We should be clearing out expired sessions from Django apps
Created by: foobacca
We're allowing large numbers of sessions to accumulate. One server has a 270 MB sessions table, by far the largest part of the database.
We should be running manage.py clearsessions automatically for each installed Django project, probably daily.
If you’re using the database backend, note that session data can accumulate in the django_session database table and Django does not provide automatic purging. Therefore, it’s your job to purge expired sessions on a regular basis.
To understand this problem, consider what happens when a user uses a session. When a user logs in, Django adds a row to the django_session database table. Django updates this row each time the session data changes. If the user logs out manually, Django deletes the row. But if the user does not log out, the row never gets deleted.
Django provides a sample clean-up script: django-admin.py cleanup. That script deletes any session in the session table whose expire_date is in the past – but your application may have different requirements.
https://docs.djangoproject.com/en/dev/ref/django-admin/#django-admin-clearsessions