All geek questions in one place

Obtaining a Unique Session ID in Sinatra

I have a simple web application built using Sinatra with sessions enabled.

If I understand correctly, session data is stored in an encoded cookie. As session data changes, the cookie value also changes.

I need a unique session identifier that remains constant throughout the session. Is there such an identifier. Or should I create my own unique value and store it in the session myself?

Thanks!

EDIT: In the comment below, I thought of a useful comparison. If I had a Java servlet, I would use JSESSIONID as a unique identifier. I need a Sinatra equivalent to JSESSIONID.

+4
source share
4 answers

From what I can tell, JSESSIONID used to pass the session in the query string, and Sinatra does not have something like that, at least not easily accessible. Sinatra uses Rack to manage the session and, by default, uses a cookie to store all session data. There are other session parameters in Rack, such as memcached, where the unique session identifier is stored in a cookie, but even there are no Rack abstracts, so you never need to see the session identifier (although it is still available, see the documentation ).

If you want to go this route, take a look at the confusion with the Rack middleware in Sinatra, but if you only need a unique identifier, then it would probably be easier to create it yourself and save it in the session.

0
source

In the sinatra application, if you print session.keys, you will see that there is a "session_id" that contains a unique identifier for the current session. You can access this 64-byte string as a session ["session_id"].

+3
source

Since this is one of the first Google results for this object and there are no real examples in it, here is an easy way to create your own SESSION_ID. We rely on the likelihood and cryptographically secure coincidence to make our identifiers unique.

This is the only thing I put in my cookies. I keep all the rest of the data at the back end so that no one interferes with this.

 require 'sinatra' require 'securerandom' # The configuration here is just an example. Use your own secret, etc. use Rack::Session::Cookie, :key => 'SESSION_ID', :expire_after => 60*60*24, # == one day :secret => 'This one time, at band camp...' before do # Before every request, make sure they get assigned an ID. session[:id] ||= SecureRandom.uuid end get '/' do # Show off your new ID. "Your ID is #{session[:id]}" end
+2
source

As session data changes, the cookie value also changes.

This is true only if you use cookies to store session data, which is the default session repository used by Sinatra. Read more at http://rubydoc.info/github/rack/rack/master/Rack/Session .

I need a unique session identifier that remains constant throughout the session. Is there such an identifier. Or should I create my own unique value and store it in the session myself?

You can access the Sinatra session identifier using the id instance method for the session instance Rack::Session::Abstract::SessionHash . More details at http://rubydoc.info/github/rack/rack/master/Rack/Session/Abstract/SessionHash#id-instance_method .

Example:

 require 'sinatra' configure do enable :sessions end get '/' do session.id end
+1
source

Source: https://habr.com/ru/post/1347583/

More articles:


All Articles