1

I am having a rather weird problem with Chris Kacerguis’ CodeIgniter REST Server.

Problems:

1) I am NOT loading the CodeIgniter session library, even then new entries are being created in the ci_sessions database table, everytime I am making an HTTP Request to my REST Api.

2) A brand new entry is being created (and the old entry is NOT being updated) in the db, on every HTTP Request, even when the IP Address is remaining the same.

This is my config.php file:

$config['sess_driver'] = 'database';
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 0;
$config['sess_save_path'] = 'ci_sessions';
$config['sess_match_ip'] = TRUE;
$config['sess_time_to_update'] = 300;
$config['sess_regenerate_destroy'] = TRUE;

$config['cookie_prefix']    = '';
$config['cookie_domain']    = '';
$config['cookie_path']      = '/';
$config['cookie_secure']    = FALSE;
$config['cookie_httponly']  = FALSE;

I tried, individually and in combination, the following things:

$config['sess_match_ip'] = FALSE;
$config['sess_time_to_update'] = 0;
$config['sess_regenerate_destroy'] = FALSE;

and

$config['cookie_domain']    = '.mydomain.com';

But nothing worked.

Is this normal or some kind of a bug? What am I doing wrong? Anyone else having the same problem?

Another thing is that, I am not facing this issue in vanilla CodeIgniter. There, everything is working fine and as expected.

Update

I found something while struggling with the second part of the problem.

Two session entries are being created in the database while making the first HTTP Request - one for the client and another one for the REST Server. From the second request, the client 'version' of the cookie is being UPDATED while the server 'version' is being RE-GENERATED.

4

1 回答 1

3

For the 1st part of the problem:

As pointed out by @JamesLalor in the comments,

  1. You must either be autoloading the session

    OR

  2. You are using some external library which is, in turn, loading the session library.

For the 2nd part of the problem:

The below solution may not be the best, but it worked for me.

Multiple sessions creation problem occurs when:

  1. You have both REST Server and Client within the same CodeIgniter Application directory

    AND

  2. Session library is auto-loaded

To the Client, the user is the consumer. A session is created for the user, having the IP address of that user. A cookie is set on the user’s browser with which the session is validated and updated (or newly created) based on the validation.

To the REST Server, the Client is the consumer. Here also a session is created (if both condition 1 and 2 above is fulfilled), but this time, it is for the Client, and this session has the IP address of the server on which the Client resides (if condition 1 above is fulfilled, then it is the IP address of the same server on which your app resides). But this time a cookie could not be set, as the consumer is not a browser. Hence, the session validation fails and a new session is created each time the page loads.

Solution:

REST is stateless and every request should contain all the information required to fulfil the request. Therefore, using sessions (whose sole job is to maintain user’s state) on REST Server is considered a bad practice. It is the job of the Client to maintain the user’s session and pass the required information to the REST Server on each and every request.

Therefore, assuming that you would not be needing session within REST Server, the solution is to remove session from autoload[‘libraries’] list, within autoload.php file, and load the library within the Client constructor (or when you need it).

Sorry for grammatical errors and/or bad English. It is not my native language.

于 2017-07-28T14:42:33.163 回答