[Request] Make session support issuing and validating #1199
Comments
|
I don't understand the question, how you will check "if user is logged in" if you don't check the session? You want something like |
|
Yeah, |
|
@kataras There is one more request that can we create the session ID by myself, or let us be able to retrieve a session ID by user ID? I need a way to kick off some online users. If we can create a session ID by myself, I could destroy the sessions which have a specific pattern, e.g. if we can add a user ID to mark a session ID, we can also retrieve the sessions belong to a specific user and destroy these sessions. |
|
Hello @zheeeng , sorry for the delay. Let me answer those questions...
Yes, take a look at the sessions/Config#SessionIDGenerator
Yes, you can destroy a session by its ID. Take a look at the sessions/Sessions#DestroyByID I am working on some websocket improvements and a new library for all gophers as well. Tell me more about your idea(maybe share a pseuto code snippet?) and I will make my bests to fulfill your needs at the upcoming version. Yours, |
|
Thx a lot. |
At present, no matter whether a user is signed or not, the session manager will always start a session for the context, we can only check user status by some session fields. It seems that the session provider is easy to be overwhelmed by meanless requests.
Can we only issue the session after login and validate the session by checking provider?
For issuing session, we have had the ability(check user and password then start a session). But we can't distinguish whether the user is logged in(generally we always start a session, if it is a fake user session, at present iris will create a one for this user).
The text was updated successfully, but these errors were encountered: