diff --git a/django/conf/global_settings.py b/django/conf/global_settings.py index 6be789a853..3917d40943 100644 --- a/django/conf/global_settings.py +++ b/django/conf/global_settings.py @@ -287,7 +287,7 @@ SESSION_COOKIE_PATH = '/' # The path of the sessio SESSION_SAVE_EVERY_REQUEST = False # Whether to save the session data on every request. SESSION_EXPIRE_AT_BROWSER_CLOSE = False # Whether sessions expire when a user closes his browser. SESSION_ENGINE = 'django.contrib.sessions.backends.db' # The module to store session data -SESSION_FILE_PATH = '/tmp/' # Directory to store session files if using the file session module +SESSION_FILE_PATH = None # Directory to store session files if using the file session module. If set to None the backend will use a sensible default. ######### # CACHE # diff --git a/django/contrib/sessions/backends/file.py b/django/contrib/sessions/backends/file.py index cd3e3d9c75..d65c81c101 100644 --- a/django/contrib/sessions/backends/file.py +++ b/django/contrib/sessions/backends/file.py @@ -9,7 +9,9 @@ class SessionStore(SessionBase): Implements a file based session store. """ def __init__(self, session_key=None): - self.storage_path = getattr(settings, "SESSION_FILE_PATH", tempfile.gettempdir()) + self.storage_path = getattr(settings, "SESSION_FILE_PATH", None) + if not self.storage_path: + self.storage_path = tempfile.gettempdir() # Make sure the storage path is valid. if not os.path.isdir(self.storage_path): diff --git a/docs/sessions.txt b/docs/sessions.txt index 6355524d2e..d8bac5b8d4 100644 --- a/docs/sessions.txt +++ b/docs/sessions.txt @@ -48,10 +48,10 @@ Using file-based sessions To use file-based sessions, set the ``SESSION_ENGINE`` setting to ``"django.contrib.sessions.backends.file"``. -You might also want to set the ``SESSION_FILE_PATH`` setting (which -defaults to ``/tmp``) to control where Django stores session files. Be -sure to check that your Web server has permissions to read and write to -this location. +You might also want to set the ``SESSION_FILE_PATH`` setting (which defaults +to output from ``tempfile.gettempdir()``, most likely ``/tmp``) to control +where Django stores session files. Be sure to check that your Web server has +permissions to read and write to this location. Using cache-based sessions --------------------------