Cookie encryption

Ok , thanks for the answer. I really try to know better Codeigniter , i'm still a beginner

Ill try to be be more precise. I have 2 webservers : the php/codeigniter webserver, and a node.js server

All i want is just let the node.js server know some datas presents in the CI session userdatas. (user group mainly).

i could just display it in a view with php,  take it with javascript, and send it with socket.io to the node.js server but i dont want : the node.js server willl use this group name to instanciate  a socket used to join group chat rooms. If i let the client side know the real name of the socket/room, it would be easy to join any socket, connected or not. So i have to share session datas between node.js and apache. Thats fine : redis is made for that !

I had the idea to read the session_id locally from the user cookie, then send this id to the node server, and retrieve redis session form the redis server side. It was possible with CI2 but now, codeigniter 3 flags the cookie as "httponly" i can't read userdatas from the users active cookie locally with javascript. I suppose there are good reasons for this.

Then i decided to make a small function inside a controller :

Code:

public function get_sessionid() {
        if ($this->session->userdata('logged_in')) {  
                echo "ci_session:".$this->input->ip_address().':'.$this->session->session_id;
        }
        else {
            echo 'disconnected';
        }
    }

I call this function from an AJAX query locally($.get), and i send the result to my nodeserver.

Now my node.js server can retrieve the right session with redis.


My first question: is it a bad way to do this ? I'm not really confident.


My second question : i read that CI2 used to store session userdatas in JSON. Now i get a strange format that i dont understand: 

for exemple

 __ci_last_regenerate|i:1458680030;id|s:2:"17";name|s:1:" ";email|s:26:"[email protected]";isAdmin|s:1:"0";logged_in|b:1;

How it it parsed ?