Fixed #21473 in 1.6.x branch - language is preserved after logout

Current language is no longer saved to session by LocaleMiddleware
on  every response (the behavior introduced in django#14825).
Instead language stored in session is reintroduced into new session
after logout.

django/contrib/auth/__init__.py

@@ -101,7 +101,14 @@ def logout(request):
         user = None
     user_logged_out.send(sender=user.__class__, request=request, user=user)
 
+    # remember language choice saved to session
+    language = request.session.get('django_language')
+
     request.session.flush()
+
+    if language is not None:
+        request.session['django_language'] = language
+
     if hasattr(request, 'user'):
         from django.contrib.auth.models import AnonymousUser
         request.user = AnonymousUser()

django/contrib/auth/tests/test_views.py

@@ -12,6 +12,7 @@
 from django.utils.encoding import force_text
 from django.utils.http import int_to_base36, urlsafe_base64_decode, urlquote
 from django.utils.six.moves.urllib.parse import urlparse, ParseResult
+from django.utils.importlib import import_module
 from django.utils._os import upath
 from django.test import TestCase
 from django.test.utils import override_settings, patch_logger
@@ -696,6 +697,19 @@ def test_security_check(self, password='password'):
                             "%s should be allowed" % good_url)
             self.confirm_logged_out()
 
+    def test_logout_preserve_language(self):
+        """Check that language stored in session is preserved after logout"""
+        # Create a new session with language
+        engine = import_module(settings.SESSION_ENGINE)
+        session = engine.SessionStore()
+        session['django_language'] = 'pl'
+        session.save()
+        self.client.cookies[settings.SESSION_COOKIE_NAME] = session.session_key
+
+        self.client.get('/logout/')
+        self.assertEqual(self.client.session['django_language'], 'pl')
+
+
 @skipIfCustomUser
 @override_settings(
     PASSWORD_HASHERS=('django.contrib.auth.hashers.SHA1PasswordHasher',),

django/middleware/locale.py

@@ -53,10 +53,6 @@ def process_response(self, request, response):
                     request.get_host(), language, request.get_full_path())
                 return HttpResponseRedirect(language_url)
 
-        # Store language back into session if it is not present
-        if hasattr(request, 'session'):
-            request.session.setdefault('django_language', language)
-
         if not (self.is_language_prefix_patterns_used()
                 and language_from_path):
             patch_vary_headers(response, ('Accept-Language',))

tests/i18n/tests.py

@@ -1191,29 +1191,12 @@ def test_streaming_response(self):
             'django.middleware.common.CommonMiddleware',
         ),
     )
-    def test_session_language(self):
-        """
-        Check that language is stored in session if missing.
-        """
-        # Create an empty session
-        engine = import_module(settings.SESSION_ENGINE)
-        session = engine.SessionStore()
-        session.save()
-        self.client.cookies[settings.SESSION_COOKIE_NAME] = session.session_key
-
-        # Clear the session data before request
-        session.save()
-        response = self.client.get('/en/simple/')
-        self.assertEqual(self.client.session['django_language'], 'en')
-
-        # Clear the session data before request
-        session.save()
-        response = self.client.get('/fr/simple/')
-        self.assertEqual(self.client.session['django_language'], 'fr')
-
-        # Check that language is not changed in session
-        response = self.client.get('/en/simple/')
-        self.assertEqual(self.client.session['django_language'], 'fr')
+    def test_language_not_saved_to_session(self):
+        """Checks that current language is not automatically saved to
+        session on every request."""
+        # Regression test for #21473
+        self.client.get('/fr/simple/')
+        self.assertNotIn('django_language', self.client.session)
 
 
 @override_settings(