cowboy: session state and connection timeout

jdmeta jdmeta@REDACTED
Tue Mar 2 05:14:12 CET 2021


thanx for the reply leonard.

agree about the http vs. websocket distinction.
i started out http because i was hoping i could get to mvp sooner but, 
as you point out, websockets has some advantages.
since i want to end up there anyway i may bite the bullet and gostraight 
there in mvp.

agree that clients can implement a timeout but servers can do the same.
on client authorization a token is created by the server and clients 
include said token as a header in their requests.
servers can start a timer on token accesses and invalidate the token if 
the timer expires.
subsequent requests from the client will be redirected to the login page.

this feels less brittle to me than solely depending on the javascript to 
hit a route when the tab/window is closed (or the network goes down, etc.)

it's still not completely clear to me how to maintain session state even 
for http in cowboy.
this is a well-known function in most web serving frameworks.
do i have to roll-my-own?

------------------------------------------------------------------------

On 2/24/2021 1:04 PM, Leonard B wrote:
> My understanding would be that:
> 1. a connection in cowboy is not what you think it is for plain http.
> It only exists for the lifespan of the request/response.
> 2. the _client_ can experience a 'connection timeout', not the server,
> since the client can time out attempting to connect to the server
>
> The behavior in websockets(and h2) is a difference story entirely
> since that is a persistent/stateful connection between the client and
> server.
>
>
>
> On Wed, Feb 24, 2021 at 1:12 PM jdmeta <jdmeta@REDACTED> wrote:
>>
>> i'm building a web app using cowboy with mnesia as persistent storage.
>> the current version uses http (may move to websockets in the future).
>>
>> during the lifetime of a user's session, i need to maintain per-user state that is available to all route handlers.
>> i plan to initialize this state when a user logs in and write parts of it to persistent storage when the session ends.
>> sessions can terminate because of the user logging out or because of a connection timeout.
>>
>> if a user logs out, then my javascript can hit a route which can write persistent storage.
>> if the connection times out, i need to get a message (presumably from cowboy or ranch) to one of my processes so that it can write persistent storage.
>>
>> i scoured the documentation for cowboy and ranch but didn't find any mention of a mechanism to receive a message on connection timeout.
>>
>> any help would be appreciated.
>> thanx.
>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20210301/7d0f6b5f/attachment.htm>


More information about the erlang-questions mailing list