Welcome Guest, Not a member yet? Register   Sign In
How reliable is the FileHandler session driver?
#1
Question 

I am writing a simple app with user authentication. It makes some ajax requests but I am finding out that the session data is being wiped for some reason. The session id in the cookie seems to be correct and the session file in the writable folder seems to persist but after concurrent requests, the data inside seems to be erased except _ci_previous_url. The only time I call session->destroy() is inside my logout handler and the only time this would load is if someone clicked logout but when that happens, the session contains previous url as well as _ci_last_regenerate. 

The session is initialized in my base controller in the initController function as per the docs


Code:
parent::initController($request, $response, $logger);
$this->session = \Config\Services::session();

I have a WebController and a RestController which extend BaseController. WebController serves my template files based on some routing data and the RestController checks if the request isAJAX() and serves rest data. I have Private\PublicController extending the web and rest controllers both. Inside the PrvateController of web, I have the following



Code:
parent::initController($request, $response, $logger);
if ($this->session->LoggedIn != true) {
    header('Location: '.base_url());
    exit;
    die();
}

and inside my PrivateController for rest, I just include an extra variable called redirect which returns an URL if the user is not authenticated. My ajax request watches out for this and redirects. All of them are namespaced so as not to interfere with each other. I am just not sure what is causing the issue and currently digging through the file handler. I will be checking the Session.php file next and will update here if I find anything. 

As a side note, I am using the header location redirect because I cannot seem to get the built in redirect to work properly. The code seem to continue on to execute. I think I need to use filters but this works currently.

TLDR: session data is getting erased inexplicably but _ci_previous_url. When session->destroy() is called, _ci_last_regenerate and _ci_previous_url remains. The session name set in the cookie is correct and the session file in the writable/session folder does persist and regenerated correctly.
Reply


Messages In This Thread
How reliable is the FileHandler session driver? - by angrymongol - 07-26-2019, 03:13 PM



Theme © iAndrew 2016 - Forum software by © MyBB