the ping request returns with a third session ID and on the next request the client makes, the client is no longer logged in.

My log-in code looks something like:

if not request.user.is_authenticated():
    user = auth.authenticate(...credentials...)

    if user and user.is_active:
        auth.login(request, user)

Do you have any suggestions on how to avoid this problem? Preferably without involving the client.

Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    It’s probably too messy to handle this on the server because you’ll have to create some kind of a semaphore system that will also try to guess if any ping is currently from a client that is also being authenticated. My suggestion would be simply to change the client code not to ping while it’s waiting for a response to its login request.

    • 0