Django default behaviour of session - Session get expired after closing browser

Question

I read Django tutorial but found nothing related to never expiring session.

Requirement - User should logged out only if he/she initiate by clicking on logout.

How can I solve this issue? My django project settings related to session -

INSTALLED_APPS = (
    ..
    'django.contrib.sessions',
    ..
)
REST_FRAMEWORK = {
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework.authentication.TokenAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        #'rest_framework.authentication.SessionAuthentication',
    )
}
MIDDLEWARE_CLASSES = (
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)

AUTHENTICATION_BACKENDS = (
    "django.contrib.auth.backends.ModelBackend",
    "allauth.account.auth_backends.AuthenticationBackend",
)

Answer 1

By default Django keeps sessions between browser closes. You can modify this behavior with the SESSION_EXPIRE_AT_BROWSER_CLOSE setting.

https://docs.djangoproject.com/en/1.8/topics/http/sessions/#browser-length-vs-persistent-sessions