[plt-scheme] session info in web server applications

From: Dave Gurnell (d.j.gurnell at gmail.com)
Date: Fri Nov 6 04:48:07 EST 2009

FWIW: We've put together a simple little library for this called  
"session cells":

   - cookie stores a random "session ID";
   - each session cell is a struct with a "cell ID" in it;

   - there's a global hash table of session IDs to "session tables";
   - a session table is a hash of cell IDs to values.

I like this solution for the simplicity of the interface and the  
consistency with web cells.
Two things that require careful thought:

   - setting up the session cookie (a dispatcher stage would be good  
for this);
   - garbage collection (we use a several hour timeout... there may be  
a better approach).

Our code is all rolled up as part of a larger web toolkit but it  
wouldn't take long to extract
if you're interested.

-- Dave

Jay McCarthy wrote:

> Email =)
> Jay
> On Thu, Nov 5, 2009 at 5:47 PM, David Storrs  
> <david.storrs at gmail.com> wrote:
>> On Thu, Nov 5, 2009 at 5:06 AM, Jay McCarthy  
>> <jay.mccarthy at gmail.com> wrote:
>>> The standard thing [for sessions] is to use a parameter that the
>>> continuation
>>> captures (in the URL) and a cookie that the browser holds as an
>>> authenticator. In the FAQ I link to something that talks about doing
>>> cookies as authenticators correctly.
>>> Jay
>> This is enough of a FAQ that it should probably be a standard web- 
>> server
>> module.  I can take a look at our code base and see if the auth /  
>> session
>> parts can be easily packaged up and contributed back to core, or if  
>> they are
>> too wound into our business logic.  Assuming they can be broken  
>> out, what's
>> the best way to get the code to you, Jay?
>> Dave
> -- 
> Jay McCarthy <jay at cs.byu.edu>
> Assistant Professor / Brigham Young University
> http://teammccarthy.org/jay
> "The glory of God is Intelligence" - D&C 93
> _________________________________________________
>  For list-related administrative tasks:
>  http://list.cs.brown.edu/mailman/listinfo/plt-scheme

Posted on the users mailing list.