hi, i have a slight problem designing software for one of business requirements. this website will allow anonymous access. i.e. - when you go to website, it will automatically create "anonymous" user so you will be able to store all kind of information per this user without ever logging in. session for this should should be long-lasting - half a year. the only connection to this "user" is via session cookie.
now. somebody else can use the same computer/browser to connect to his account - named, with full login/password things. so we create him a session (short term, only till the closing of browser). but. after this "named" user will logout, or close the browser and reopen - we should be able to go back to the previous "anonymous" user. my ideas about how to do it is quite simple in terms of "what to do": 1. when new user connects we create a user in database, mark it as anonymous, login session under this new user, and set session timeout to half-a-year. 2. when user logs into account - we take old session_id (this anonymous) and store in cookie named differently than standard and create new sessions logging user to his account. 3. when user logouts or somes back, and no session_id cookie is present, we try to check old_session_id, and if so - somehow we set current session to the old one. now - the software is not yet written, so anything (with the exception of business logic) can be done differently. my questions are rather simple: 1. do you see any problems with this approach? 1a. if yes - how would you do it? 2. how to do the session-switching-thing (create new session in step 2, and switch to old session in step 3)? best regards, depesz _______________________________________________ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/