0

I want to get the previous session data if the user removes all his cookies manually or in other methods. Because i am storing some data in session and in my global too, and I need to remove that data from my global for every session destroyed.

Dexter
  • 12,172
  • 9
  • 27
  • 30

2 Answers2

2

If a user removes all his cookies, then he is a user without cookies, right? So how would you differentiate between this user and any other user? This is a very difficult problem and I doubt there is a reliable solution for it.

For example you might want to identify a user by IP, but IP might change ( dynamic IP ). You might want to identify user by creating WebSocket ( of FlashSocket ) connection and keep it open, but this will work only when user views your page ( and might be closed manually as well ).

So forget about previous sessions. If you need to clean session data, then create a CRON job or background thread ( or background asynchronous job in case of Node.JS ), which will do that periodically. Or you can just use passive cleaning, i.e. implement mechanism for sessions, that will clean itself when getting near the ( predefined ) memory limit ( this should fire when creating a new session ).

Bart
  • 19,692
  • 7
  • 68
  • 77
freakish
  • 54,167
  • 9
  • 132
  • 169
0

I just set the session to expire automatically in redis, so it will clean itself up over time. Unfortunately, I forget how I did this exactly, I think it's a property on the db.

When someone logs out, I destroy the session:

req.session.destroy(function(){
 //session has been destroyed
});
chovy
  • 72,281
  • 52
  • 227
  • 295
  • thanks for your comment, actually for logout I will destroy the session, but if the client deletes the cookie in the browser, how to destroy the old session, since I am using express and connect I found by debugging that it will check for the request is having session ID, it will continue otherwise it will generate new session. I may be wrong, and my debugging could be done not the right way. – Dexter Oct 16 '12 at 10:02
  • 1
    once the cookie is deleted, the user gets a new session. You just want to clean up these abandoned sessions in your session store occassionally. In redis, you can expire them. – chovy Oct 16 '12 at 17:49
  • But I need to remove the old session data in my global, so I need the old session data, Is there any event which emits when session is getting destroyed, so that I can access old session data? Correct me if I am wrong ? – Dexter Oct 18 '12 at 04:00