Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: Mojolicious session does not expire

by Mr. Muskrat (Canon)
on Aug 09, 2017 at 16:21 UTC ( #1197116=note: print w/replies, xml ) Need Help??


in reply to Mojolicious session does not expire

First off let me say that it has been a while since I've used Mojolicious. Second you said "after the redirect, session still contains the username which was logged in" but you haven't provided any code that shows how you know this. Are you certain that the username is coming from the session and not the stash?

If you can provide a SSCCE then you'd really be helping everyone to help you solve this.

  • Comment on Re: Mojolicious session does not expire

Replies are listed 'Best First'.
Re^2: Mojolicious session does not expire
by Anonymous Monk on Aug 09, 2017 at 16:23 UTC
    There is a rather excellent chance that the page-image which shows logged in status is coming from the browser cache. Use the browser debugger to see if page content is actually being returned ... if the browser is actually requesting HTML from the network for the new page.
Re^2: Mojolicious session does not expire
by Anonymous Monk on Aug 29, 2017 at 12:39 UTC

    I know it's been a while, but we're still experiencing the same problem. The session is somehow not cleared. This code gets executed during logout:  "$self->session(expires => 1);

    Then, at login, printing the session variable  say $self->session('username'); sometimes yields the username and the user remains logged in, sometimes it is undefined and the user can log out successfully. I was not able to find a pattern for this, but it doesn't fail only on the server, it also fails on localhost, so there's no connection to that.

      Have you investigated whether your script sends the correct Set-Cookie headers upon logout?

      If yes, there is a problem with the browser, in that it maybe has old cookies that the program still considers valid.

      If no, investigate why the cookie headers are not sent.

      I found the error, the request was made using an <a href="" onclick="do_logout()"></a>, which was basically doing 2 actions at once and creating a race condition. Here is the relevant code snippet https://ideone.com/UUeYRw
      Thanks for helping!

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1197116]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others about the Monastery: (3)
As of 2018-01-19 04:35 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    How did you see in the new year?










    Results (215 votes). Check out past polls.

    Notices?