I never thought about that Django clears the previous session and creates a new one for logged in user. Maybe I did not have such tasks in my experience so I can work with that in details, but when I just read an article Deleting anonymous users' baskets when their sessions expire, I discovered about Session fixation attacks.