LSRC2: Session Key Validity

5 years 1 month ago #99885 by Anurag01
Anurag01 created the topic: LSRC2: Session Key Validity
While calling any method from the RemoteControl 2 API, a session key is required. get_session_key method returns such a key, given appropriate Limesurvey credentials are passed.

My question is -- for how long is this session key valid? Is it safe to store the retrieved session key in a static variable (in, say, an ASP.NET app) for the life of the application/website? If not, what's the recommended usage of session keys, and how frequently should be they retrieved again?

Please Log in or Create an account to join the conversation.

5 years 1 month ago #99889 by kobaltz
kobaltz replied the topic: LSRC2: Session Key Validity
I had a similar issue on my Ruby on Rails application.

Initially, I created the session key at the beginning of the web application start. Whenever the web application was restarted, it would naturally generate a new session key.

However, I found that anywhere between 12 and 24 hours, the session key would expire and no longer pull from the RC2 API.

My work around for this was a blend of self caching and expiring of the session key. I made a application helper method called lime_survey_session_key. Whenever I called the LimeSurvey API, I would reference this helper method as my Session Key. I let Ruby on Rails handle the expiration of the session key. So, whenever the lime_survey_session_key is called, it will first try to pull from the linux memcache. If Ruby on Rails sees that the cache was stale (meaning greater than 2 hours), it would reset the cache and generate a new session key. This way, I'm not calling the session key api every request to LimeSurvey. All in all, this method works great for me since the amount of memory required to store a session key on the server side is extremely small.

helper_method :lime_survey_session_key

def lime_survey_session_key
Rails.cache.fetch('lime_survey_session_key', expires_in: 2.hours) { LIMESURVEY_API.get_session_key(LIMESURVEY_USERNAME,LIMESURVEY_PASSWORD) }

Please Log in or Create an account to join the conversation.

Start now!

Just create your account and start using Limesurvey today.

Register now
Join our Newsletter!