By default, Django only saves to the session database when the session has been modified-that is if any of its dictionary values have been assigned or deleted:

# Session is modified. 
request.session['foo'] = 'bar' 
 
# Session is modified. 
del request.session['foo'] 
 
# Session is modified. 
request.session['foo'] = {} 
 
# Gotcha: Session is NOT modified, because this alters 
# request.session['foo'] instead of request.session. 
request.session['foo']['bar'] = 'baz' 

In the last case of the above example, we can tell the session object explicitly that it has been modified by setting the modified attribute on the session object:

request.session.modified = True 

To change this default behavior, set the SESSION_SAVE_EVERY_REQUEST setting to True. When set to True, Django will save the session to the database on every single request. Note that the session cookie is only sent when a session has been created or modified. If SESSION_SAVE_EVERY_REQUEST is True, the session cookie will be sent on every request. Similarly, the expires part of a session cookie is updated each time the session cookie is sent. The session is not saved if the response's status code is 500.