Web Connection
UserActivity - How to link "Session" and "RequestLog" tables
Gravatar is a globally recognized avatar based on your email address. UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  All
  Mar 15, 2018 @ 08:10am

Hello,

Just want to track user activity writing the session id on the requestlog data record could be a solution. But I found not way to do it with the REQUEST Object ?

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Rick Strahl
  Marcel DESMET
  Mar 15, 2018 @ 02:15pm

The method that handles non-error loggin is wwServer::LogRequest and you can override that in your server implementation to potentially capture additional data to log out although I'm not sure offhand how you'd gain access to the active Session object. You have access to this.oRequest but not the active Process because that's actually gone by the time the logging happens. You'd have to store the SessionId somewhere to pick up during logging. Maybe add a property explicitly to the request object where ever the session gets initially set:

Something like this perhaps:

*** in your Process class
FUNCTION OnProcessInit()

THIS.InitSession()
this.oRequest.AddProperty("cSessionId",this.oSession.cSessionId)

...

ENDFUNC

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  Rick Strahl
  Mar 15, 2018 @ 02:53pm

Thank you, yes I see the process is trigger by a timer. If you are not sure it works there is maybe a way to get the reqid of the requestlog table as a property of the REQUEST object to write directly the sessionid in the requestlog table from the PROCESS object ?

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Rick Strahl
  Marcel DESMET
  Mar 15, 2018 @ 03:17pm

wwRequest::GetRequestId()?

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  Rick Strahl
  Mar 15, 2018 @ 03:34pm

Sounds appropriate ... Tks

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  Marcel DESMET
  Mar 16, 2018 @ 02:45pm

Here is how I finaly implement it

THIS.LogActivity(REQUEST.GetRequestId(),THIS.oSession.cSessionId,THIS.cPage,THIS.cAuthenticatedUserId)

But I see a strange behavior, why is the session Id changed when user logout ? I stay on the same browser just login / logout as you see here

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  Rick Strahl
  Mar 20, 2018 @ 03:25am

Hello, it seems the session expires in the Authenticate logout when THIS.cAuthenticationMode == "UserSecurity"

Is it ok to subclass and remove the session expires in "UserSecurity" mode ?

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Rick Strahl
  Marcel DESMET
  Mar 20, 2018 @ 04:12pm

You can set the expiry value really high to cause the session not to expire. It's a simple matter of subclassing and resetting the expiration default value.

You're meant to subclass wwUserSecurity for custom implementations and then specify the wwProcess::cAuthenticationUserSecurityClass in your Process class.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  Rick Strahl
  Mar 20, 2018 @ 05:01pm

Sorry but I am not sure you see the previous message about the logout who's kill the previous sessionid so we lose the trace of this user activity after logout

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Rick Strahl
  Marcel DESMET
  Mar 20, 2018 @ 09:29pm

Well, if you explicitly log out you should by all means disconnect from the session. What else does Logout mean otherwise? The whole point of a Session is to track a user through a session, which is what ends when you log out.

But as you mention you can certainly accomplish this by simply marking the session as expired (ie. set the expiry date in the past) rather than clearing the session cookie as is the default (and expected) behavior.

+++ Rick ---

Gravatar is a globally recognized avatar based on your email address. re: UserActivity - How to link "Session" and "RequestLog" tables
  Marcel DESMET
  Rick Strahl
  Mar 28, 2018 @ 04:10pm

Hello, this reply is only to "think about"

The problem is if we close the session when the user log out we lose the contact with users "preferences". In your fox webshop the shoppingcard is lost .. With the user activity table the user logout is done on the server side not on the client side.

IF UPPER(lcValidUserName) == "LOGOUT" .AND. THIS.cAuthenticationMode == "UserSecurity"

    THIS.lEnableSessionState = .T. && ensure that session exists
    SESSION.SetSessionVar(THIS.cAuthenticationUserSecurityKey,"")
    SESSION.SetSessionVar(THIS.cAuthenticationUserSecurityKey + "Name","")
    
    *** Don't expire cookie
    *-* THIS.oResponse.AddCookie(THIS.cSessionKey,"","/",MimeDateTime(DATE()-1))
    *-* THIS.oResponse.AppendHeader("Authorization","")
    RETURN .T.

ELSE

    RETURN DODEFAULT(lcValidUserName,@rcErrorMessage,llNoForcedLogin)

ENDIF
© 1996-2024