Why Frappe Shows RuntimeError: object is not bound After Session Expiry

Frappe Framework
1

NOTE: This issue doesn’t happen in the standard Frappe Desk frontend. It occurs when building a custom frontend that talks to the Frappe API.

Expected Behavior

When a user’s session expires on the backend (Frappe API), the frontend should detect the session expiration and automatically log out the user or prompt them to re-login.

Actual Behavior

The frontend still behaves as if the user is logged in. The user interface stays active, but API calls start failing silently or return errors such as RuntimeError:object is not bound.

The user remains “logged in” until they manually logout and log back in, which starts a new session and everything works again.

While Frappe doesn’t literally throw RuntimeError: object is not bound, this phrase describes the internal state: a Doc object loses its connection to the database due to missing context, leading to errors like PermissionError, DoesNotExistError, or silent failures

why this happen btw?

frappe use different context for each user while processing the request.

so what is request context?? In Frappe, request context is the environment set up for each HTTP request.

So context is nothing but the currently state or the currently space that frappe work within it while processing any request,

the context consist of many parts like:

  1. who did send the request? frappe.session.user

  2. what language he use in the system?

  3. what permission he has?

  4. does he has access to this document?

frappe ORM need the context to link the object with the database

that’s why if the session is expired then the frappe.session.user will be Guest then the context will lose main parts then the orm will not link the database with the object then you will get RuntimeError:object is not bound, and many orm methods will not work or will raise error because the context has missing parts.

NOTE This error happens when Doc objects lose their binding because the request context is missing or invalid. An expired session is one common cause.

why frappe use context?

It makes sure each request is isolated, so multiple users don’t interfere with each other.

whenever you send any api request, frappe use the context to determined:

  1. does the one who sent the request has permission to it???

  2. what exact data should i display to him?

  3. if there is any logs, who the one should i write his name inside it?

1 Like