8 Apr
2015
8 Apr
'15
10:58 p.m.
Huh??? The last click time is just a slot in the session object. It has nothing to do with the session ID or the cookie.
On Feb 14, 2014, at 9:44 AM, peter p2.edoc@gmail.com wrote:
Given that the cookie is the product of md5-hexing the raw composite cookie data (in encode-session-string), there's no way to get the initial click (creation) time of the session (which is needed in order to ascertain whether the session has expired (session-too-old-p)).
So presumably, like the session-ID, we'll need to carry the session start time externally (outside the md5-hexed part of the cookie).
Are we thinking along the same rg?
I'm puzzled that session persistence isn't a common requirement of hunchentoot.
-peter