Welcome, Guest
Username: Password: Remember me

TOPIC: LSRC2: Session Key Validity

LSRC2: Session Key Validity 11 months 2 weeks ago #99885

  • Anurag
  • Anurag's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 23
  • Karma: 0
While calling any method from the RemoteControl 2 API, a session key is required. get_session_key method returns such a key, given appropriate Limesurvey credentials are passed.

My question is -- for how long is this session key valid? Is it safe to store the retrieved session key in a static variable (in, say, an ASP.NET app) for the life of the application/website? If not, what's the recommended usage of session keys, and how frequently should be they retrieved again?
The administrator has disabled public write access.

LSRC2: Session Key Validity 11 months 2 weeks ago #99889

  • kobaltz
  • kobaltz's Avatar
  • OFFLINE
  • Junior Lime
  • Posts: 24
  • Thank you received: 4
  • Karma: 1
I had a similar issue on my Ruby on Rails application.

Initially, I created the session key at the beginning of the web application start. Whenever the web application was restarted, it would naturally generate a new session key.

However, I found that anywhere between 12 and 24 hours, the session key would expire and no longer pull from the RC2 API.

My work around for this was a blend of self caching and expiring of the session key. I made a application helper method called lime_survey_session_key. Whenever I called the LimeSurvey API, I would reference this helper method as my Session Key. I let Ruby on Rails handle the expiration of the session key. So, whenever the lime_survey_session_key is called, it will first try to pull from the linux memcache. If Ruby on Rails sees that the cache was stale (meaning greater than 2 hours), it would reset the cache and generate a new session key. This way, I'm not calling the session key api every request to LimeSurvey. All in all, this method works great for me since the amount of memory required to store a session key on the server side is extremely small.

helper_method :lime_survey_session_key

def lime_survey_session_key
Rails.cache.fetch('lime_survey_session_key', expires_in: 2.hours) { LIMESURVEY_API.get_session_key(LIMESURVEY_USERNAME,LIMESURVEY_PASSWORD) }
end
The administrator has disabled public write access.
Moderators: ITEd
Time to create page: 0.103 seconds
Donation Image