On 2001.12.23, Wojciech Kocjan <[EMAIL PROTECTED]> wrote: > I've written my own nsession module in C, it uses files as well and > handles logins - this is what I needed for my personalization mechanism
My reference implementation of nssession should be close to handling logins. I actually wanted to think it through more before finalizing on an implementation ... > - when a user logs in, his sid changes to what is currently stored in > this user's db, when he logs out, he gets a new sid. The logout is easy, but the login needs thought. There are three types of users: anonymous, registered, and sessionless. The issue I have is how do you handle an anonymous user that is becoming a registered user, when they were already a registered user from another machine? For example: Say you have a registered user with SID "1234" ... suppose they come to the site from a new machine (thus, a new anonymous user) with SID "9876" ... that user then opts to log in (becoming a registered user again). You assign their session from the new machine with SID "1234" -- but what do you do with the old anonymous user SID 9876 session data? Try and merge it with SID 1234's session data, then destroy SID 9876? Leave SID 9876 around as an old anonymous user, and either associate it somehow to SID 1234 or not at all? > This mechanism works for me with mod_dtcl for several months, now I'm > finishing up my AOLserver stuff, so I'll just put my nsession somewhere > and compare mine with yours. Cool. Any ideas or feedback would be helpful. -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70)
