Revise session-mgmt.txt, session ID format has changed.
This commit is contained in:
parent
ad0f99505e
commit
3a590f58b8
|
@ -27,20 +27,20 @@ In a nutshell, session management with Quixote works like this:
|
|||
|
||||
* when a user-agent first requests a page from a Quixote application
|
||||
that implements session management, Quixote creates a Session object
|
||||
and generates a session ID (a random 64-bit number). The Session
|
||||
and generates a session ID (a random 128-bit number). The Session
|
||||
object is attached to the current HTTPRequest object, so that
|
||||
application code involved in processing this request has access to
|
||||
the Session object. The get_session() function provides uniform
|
||||
access to the current Session object.
|
||||
the Session object. The quixote.get_session() function provides
|
||||
uniform access to the current Session object.
|
||||
|
||||
* if, at the end of processing that request, the application code has
|
||||
stored any information in the Session object, Quixote saves the
|
||||
session in its SessionManager object for use by future requests and
|
||||
sends a session cookie, called ``QX_session`` by default, to the user.
|
||||
The session cookie contains the session ID encoded as a hexadecimal
|
||||
string, and is included in the response headers, eg. ::
|
||||
The session cookie contains the session ID encoded as a URL-safe
|
||||
base-64 string, and is included in the response headers, eg. ::
|
||||
|
||||
Set-Cookie: QX_session="928F82A9B8FA92FD"
|
||||
Set-Cookie: QX_session="pJX1bU47T-6hbfjP2f5pPA"
|
||||
|
||||
(You can instruct Quixote to specify the domain and path for
|
||||
URLs to which this cookie should be sent.)
|
||||
|
@ -51,7 +51,7 @@ In a nutshell, session management with Quixote works like this:
|
|||
cookie's domain and path, it includes the ``QX_session`` cookie
|
||||
previously generated by Quixote in the request headers, eg.::
|
||||
|
||||
Cookie: QX_session="928F82A9B8FA92FD"
|
||||
Cookie: QX_session="pJX1bU47T-6hbfjP2f5pPA"
|
||||
|
||||
* while processing the request, Quixote decodes the session ID and
|
||||
looks up the corresponding Session object in its SessionManager. If
|
||||
|
@ -166,7 +166,7 @@ For example, if the client requests ``/foo/bar/`` from
|
|||
www.example.com, and Quixote decides that it must set the session
|
||||
cookie in the response to that request, then the server would send ::
|
||||
|
||||
Set-Cookie: QX_session="928F82A9B8FA92FD"
|
||||
Set-Cookie: QX_session="pJX1bU47T-6hbfjP2f5pPA"
|
||||
|
||||
in the response headers. Since no domain or path were specified with
|
||||
that cookie, the browser will only include the cookie with requests to
|
||||
|
@ -180,7 +180,7 @@ config file::
|
|||
|
||||
which will cause Quixote to set the cookie like this::
|
||||
|
||||
Set-Cookie: QX_session="928F82A9B8FA92FD"; Path="/"
|
||||
Set-Cookie: QX_session="pJX1bU47T-6hbfjP2f5pPA"; Path="/"
|
||||
|
||||
which will instruct the browser to include that cookie with *all*
|
||||
requests to www.example.com.
|
||||
|
|
Loading…
Reference in New Issue