RTC Forums
November 01, 2024, 05:37:38 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
   Home   Help Login Register  
Pages: [1]
  Print  
Author Topic: TRtcDataServer Sessions  (Read 5651 times)
hannesgw
RTC Expired
*
Posts: 11


« on: July 26, 2012, 08:57:44 AM »

Is there a simple way to create a new session ID, to replace the old one?

- New visitor gets a session
- Visitor logs in and gets a new session ID as a protection (like in php session_regenerate_id)
   and that the old session (ID) has expired
 
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #1 on: July 26, 2012, 12:20:53 PM »

You can use the "CloseSession" method from the "TRtcDataServer" component to close any "old" Session by providing a SessionID. To open a new Session, use the "OpenSession" method. After using the "OpenSession" method, you will have access to the new Session through the "Session" property.

Here are a few FAQ topics related to Sessions:
1. What is a Session in RTC?
2. Is Session Management done automatically by the RTC?
3. Sessions and User Management
4. Using Sessions in Remote Functions
5. Web example using Sessions, Cookies and Form Post data (user input)

Best Regards,
Danijel Tkalcec
Logged
hannesgw
RTC Expired
*
Posts: 11


« Reply #2 on: August 16, 2012, 06:44:00 PM »

thanks for your answer

if I use AutoSessions in Remote Functions can i also use Session.FinalExpire
or when are sessions closed (and free) .. on disconnect?
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #3 on: August 16, 2012, 06:51:42 PM »

Even if you use AutoSessions=True, you still have the option to force-close a Session by using the SessionClose method.

Sessions live outside of the concept of physical connections, which means that a Session will survive even if a connection is being opened and closed multiple times. Instead of being linked directly to a physical connection, Sessions have an expected "time to live", which you should set by using the "AutoSessionsLive" property when using  "AutoSessions=True".

Best Regards,
Danijel Tkalcec
Logged
hannesgw
RTC Expired
*
Posts: 11


« Reply #4 on: December 09, 2013, 08:16:49 PM »

Hi i've 2 TRtcDataProvider on a TDataModule linked to same TRtcHttpServer.
each TRtcDataProvider get an own session id, how can i fix that every DataProvider use same session?

dpTest: TRtcDataProvider;
dpDemo: TRtcDataProvider;

procedure TDataModule.OndpTestCheckRequest(Sender: TRtcConnection);
begin
  with TRtcDataServer(Sender) do
    if UpperCase(Request.FileName)='/TEST' then
      Accept;
end;

procedure TDataModule.OndpDemoCheckRequest(Sender: TRtcConnection);
begin
  with TRtcDataServer(Sender) do
    if UpperCase(Request.FileName)='/DEMO' then
      Accept;
end;

procedure TDataModule.OndpTestDataReceived(Sender: TRtcConnection);
begin
 with TRtcDataServer(Sender) do
 begin
  if FindSession(Request.Cookie['Session']) = False then
  begin
    OpenSession(sesIPFwdLock);
    Session.FinalExpire := (Now + ((1 / 1440) * 120));
    Session.KeepAlive := 240;
    Response.Cookie['Session'] := Session.ID;   
    Write('Session created on dpTest');
  end
  else Write('Session exist on dpTest');
 end;
end;

procedure TDataModule.OndpDemoDataReceived(Sender: TRtcConnection);
begin
 with TRtcDataServer(Sender) do
 begin
  if FindSession(Request.Cookie['Session']) = False then
  begin
    OpenSession(sesIPFwdLock);
    Session.FinalExpire := (Now + ((1 / 1440) * 120));
    Session.KeepAlive := 240;
    Response.Cookie['Session'] := Session.ID;   
    Write('Session created on dpDemo');
  end
  else Write('Session exist on dpDemo');
 end;
end;
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #5 on: December 09, 2013, 08:52:35 PM »

Every time you call OpenSession, a new Session will be created with a unique Session ID. That's all there is to Session creation. After that, you need to send that ID to the Client (for example - by using the Response Cookie headers, like you did in your example). Then, the Client is in control of that Session ID and the Client will be sending the Session ID to the Server. There is nothing you can do on the Server to control which Session ID will be sent from the Client. This has to be handled on the Client side.

Best Regards,
Danijel Tkalcec
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.024 seconds with 17 queries.