Well what's wrong is that you are saving the flag into session, but for some reason you're trying to read perms.hunt.has_voted
(this checks, if user hunt has permission to vote, but not if he already voted or not..), which is a value coming from permission app. It has nothing to do with session.
You need to access the session value from your template:
{% if request.session.has_voted %}
...
This will check if currently logged in user already voted, so if has_voted
is False
or the key doesn't exist, then user will be able to vote.