Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Ivanushka2552022-01-23 19:44:48
Sessions
Ivanushka255, 2022-01-23 19:44:48

How does the server identify the user with the session id?

I don't quite understand how this happens. For example:

  1. The user visits the site - sends a request. The server sends a response along with a unique session_id.
  2. The user passes authorization - enters login and the password.
  3. The user is logged into their account. There it sends different requests to the server.


How does the server understand that all requests are from the same client? Relatively speaking, the server writes to itself in some kind of temporary storage (it is valid only for the duration of the session) that such and such a session_id is such and such a user_id? Is the ip address used to identify the user?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alexander Karabanov, 2022-01-23
@Ivanushka255

The user has a session identifier entered in the cookie (actually, the file name if the sessions are stored in files or the key name if the sessions are stored, for example, in Redis or some other in-memory database).
Whether to use IP for additional identification or some other property of the client is up to the application developer.
When a user sends a request to the server, there is also a cookie with the session ID in the request headers, so the server will know who sent the request.

Similar questions
S
SagePtr2019-11-02 03:02:15
PHP Don't auto-create session on non-existence? 0Reply
A
Alexander2019-11-08 18:16:12
How to correctly set up work with sessions in nuxt.js and api on different domains? 0Reply
L
LeonidPokrovskiy2019-12-17 13:01:02
How to protect PHPSESSID from theft and leave access to the token for "your" JS? Am I thinking right? 1Reply
A
Alexey Anisimov2017-07-31 05:43:31
How to disable session creation when calling api methods in Symfony? 1Reply
S
SaiGe2017-08-30 10:52:48
I create session (for registration). In the authorization file, the array with sessions exists and works, but in the main file, the $_SESSION array is empty. What's wrong? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question