[Catalyst] logout and go back to previous session?

hubert depesz lubaczewski depesz at gmail.com
Tue Mar 13 08:56:42 GMT 2007


hi,
i have a slight problem designing software for one of business requirements.
this website will allow anonymous access. i.e. - when you go to
website, it will automatically create "anonymous" user so you will be
able to store all kind of information per this user without ever
logging in.
session for this should should be long-lasting - half a year.
the only connection to this "user" is via session cookie.

now. somebody else can use the same computer/browser to connect to his
account - named, with full login/password things.
so we create him a session (short term, only till the closing of browser).

but. after this "named" user will logout, or close the browser and
reopen - we should be able to go back to the previous "anonymous"
user.

my ideas about how to do it is quite simple in terms of "what to do":
1. when new user connects we create a user in database, mark it as
anonymous, login session under this new user, and set session timeout
to half-a-year.
2. when user logs into account - we take old session_id (this
anonymous) and store in cookie named differently than standard and
create new sessions logging user to his account.
3. when user logouts or somes back, and no session_id cookie is
present, we try to check old_session_id, and if so - somehow we set
current session to the old one.

now - the software is not yet written, so anything (with the exception
of business logic) can be done differently.

my questions are rather simple:
1. do you see any problems with this approach?
1a. if yes - how would you do it?
2. how to do the session-switching-thing (create new session in step
2, and switch to old session in step 3)?

best regards,

depesz



More information about the Catalyst mailing list