https://docs.djangoproject.com/en/dev/topics/signing/
You can use this to store the session data with the user without having to consult a database and without fear that they will tamper with the id:
https://github.com/ericflo/django-cookie-sessions