Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

Use cookies without sessions

I want to use both the session service and the cookie service but I don't want cookies to create sessions, it seems this is a default in Phalcon 2.0.0 (which I am using).

I've looked into the code of cookie.zep and it seems the cookie data is saved into a session when sent. Why is that?

Is there an easy way to disable it or if not would it be okay if I implement an option to disable this behavior and open a pull request?



81.7k

Without store the value in session there's no way to restore the original settings used to set the cookie also if you want to delete it Phalcon will not have the original settings that are necessary to delete the cookie.

I find it useful if I use a cookie with no domain, path, secureOnly or httponly field to not have it create a session, because I can easily delete it later.

It's probably a better idea to have something similar to modelsMetadata, like cookiesMetadata.

Most of the time when you use cookies the special fields that need keeping (the 4 I mentioned) are identical for different users. Phalcon could have a cookiesMetadata service that default to the session, but that can also be extended to give information per cookie name.

This this sound like a good solution?



81.7k
Accepted
answer

That would be a good idea

I find it useful if I use a cookie with no domain, path, secureOnly or httponly field to not have it create a session, because I can easily delete it later.

It's probably a better idea to have something similar to modelsMetadata, like cookiesMetadata.

Most of the time when you use cookies the special fields that need keeping (the 4 I mentioned) are identical for different users. Phalcon could have a cookiesMetadata service that default to the session, but that can also be extended to give information per cookie name.

This this sound like a good solution?

I can do it if you have other things you need to work on (probably yes). I just need a yes to go.

That would be a good idea

I find it useful if I use a cookie with no domain, path, secureOnly or httponly field to not have it create a session, because I can easily delete it later.

It's probably a better idea to have something similar to modelsMetadata, like cookiesMetadata.

Most of the time when you use cookies the special fields that need keeping (the 4 I mentioned) are identical for different users. Phalcon could have a cookiesMetadata service that default to the session, but that can also be extended to give information per cookie name.

This this sound like a good solution?



81.7k

Sure, what other adapters you plan to implement?

I was just thinking of implementing just the sessions adapter and make a way to set custom properties per name (as in addCustomDefinition). I could also implement a cookie adapter, using a second cookie for the definition with just a slightly bigger expire time. This might sound strange, but if you don't want to use storage for sessions everytime you set cookie it could be useful.

Sure, what other adapters you plan to implement?



60
edited Mar '16

@Adrian: what happend with this feature? I don't want to store cookie data to session to. Especcially I don't want to create a session for every user.