I have a django site hosted with nginx and it periodically makes ajax requests (with JQuery) to update content. Originally it was working ok but now every time there's an ajax request the session refreshes and you have to login again (I checked the cookies and sessionid changes with every request). This doesn't happen when I access the page locally though (through it's local network IP).
I've been looking around and read it could be something about the domain and the sessionid cookie beeing HttpOnly but all requests are on the same domain (I realized I hadn't configured the domain in nginx.conf but after configuring it, it didn't change anything), I tried setting SESSION_COOKIE_HTTPONLY=False but it didn't fix it so I changed it back. I even tried changing the ajax requests to POST and adding the csrf_token but it still works the same way. I also read somewhere that it could be because the ajax request wasn't sending the session and I should add xhrFields: { withCredentials:true } to the JQuery ajax but it didn't fix it either.
I have no idea why it used to work and now it doesn't, I don't know what I did that could break it. It would be of great help if someone could at least send me in the right direction.
PS: I didn't share code because it's too extensive and I sincerely don't know what's relevant, so if you need me to share something, just say the word.
I found the answer! I have two sites under the same domain so they were sharing the cookies. I fixed it by changing the name of the session cookie setting SESSION_COOKIE_NAME in settings.py