modify\change time update on session read

Question

modify\change time update on session read

ph0en opened this issue 7 years ago · 0 comments

I have filesystem storage.
Config:

session_opts = {
    'session.type': 'file',
    'session.cookie_expires': 1800,
    'session.timeout': 1800,
    'session.data_dir': './data',
    'session.auto': True,
    'session.key': 'PHPSESSIONID',
    #    'session.httponly': True,
    #    'session.secure': True
}

every time I read values from session like this

session = bottle.request.environ.get('beaker.session')
if 'authorized' in session and 'login' in session:
    if login == session['login'] and session['authorized'] == 1:

I have modify\change time changed on session file
Thus it is impossible to remove old session files using this doc https://beaker.readthedocs.io/en/latest/sessions.html?highlight=modify%20time#removing-expired-old-sessions
Have to check _creation_time and delete session manualy
if (time() - session_opts['session.timeout']) > session['_creation_time']: session.delete()