[Catalyst] Re: C::P::Session::Store::DBIC vs. change_session_id

Tamás Eisenberger tamas at eisenberger.hu
Sun Nov 7 13:33:13 GMT 2010 

Sorry for bumping, but noone tried to do this except me? And noone has an
idea what's going wrong? :(

2010/10/22 Tam=E1s Eisenberger <tamas at eisenberger.hu>

> Hy!
>
> I use $c->change_session_id in my login controller, and it worked great
> until I switched from FastMmap to DBIC as my session storrage.
>
> Then it gave me the following error, every second time when the login
> controller called:
> [error] Caught exception in engine
> "DBIx::Class::Relationship::CascadeActions::update(): Can't update
> iwstudio::cms2::Model::Cms2DBIC::Sessions=3DHASH(0xbe805a8): row not foun=
d at
> /usr/local/share/perl/5.10.1/Catalyst/Plugin/Session/Store/DBIC/Delegate.=
pm
> line 124"
>
> Some cases:
> No session cookie, hit login, WORKS, hit login again, ERROR
> Session cookie logged out, hit login, ERROR, hit login again, WORKS
> Session cookie logged in, hit login, ERROR, hit login again, WORKS
>
> I noticed that requests that not for login or logout doesn't do anything
> with sessions (if there were no session no one is created), because my pa=
ge
> still doesn't do anything but log in the user.
>
> So another case:
> Create session cookie with the logout controller (no login attempt), hit
> login, ERROR, hit login again, WORKS
>
> If I remove change_session_id everythings fine.
>
> So it seems that change_session_id
> garbages the session if it's exists and then dies with an error
> then subsequent requests get an invalid session id cookie, so behave like
> no existing session, and works fine.
>
> The problem exists with SQLite and Pg too.
>
> Loaded related modules:
> Catalyst::Plugin::Session (0.31)
> Catalyst::Plugin::Session::State ()
> Catalyst::Plugin::Session::State::Cookie (0.17)
> Catalyst::Plugin::Session::Store ()
> Catalyst::Plugin::Session::Store::DBIC (0.11)
> Catalyst::Plugin::Session::Store::DBIC::Delegate ()
> Catalyst::Plugin::Session::Store::Delegate (0.06)
> DBIx::Class (0.08123)
>
> The login controller:
> sub login : Chained('lang') Args(0) {
>     my ( $self, $c ) =3D @_;
>
>     if ($c->request->parameters->{'username'}) {
>         $c->logout();
>         $c->session->{admin} =3D undef; # reset admin's session data
>         $c->change_session_id();
>         $c->authenticate($c->request->parameters);
>         $c->stash->{done} =3D $c->user_exists() && $c->user->active;
>         unless ($c->stash->{done}) {
>             $c->stash->{message} =3D 'Invalid username or password';
>             $c->stash->{message} =3D 'You need to activate your account
> before you can use it!' if $c->user_exists();
>         }
>         if ($c->request->header('x-requested-with') eq 'XMLHttpRequest') {
>             $c->forward('View::JSON');
>         } else {
>             $c->flash->{login_done} =3D $c->stash->{done};
>             $c->flash->{message} =3D $c->stash->{message};
>
>
> $c->response->redirect($c->uri_for($c->controller('Root')->action_for('in=
dex')))
> if $c->stash->{done};
>         }
>     }
> }
>
> Thanks!
> Eisenberger Tam=E1s
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20101107/ed7e7=
c52/attachment.htm

More information about the Catalyst mailing list