[Libwebsockets] RFC: lightweight sessions

Colin Adams colinpauladams at gmail.com
Tue May 24 20:09:23 CEST 2016


It doesn't seem to make much difference.

Js console shows:

GET http://localhost:7681/lwsgs/lwsgs.js
net::ERR_INCOMPLETE_CHUNKED_ENCODING
(index):32 Uncaught ReferenceError: lwsgs_user is not defined(anonymous
function) @ (index):32
(index):99 Uncaught ReferenceError: san is not defined(anonymous function)
@ (index):99
(index):113 Uncaught ReferenceError: lwsgs_user is not defined(anonymous
function) @ (index):113

Log shows:

lwsws[13480]: Set privs to user 'apache'
lwsws[13480]: failed to get sid from wsi
lwsws[13480]: LWS_CALLBACK_ADD_HEADERS: setting cookie
'id=df5a721afc83cb6d849282b3fe6fd43d75073213;Expires=2016-05-24 18:27
GMT;path=/;Max-Age=1464114478;HttpOnly'
lwsws[13480]: failed to get sid from wsi
lwsws[13480]: want
/usr/local/share/libwebsockets-test-server/generic-sessions//lwsgs.js
interpreted by protocol-generic-sessions
lwsws[13480]: LWS_CALLBACK_ADD_HEADERS: setting cookie
'id=9204b4cdb481b9f84ebfa4f686e441bb1065c5bb;Expires=2016-05-24 18:27
GMT;path=/;Max-Age=1464114479;HttpOnly'
lwsws[13480]: Used up interpret padding
lwsws[13480]: LWS_CALLBACK_HTTP
lwsws[13480]: failed to get sid from wsi
lwsws[13480]: LWS_CALLBACK_ADD_HEADERS: setting cookie
'id=340c5b33faf9ca957048845f13e7cfe37a56991e;Expires=2016-05-24 18:27
GMT;path=/;Max-Age=1464114479;HttpOnly'
lwsws[13480]: wsi 0x1c8b8b0: TIMEDOUT WAITING on 10 (did hdr 1, ah
0x1c40048, wl 0, pfd events 0)
lwsws[13480]: lws_header_table_detach: wsi 0x1c8b8b0: ah held 21s, ah.rxpos
568, ah.rxlen 568, mode/state 2 4,wsi->more_rx_waiting 0


On Tue, 24 May 2016 at 18:39 Andy Green <andy at warmcat.com> wrote:

>
>
> On 05/25/2016 01:32 AM, Andy Green wrote:
> >
> >
> > On May 25, 2016 1:23:50 AM GMT+08:00, Colin Adams <
> colinpauladams at gmail.com> wrote:
> >> I'm still seeing a blank page (from display:none on the divs).
> >
> > Check your browser js console... when you first saw this it was because
> the browser looked for /lwsgs.js when it should have looked at
> /lwsgs/lwsgs.js, and got a 404.  After that it won't be able to process the
> scripts.
> >
> > That should be solved by the / at the end of the url.
> >
> > For reference if I clear the cookie by hand at the browser and then go
> to http://localhost:7681/lwsgs the log is
> >
> > lwsws[12811]: failed to get sid from wsi
> > lwsws[12811]: failed to get sid from wsi
> > lwsws[12811]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> 'id=8c0325ae054f18f5eaf8428de75c77d5c9038aee;Expires=2016-05-24 17:45
> GMT;path=/;Max-Age=1464111957;HttpOnly'
> > lwsws[12811]: want
> /usr/share/libwebsockets-test-server/generic-sessions//lwsgs.js interpreted
> by protocol-generic-sessions
> >
> > and I have the login page up (which can login using the default admin
> credentials).
>
> Sorry one more update on master that might be related.
>
> -Andy
>
> > -Andy
> >
> >> The log looks innocuous:
> >>
> >> wsws[12023]: Set privs to user 'apache'
> >> lwsws[12023]: failed to get sid from wsi
> >> lwsws[12023]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> >> 'id=da8e98cc0e4b771f77e042121183a3b8f2b0b86d;Expires=2016-05-24 17:41
> >> GMT;path=/;Max-Age=1464111699;HttpOnly'
> >> lwsws[12023]: failed to get sid from wsi
> >> lwsws[12023]: failed to get sid from wsi
> >> lwsws[12023]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> >> 'id=c7762dcda3c39bd0f1c3628b77cf50d61b22bca9;Expires=2016-05-24 17:41
> >> GMT;path=/;Max-Age=1464111704;HttpOnly'
> >> lwsws[12023]: failed to get sid from wsi
> >> lwsws[12023]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> >> 'id=2d3a680609d72519c539c7f1822fdf40a7ffd1e3;Expires=2016-05-24 17:43
> >> GMT;path=/;Max-Age=1464111783;HttpOnly'
> >>
> >>
> >> On Tue, 24 May 2016 at 18:12 Andy Green <andy at warmcat.com> wrote:
> >>
> >>>
> >>>
> >>> On 05/25/2016 01:04 AM, Colin Adams wrote:
> >>>> It's the same result, although it takes longer, and the log entries
> >> are
> >>>> different:
> >>>>
> >>>> wsws[11461]: Set privs to user 'apache'
> >>>> lwsws[11461]: failed to get sid from wsi
> >>>> lwsws[11461]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> >>>> 'id=3f1d8b0159ffe2c1f1abaf74a2cbbee84f229391;Expires=2016-05-24
> >> 17:23
> >>>> GMT;path=/;Max-Age=1464110613;HttpOnly'
> >>>> lwsws[11461]: failed to get sid from wsi
> >>>> lwsws[11461]: want
> >>>>
> >> /usr/local/share/libwebsockets-test-server/generic-sessions//lwsgs.js
> >>>> interpreted by protocol-generic-sessions
> >>>> lwsws[11461]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> >>>> 'id=abc1299229ef19850166323b1dcd055ecf155d7a;Expires=2016-05-24
> >> 17:23
> >>>> GMT;path=/;Max-Age=1464110613;HttpOnly'
> >>>> lwsws[11461]: Used up interpret padding
> >>>> lwsws[11461]: LWS_CALLBACK_HTTP
> >>>> lwsws[11461]: failed to get sid from wsi
> >>>> lwsws[11461]: LWS_CALLBACK_ADD_HEADERS: setting cookie
> >>>> 'id=157a2df7dac198c16b3477a5ce494a713d486b7a;Expires=2016-05-24
> >> 17:23
> >>>> GMT;path=/;Max-Age=1464110613;HttpOnly'
> >>>> lwsws[11461]: wsi 0x229b8b0: TIMEDOUT WAITING on 10 (did hdr 1, ah
> >>>> 0x224f3a0, wl 0, pfd events 0)
> >>>> lwsws[11461]: lws_header_table_detach: wsi 0x229b8b0: ah held 21s,
> >>>> ah.rxpos 568, ah.rxlen 568, mode/state 2 4,wsi->more_rx_waiting 0
> >>>> lwsws[11461]: failed to get sid from wsi
> >>>
> >>> If you update to master again, the need for / and that problem should
> >>> both be gone.
> >>>
> >>> -Andy
> >>>
> >>>>
> >>>>
> >>>> On Tue, 24 May 2016 at 17:57 Andy Green <andy at warmcat.com
> >>>> <mailto:andy at warmcat.com>> wrote:
> >>>>
> >>>>
> >>>>
> >>>>      On 05/25/2016 12:32 AM, Colin Adams wrote:
> >>>>       > Oh, sid stands for session-id - I see.
> >>>>       >
> >>>>       > I thought I'd changed the /usr/share to /usr/local/share -
> >> but as
> >>> you
> >>>>       > worked out, I hadn't.
> >>>>       >
> >>>>       > Now I've fixed that, I see an empty page. Looking at the
> >> source,
> >>>>      I see
> >>>>       > style="display:none" on both the div elements.
> >>>>
> >>>>      If you go to
> >>>>
> >>>>      http://localhost:7681/lwsgs/
> >>>>
> >>>>      (note the final / ) I think you'll be working.
> >>>>
> >>>>      -Andy
> >>>>
> >>>>       > On Tue, 24 May 2016 at 17:11 Andy Green <andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>
> >>>>       > <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>> wrote:
> >>>>       >
> >>>>       >
> >>>>       >
> >>>>       >     On 05/24/2016 11:52 PM, Colin Adams wrote:
> >>>>       >      > OK. Getting nearer now.
> >>>>       >      >
> >>>>       >      > If I understand the readme correctly, to get a login
> >> page
> >>>>      i need to
> >>>>       >      > point my browser to
> >>>>       >      >
> >>>>       >      > http://localhost:7681/lwsgs
> >>>>       >      >
> >>>>       >      > If I do that, I get a 404, and the log says:
> >>>>       >
> >>>>       >     The canned paths in the readme assume things installed
> >> in
> >>>>      /usr/share,
> >>>>       >     you'll need to slip a '/local' in them if that's where
> >> they
> >>> were
> >>>>       >     installed.
> >>>>       >
> >>>>       >      > lwsws[10660]: failed to get sid from wsi
> >>>>       >
> >>>>       >     That's ok since no chance to paint the client with a
> >> cookie
> >>> the
> >>>>       >     first time.
> >>>>       >
> >>>>       >     -Andy
> >>>>       >
> >>>>       >      >
> >>>>       >      > On Tue, 24 May 2016 at 16:26 Colin Adams
> >>>>       >     <colinpauladams at gmail.com
> >> <mailto:colinpauladams at gmail.com>
> >>>>      <mailto:colinpauladams at gmail.com
> >> <mailto:colinpauladams at gmail.com>>
> >>>>       >      > <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>> wrote:
> >>>>       >      >
> >>>>       >      >     Confirmed that it acquired the apache id:
> >>>>       >      >
> >>>>       >      >     ps -U root -u apache u | grep lwsws
> >>>>       >      >     apache   10599  0.0  0.0  70032  6108 ?        Ss
> >>>>        16:25   0:00
> >>>>       >      >     /usr/local/bin/lwsws -D
> >>>>       >      >
> >>>>       >      >
> >>>>       >      >     On Tue, 24 May 2016 at 16:16 Colin Adams
> >>>>       >     <colinpauladams at gmail.com
> >> <mailto:colinpauladams at gmail.com>
> >>>>      <mailto:colinpauladams at gmail.com
> >> <mailto:colinpauladams at gmail.com>>
> >>>>       >      >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>> wrote:
> >>>>       >      >
> >>>>       >      >         I'm just calling
> >>>>       >      >         sudo /usr/local/bin/lwsws
> >>>>       >      >         so it ought to be running as root
> >>>>       >      >
> >>>>       >      >         On Tue, 24 May 2016 at 16:13 Andy Green
> >>>>      <andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >      >         <mailto:andy at warmcat.com
> >> <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>> wrote:
> >>>>       >      >
> >>>>       >      >
> >>>>       >      >
> >>>>       >      >             On May 24, 2016 11:10:32 PM GMT+08:00,
> >> Colin
> >>> Adams
> >>>>       >      >             <colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>
> >> <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>>
> >>>>       >      >             wrote:
> >>>>       >      >              >OK. I've got it installed.
> >>>>       >      >              >
> >>>>       >      >              >But when running I get messages:
> >>>>       >      >              >
> >>>>       >      >              >lwsws[10192]: Unable to open session db
> >>>>       >      >             /var/www/sessions/lws.sqlite3:
> >>>>       >      >              >unable to open database file
> >>>>       >      >              >
> >>>>       >      >              >I don't know anything about sqlite3,
> >> but I'm
> >>>>      guessing
> >>>>       >      >             perhaps I need to
> >>>>       >      >              >define a user name first? Or is there
> >>>>      something missing
> >>>>       >      >             from the readme
> >>>>       >      >              >(I
> >>>>       >      >              >issued the two commands to create the
> >>>>      directory and set
> >>>>       >      >             the owner to
> >>>>       >      >              >root.apache).
> >>>>       >      >
> >>>>       >      >             Are you starting it as root?  Otherwise
> >> it
> >>> doesn't
> >>>>       >     have the
> >>>>       >      >             rights to change to run under apache uid.
> >>>>       >      >
> >>>>       >      >             -Andy
> >>>>       >      >
> >>>>       >      >              >On Tue, 24 May 2016 at 15:38 Andy Green
> >>>>       >     <andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >      >             <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>>>>
> >>>>       >     wrote:
> >>>>       >      >              >
> >>>>       >      >              >>
> >>>>       >      >              >>
> >>>>       >      >              >> On 05/24/2016 09:06 PM, Colin Adams
> >> wrote:
> >>>>       >      >              >> > I did:
> >>>>       >      >              >> > git pull
> >>>>       >      >              >> > cd build
> >>>>       >      >              >> > make
> >>>>       >      >              >> > sudo make install
> >>>>       >      >              >> >
> >>>>       >      >              >> > and got:
> >>>>       >      >              >> > CMake Error at
> >> cmake_install.cmake:427
> >>>>      (file):
> >>>>       >      >              >> > file INSTALL cannot find
> >>>>       >      >
> >>> "/home/colin/libwebsockets/plugins/lwsgs.js".
> >>>>       >      >              >> >
> >>>>       >      >              >> > I had previously done:
> >>>>       >      >              >> >
> >>>>       >      >              >> > cmake -D LWS_WITHOUT_DAEMONIZE=OFF
> >> -D
> >>>>       >     LWS_WITH_PLUGINS=ON
> >>>>       >      >              >> > -DLWS_WITH_LWSWS=1 ..
> >>>>       >      >              >> >
> >>>>       >      >              >> > so is there anything else I should
> >> have
> >>>>      done?
> >>>>       >      >              >>
> >>>>       >      >              >> No it's my fault, I missed it from
> >> git
> >>>>      add.  Please
> >>>>       >      >             fetch (not pull)
> >>>>       >      >              >> master again.
> >>>>       >      >              >>
> >>>>       >      >              >> Because master doesn't have a
> >> history, you
> >>>>      need
> >>>>       >     to track
> >>>>       >      >             it like
> >>>>       >      >              >this,
> >>>>       >      >              >> assuming you have no local patches
> >>>>       >      >              >>
> >>>>       >      >              >> $ git fetch
> >>>>       > https://github.com/warmcat/libwebsockets.git
> >>>>       >      >             +master:m &&
> >>>>       >      >              >> git reset --hard m
> >>>>       >      >              >>
> >>>>       >      >              >> -Andy
> >>>>       >      >              >>
> >>>>       >      >              >> >
> >>>>       >      >              >> > On Tue, 24 May 2016 at 11:26 Andy
> >> Green
> >>>>       >      >             <andy at warmcat.com
> >> <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> >>>>       >      >              >> > <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>
> >>>>       >      >             wrote:
> >>>>       >      >              >> >
> >>>>       >      >              >> >
> >>>>       >      >              >> >
> >>>>       >      >              >> >     On 05/24/2016 06:15 PM, Colin
> >> Adams
> >>>>      wrote:
> >>>>       >      >              >> >      > My opinion is that I
> >> personally
> >>>>      will not
> >>>>       >     need
> >>>>       >      >             anything
> >>>>       >      >              >beyond
> >>>>       >      >              >> >     what you
> >>>>       >      >              >> >      > have already described (but
> >> I am
> >>>>       >     assuming that
> >>>>       >      >             the email
> >>>>       >      >              >address
> >>>>       >      >              >> that
> >>>>       >      >              >> >      > the user used for
> >> registration is
> >>>>       >     available in
> >>>>       >      >             the DB. And
> >>>>       >      >              >maybe
> >>>>       >      >              >> that
> >>>>       >      >              >> >      > assumption is wrong).
> >>>>       >      >              >> >
> >>>>       >      >              >> >     It will be... you can see the
> >> schema
> >>>>      here
> >>>>       >      >              >> >
> >>>>       >      >              >> >
> >>>>       >      >              >>
> >>>>       >      >
> >>>>       >
> >>>>       >
> >>>
> >>
> https://github.com/warmcat/libwebsockets/blob/master/plugins/protocol_generic_sessions.c#L522
> >>>>       >      >              >> >
> >>>>       >      >              >> >     but the register / email part
> >> is not
> >>>>      wired
> >>>>       >     up yet.
> >>>>       >      >              >> >
> >>>>       >      >              >> >     Currently I am imagining this
> >>>>       >     "generic-sessions"
> >>>>       >      >             plugin only
> >>>>       >      >              >deals
> >>>>       >      >              >> with
> >>>>       >      >              >> >     authentication of a username.
> >> That
> >>>>      includes
> >>>>       >      >             registration,
> >>>>       >      >              >email
> >>>>       >      >              >> >     confirmation, "forgot
> >> password",
> >>>>      eventually
> >>>>       >     admin
> >>>>       >      >             maintenance
> >>>>       >      >              >pages,
> >>>>       >      >              >> >     managing the sesion database
> >> and so
> >>>>      on, but
> >>>>       >     NO other
> >>>>       >      >              >information
> >>>>       >      >              >> except
> >>>>       >      >              >> >     the client has a cookie
> >>>>      authenticated for a
> >>>>       >     given
> >>>>       >      >             username (or
> >>>>       >      >              >no
> >>>>       >      >              >> >     username if not logged in).
> >>>>       >      >              >> >
> >>>>       >      >              >> >     So the api to this in your ws
> >>>>      protocol handler
> >>>>       >      >             would only be
> >>>>       >      >              >"what's
> >>>>       >      >              >> my
> >>>>       >      >              >> >     username".  If it gives you a
> >>>>      username, you
> >>>>       >     know
> >>>>       >      >             it has been
> >>>>       >      >              >> >     authenticated.  You can also
> >>> segregate
> >>>>       >     access to
> >>>>       >      >             mounts by if
> >>>>       >      >              >you're
> >>>>       >      >              >> >     logged in, or logged in as
> >> admin, but
> >>>>       >     that's it.
> >>>>       >      >              >> >
> >>>>       >      >              >> >     Storing stuff that your
> >> protocol
> >>> handler
> >>>>       >     deals in
> >>>>       >      >             for that
> >>>>       >      >              >user, eg,
> >>>>       >      >              >> >     using the username as the db
> >> key, is
> >>>>       >     completely a
> >>>>       >      >             separate
> >>>>       >      >              >issue
> >>>>       >      >              >> private
> >>>>       >      >              >> >     to your protocol handler.  It
> >> would,
> >>> eg,
> >>>>       >     use its
> >>>>       >      >             own sqlite3
> >>>>       >      >              >database
> >>>>       >      >              >> >     for it if that's what he wanted
> >> to
> >>> do.
> >>>>       >      >              >> >
> >>>>       >      >              >> >     -Andy
> >>>>       >      >              >> >
> >>>>       >      >              >> >
> >>>>       >      >              >> >      > On Tue, 24 May 2016 at 11:11
> >> Andy
> >>>>      Green
> >>>>       >      >             <andy at warmcat.com
> >> <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> >>>>       >      >              >> >     <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
> >>>>       >      >              >> >      > <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >      >             <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>>>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >      >             <mailto:andy at warmcat.com <mailto:
> >>> andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>>>
> >>> wrote:
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     On 05/23/2016 11:37 PM,
> >> Andy
> >>>>      Green
> >>>>       >     wrote:
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      > On May 23, 2016
> >> 9:14:57 PM
> >>>>      GMT+08:00,
> >>>>       >      >             Colin Adams
> >>>>       >      >              >> >      >      >
> >> <colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>
> >>>>       >      >             <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>
> >>>>       >      >              >> >
> >> <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>
> >>>>       >      >             <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>>
> >>>>       >      >              ><mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>
> >>>>       >      >             <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>
> >>>>       >      >              >> >
> >> <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>
> >>>>       >      >             <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>
> >>>>       >     <mailto:colinpauladams at gmail.com
> >>>>      <mailto:colinpauladams at gmail.com>>>>>> wrote:
> >>>>       >      >              >> >      >      >> This sounds like
> >>>>      something that
> >>>>       >     I was
> >>>>       >      >             going to have
> >>>>       >      >              >to
> >>>>       >      >              >> >     write myself
> >>>>       >      >              >> >      >      >> for my application
> >> (a game
> >>>>       >     server). I
> >>>>       >      >             can't think
> >>>>       >      >              >offhand
> >>>>       >      >              >> >     of any
> >>>>       >      >              >> >      >      >> further
> >> improvements, but
> >>> I
> >>>>       >     might find
> >>>>       >      >             something
> >>>>       >      >              >when I
> >>>>       >      >              >> >     try it
> >>>>       >      >              >> >      >      >> out. My C skills are
> >> 17
> >>>>      years rusty
> >>>>       >      >             (apart from
> >>>>       >      >              >fragments
> >>>>       >      >              >> >     involved
> >>>>       >      >              >> >      >      >> in writing language
> >>>>      bindings),
> >>>>       >     but I'm
> >>>>       >      >             sure I can
> >>>>       >      >              >polish
> >>>>       >      >              >> >     them up if
> >>>>       >      >              >> >      >      >> I find any
> >> enhancements
> >>>>      needed.
> >>>>       >     Is this
> >>>>       >      >             in master
> >>>>       >      >              >now?
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      > No, it's very much a
> >> WIP.
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      > But today it's
> >> working for
> >>>>      admin
> >>>>       >     login /
> >>>>       >      >             logout, the
> >>>>       >      >              >> cookies,
> >>>>       >      >              >> >      >      > persistent session
> >> db,
> >>>>      rewriting r/o
> >>>>       >      >             copies of the
> >>>>       >      >              >state
> >>>>       >      >              >> >     into js vars
> >>>>       >      >              >> >      >      > (so the example login
> >> page
> >>>>      js can
> >>>>       >     change
> >>>>       >      >             to a logout
> >>>>       >      >              >form
> >>>>       >      >              >> >      >      > appropriately), and
> >> all
> >>>>       >     customization in
> >>>>       >      >             the lwsws
> >>>>       >      >              >JSON
> >>>>       >      >              >> >     and login
> >>>>       >      >              >> >      >      > html (there are
> >> hidden
> >>>>      form elements
> >>>>       >      >             that control the
> >>>>       >      >              >next
> >>>>       >      >              >> url
> >>>>       >      >              >> >      >      > depending on how the
> >> login
> >>> /
> >>>>       >     logout went).
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      > I'll tidy it up and
> >> add
> >>>>      some docs
> >>>>       >      >             tomorrow, and check
> >>>>       >      >              >if
> >>>>       >      >              >> >     it broke
> >>>>       >      >              >> >      >      > anything else, but
> >> you can
> >>> see
> >>>>       >     it's only
> >>>>       >      >             usable for
> >>>>       >      >              >> >     development
> >>>>       >      >              >> >      >      > today.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     I pushed what there is
> >> of
> >>>>      it... for now
> >>>>       >      >             it's enabled in
> >>>>       >      >              >cmake
> >>>>       >      >              >> >     with
> >>>>       >      >              >> >      >     LWS_WITH_LWSWS.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     See
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >
> >>>>       >      >              >>
> >>>>       >      >
> >>>>       >
> >>>>       >
> >>>
> >>
> https://github.com/warmcat/libwebsockets/blob/master/README.generic-sessions.md
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     You can add the mounts
> >>>>      mentioned in
> >>>>       >     there
> >>>>       >      >             and the
> >>>>       >      >              >protocol
> >>>>       >      >              >> >     import part
> >>>>       >      >              >> >      >     to the existing lwsws
> >> example
> >>>>      config.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     The admin account and
> >>>>      password in the
> >>>>       >      >             protocol config
> >>>>       >      >              >part is
> >>>>       >      >              >> >     admin /
> >>>>       >      >              >> >      >     jipdocesExunt
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     If you navigate to
> >>>>       >      > http://localhost:7681/lwsgs you
> >>>>       >      >              >should see
> >>>>       >      >              >> >     a login
> >>>>       >      >              >> >      >     form that you can login
> >> with
> >>>>      those
> >>>>       >      >             credentials, which
> >>>>       >      >              >will
> >>>>       >      >              >> >     take you to a
> >>>>       >      >              >> >      >     URL in
> >> /lwsgs/needadmin/...
> >>>>      that cannot
> >>>>       >      >             otherwise be
> >>>>       >      >              >served.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     If you go back and
> >> refresh
> >>>>      the login
> >>>>       >     page,
> >>>>       >      >             it now knows
> >>>>       >      >              >your
> >>>>       >      >              >> >     session is
> >>>>       >      >              >> >      >     authenticated and this
> >> time
> >>>>      shows your
> >>>>       >      >             login name
> >>>>       >      >              >together
> >>>>       >      >              >> >     with a logout
> >>>>       >      >              >> >      >     button... this is done
> >> in JS
> >>>>      clientside
> >>>>       >      >             with the tiny
> >>>>       >      >              >rewrite
> >>>>       >      >              >> of
> >>>>       >      >              >> >      >     "$lwsgs_user" in the
> >> included
> >>>>      lwsgs.js.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     The active sessions are
> >>> stored in
> >>>>       >     sqlite3
> >>>>       >      >             on the server
> >>>>       >      >              >side
> >>>>       >      >              >> >     and the
> >>>>       >      >              >> >      >     expiry, controlled from
> >> the
> >>>>      config file,
> >>>>       >      >             should be
> >>>>       >      >              >respected.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     The actual users will
> >> also go
> >>>>      in a
> >>>>       >     table in
> >>>>       >      >             sqlite3, but
> >>>>       >      >              >> admin's
> >>>>       >      >              >> >      >     credentials are set in
> >> the
> >>> config
> >>>>       >     outside
> >>>>       >      >             of that.
> >>>>       >      >              >Those
> >>>>       >      >              >> >     users and
> >>>>       >      >              >> >      >     registration aren't done
> >> yet.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >      > I'm mainly wondering
> >> what
> >>>>      people want
> >>>>       >      >             from the
> >>>>       >      >              >persistent
> >>>>       >      >              >> >     user state,
> >>>>       >      >              >> >      >      > in my case once
> >>> authenticated,
> >>>>       >     the next
> >>>>       >      >             url is an
> >>>>       >      >              >html
> >>>>       >      >              >> >     page opening a
> >>>>       >      >              >> >      >      > ws link that will
> >> also get
> >>> the
> >>>>       >     logged-in
> >>>>       >      >             session
> >>>>       >      >              >cookie.
> >>>>       >      >              >> My
> >>>>       >      >              >> >      >      > application is static
> >> html
> >>>>      + js that
> >>>>       >      >             dynamically
> >>>>       >      >              >> >     configures itself
> >>>>       >      >              >> >      >      > around the returned
> >>>>      (user-context
> >>>>       >     aware)
> >>>>       >      >             JSON from
> >>>>       >      >              >the ws
> >>>>       >      >              >> >     link.
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      > Put another way the
> >>>>      application's
> >>>>       >     custom
> >>>>       >      >             ws protocol
> >>>>       >      >              >> >     handler code is
> >>>>       >      >              >> >      >      > the guy who actually
> >>>>      defines what
> >>>>       >      >             different users
> >>>>       >      >              >see...
> >>>>       >      >              >> >     that pattern
> >>>>       >      >              >> >      >      > removes the need for
> >> any
> >>> other
> >>>>       >     server-side
> >>>>       >      >              >interpreter and
> >>>>       >      >              >> >     just
> >>>>       >      >              >> >      >      > manifests itself as
> >>>>      delivering an
> >>>>       >      >             authenticated
> >>>>       >      >              >username
> >>>>       >      >              >> >     into custom
> >>>>       >      >              >> >      >      > ws protocol code you
> >> would
> >>>>      have
> >>>>       >     to write
> >>>>       >      >             anyway.
> >>>>       >      >              >Other
> >>>>       >      >              >> >      >      > presentation-related
> >> code
> >>> that
> >>>>       >     needs to
> >>>>       >      >             be aware of
> >>>>       >      >              >> >     authentication
> >>>>       >      >              >> >      >      > state (eg, show login
> >>> form, or
> >>>>       >     "logged
> >>>>       >      >             in as xxx" +
> >>>>       >      >              >logout
> >>>>       >      >              >> >     button)
> >>>>       >      >              >> >      >      > moves out of what
> >> would
> >>>>      have been
> >>>>       >     server
> >>>>       >      >             scripts and
> >>>>       >      >              >into
> >>>>       >      >              >> >     js that got
> >>>>       >      >              >> >      >      > some rewriting pixie
> >>>>      dust.  But I am
> >>>>       >      >             curious if that
> >>>>       >      >              >> >     pattern is
> >>>>       >      >              >> >      >      > enough to solve other
> >>> peoples'
> >>>>       >      >             session-related tasks,
> >>>>       >      >              >> >     perhaps with a
> >>>>       >      >              >> >      >      > little thought.
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     Still curious about
> >> opinions
> >>>>      on this
> >>>>       >     (maybe
> >>>>       >      >             it's not
> >>>>       >      >              >> >     explained clearly
> >>>>       >      >              >> >      >     enough yet).
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >     -Andy
> >>>>       >      >              >> >      >
> >>>>       >      >              >> >      >      > -Andy
> >>>>       >      >              >> >      >      >
> >>>>       >      >              >> >      >      >> On Mon, 23 May 2016
> >> at
> >>> 12:44
> >>>>       >     Andy Green
> >>>>       >      >              ><andy at warmcat.com
> >> <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>
> >>>>       >      >              >> >     <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>>>
> >>>>       >      >              >> >      >     <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >      >             <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>>>
> >>>>       >     <mailto:andy at warmcat.com <mailto:andy at warmcat.com>
> >>>>      <mailto:andy at warmcat.com <mailto:andy at warmcat.com>>
> >>>>       >      >             <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com> <mailto:andy at warmcat.com
> >>>>      <mailto:andy at warmcat.com>>>>>>
> >>>>       >      >              >wrote:
> >>>>       >      >              >> >      >      >>
> >>>>       >      >              >> >      >      >>> Hi -
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> I am partway
> >> through
> >>>>      making a
> >>>>       >     plugin
> >>>>       >      >             called
> >>>>       >      >              >> >     "generic-sessions",
> >>>>       >      >              >> >      >      >> intended
> >>>>       >      >              >> >      >      >>> to provide
> >> lightweight
> >>>>       >     persistent http
> >>>>       >      >             sessions
> >>>>       >      >              >without a
> >>>>       >      >              >> >      >      >>> server-side
> >> interpreter.
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> The overall ideas
> >> are:
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> - random 20-byte
> >> session
> >>> id
> >>>>       >     managed in
> >>>>       >      >             a cookie
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> - all information
> >>>>      related to the
> >>>>       >      >             session held at
> >>>>       >      >              >the
> >>>>       >      >              >> server,
> >>>>       >      >              >> >      >      >> nothing
> >>>>       >      >              >> >      >      >>> managed clientside
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> - sqlite3 used at
> >> the
> >>>>      server to
> >>>>       >     manage
> >>>>       >      >             active
> >>>>       >      >              >sessions
> >>>>       >      >              >> >     and users
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> - defaults to
> >> creating
> >>>>      anonymous
> >>>>       >      >             sessions with no
> >>>>       >      >              >user
> >>>>       >      >              >> >      >      >>> associated
> >>>>       >      >              >> >      >      >>>
> >>>>       >      >              >> >      >      >>> - admin account
> >> (with
> >>>>       >     user-selectable
> >>>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://libwebsockets.org/pipermail/libwebsockets/attachments/20160524/22e5c0dc/attachment-0001.html>


More information about the Libwebsockets mailing list