JavaScript client Sessions

From RAD Studio
Jump to: navigation, search

Go Up to DataSnap REST


JavaScript REST clients for DataSnap obtain a session ID after they invoke their first server method, provided that the invocation passed user authentication. If authentication passed, but authorization did not, a session ID will still be obtained.

The session ID is stored in a variable called $$SessionID$$, initially defined in the ServerFunctionExecutor.js file.

Losing the Session

When the session is lost, the client will clear the value of $$SessionID$$. The next call to invoke a server method will create a new session.

Expiry

The session can expire after a specific amount of time, as defined by the server. The default value for this is 20 minutes. When the server passed the client its session ID, it also passes back the time at which the session will expire. This is used on the client to know when to forget the session ID, avoiding (or at least reducing the chances of) passing a session ID to the server for an expired session, which would cause the invocation to fail with the appropriate session expired message. Expiry is based on inactivity, so every time you invoke a server method, your session is renewed.

User Termination

You can manually close the session from the client code by calling the closeSession function on a ServerFunctionExecutor instance. You can get access to an instance of the executor from a Proxy class instance by calling [Proxy].executor. If you have an instance of ClientChannel available, that also has a closeSession function which can be used.

Administrative

The server can choose at any time to terminate a session. If the client code then tries to use the session ID to invoke something on the server, a JSON response will be returned indicating that the session has expired.

Leaving the Page

By default, the session ID is not stored in a cookie, and therefore if you refresh the page, leave it and come back, or navigate between pages of a multipage application, then a new session will be created and the old one will be left dangling on the server until it expires.

Keeping the Session

To remember the session ID between page loads, you need to enable the session cookie. To do this, for instance, call: 

initSessionData(true, "chat_");

This should be called when the page first loads, after the ServerFunctionExecutor.js file has been included. This will store the session ID in a cookie, which is set to expire at the same time the session expires on the server. The second parameter is a string that will be prefixed to the general cookie ID (dssessionid). This means that if you call initSessionData(true, "chat_"), then cookies are enabled, and the cookie used will have a key named "chat_dssessionid". This allows you to have complete control over which application uses which session ID/cookie. You could also have multiple instances of the same client storing their own unique session ID, provided you persist the prefix somehow between page refresh/reloads.

See Also

Retrieved from "http://docwiki.embarcadero.com/RADStudio/Sydney/e/index.php?title=JavaScript_client_Sessions&oldid=232427"