Session Id management

I am developing a caddy plugin to validate the user and then serve the requested url. How can I set/retrieve session variable in the caddy plugin?

1 Like

I believe most session systems work by setting a cookie with a session ID and/or some sort of authenticated token and then the server stores the state mapping the token or ID to the user. Of course the usual security caveats apply. But you have direct access to the response writer and the request, so you should be able to implement it any way you want.

The problem with the cookie is that it is bound to the request domain. The validation domain is different than the original domain requested. So, when I validate the user for the requested domain, and then redirect back to the original domain, the cookie is not available in the original domain. However, with the session, I could identify the user regardless of the domain.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.