Answer the question
In order to leave comments, you need to log in
Reach out from another site and count session values in php?
Good afternoon.
I am writing the main part of the site in php, and the additional part (chat / web socket part / file server for faster returns) in golang.
It may seem like a perversion, but I want to try to do the following.
A person visits the php server, receives a page, then the javascript starts connecting via web sockets to the server on go. It is necessary to somehow inform this server that this user is, say, Vasya, and this one is Petya. There was a problem with the transfer of cookies in general via web sockets. I did it a little differently: When connecting, I write
var sock = new WebSocket("ws://localhost:2000/sock/12345");
those. 12345 is the ID of the user who connected. Now the server knows that user 12345 is sitting under this socket. Everything seems to be fine.
But of course, if a programmer looks in here, he can break everything.
I want to pass the name of the session, for example ocalhost:2000/sock/sessionName
Go server should send a request to some hidden php page of the server:
Tell me, is there such a session, if so, give me the person's ID.
Well, something like this.
Please tell me how to do this.
Thank you.
Answer the question
In order to leave comments, you need to log in
You need to store sessions in some centralized data store. For example memcached, redis, mongodb, etc.
And when requesting the server in golang - you need to pass the same cookie as in php. Then the golang server will be able to get the session ID, and it's easy to get all the session information from memcached, redis, etc.
Here is an example of session sharing between php and nodejs:
https://simplapi.wordpress.com/2012/04/11/php-node...
https://simplapi.wordpress.com/2012/04/13/php -and-...
Either you read the cookie with session_id from JS (not sure if it can be httponly), so it's better to pass session_id to JS when rendering the page from PHP (render js with a variable initialized with this value). And already connect with a socket, passing this session_id. Forging session_id is not possible. But, if it's ssykotno (shouldn't be), then set the expiration of the sessions to be sure.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question