Dossy wrote: > On 2001.12.23, Wojciech Kocjan <[EMAIL PROTECTED]> wrote: > >>I've written my own nsession module in C, it uses files as well and >>handles logins - this is what I needed for my personalization mechanism > My reference implementation of nssession should be close to handling > logins. I actually wanted to think it through more before finalizing > on an implementation ...
Ok, I'll explain how I do it currently with mod_dtcl in detail: 1.1/ when a request comes in, it checks for cookie 'SessionID' - if it exists, and such a session does exist, SID stays the same. 1.2/ otherwise, a new SID is created and the cookie is reset 2/ if a login request comes in (that is, the .ttml page calls ssn::login), it gets the user's SID from user database and sets it to new one (without any merging). 3/ if a logout request comes in, a new SID is created (with no parameters). 4/ is a create_user request comes in, a user is created and current SID is associated with his username. The basic idea is that if someone cares about his session data, he'll log in. If he doesn't have a user, he'll eventually create one. Also, my previous implementation had a cleanup algorithm and expire parameter. The new one is not even close to being final version, so a lot is missing. The problem is that currently I do not even try to check if a user accepts cookies - this can create a mess. I'll try and put it online sometime soon (hey, it's christmas, don't have too much time :). Also, in my previous implementation, there was no nsv/permament storage. My new code uses Ns_Mutex and my own code to store data and has a separate thread for synchronization to disk - if the sessions go above a predefined limit, some of them will be saved on disk. Also, I never used my nsession module, so I suppose it would be wiser to "join forces". I need to be able to connect sessions with users and store strings/integers (for now I store fixed size strings - not very efficient but quite fast) and use 32bit checksums for faster searching through data. -- WK
