[1.8.x] Fixed incorrect session.flush() in cached_db session backend.

This is a security fix; disclosure to follow shortly. Thanks Sam Cooke for the report and draft patch.
2025-10-24 14:16:09 +00:00 · 2015-05-11 09:58:43 -04:00
parent 2b2a2157d0
commit 31cb25adec
3 changed files with 19 additions and 2 deletions
--- a/tests/sessions_tests/tests.py
+++ b/tests/sessions_tests/tests.py
@@ -162,6 +162,7 @@ class SessionTestsMixin(object):
        self.session.flush()
        self.assertFalse(self.session.exists(prev_key))
        self.assertNotEqual(self.session.session_key, prev_key)
+        self.assertIsNone(self.session.session_key)
        self.assertTrue(self.session.modified)
        self.assertTrue(self.session.accessed)