I need help setting up different session systems for my Django application. The goal is to have completely separate authentication between the admin interface (django.contrib.admin) and the main website.
Here’s what I want to achieve:
- Users with
staff_status or admin_privileges can access the admin panel
- When these same users visit the public website, they should appear as logged out
- They should be able to sign in with different credentials on the frontend
- Essentially I need two independent session systems running simultaneously
I can handle the login/logout logic and permission validation without issues. The challenge is maintaining separate session states. Has anyone implemented something similar before?
this sounds really interesting! are you planning to use different session engines or custom middleware for the separation? I’m curious - why not go with unified sessions where users can access both with the same login?
honestly, django’s multiple db sessions feautre is probably ur best bet. set up separate session stores - one for admin, one for public. just override the session engine in your admin urls.py to use a different backend. way easier than building custom middleware and you’ll get complete isolation.
I dealt with this exact thing last year using custom session middleware. Here’s what works: create separate session keys and cookie names for admin vs public auth. You’ll need to override Django’s default session handling with middleware that checks the request path and applies the right session namespace. For admin routes, use a different SESSION_COOKIE_NAME in settings or change it dynamically in middleware. The trick is storing user auth state in separate session dictionaries - one for admin, one for public. When handling admin requests, only check the admin session state and ignore public auth completely. This keeps everything isolated while letting the same user account have different auth states on both interfaces. Performance hit is basically nothing since you’re just managing two session dictionaries instead of one.