By Loïc d'Anterroches, xhtml.net, 18th of February, 2011
How are the sessions managed within Photon.
So, to have good session management, one need a flexible way to know in which session the current client request is.
The flow is basically, the following:
If at step 3, no session data are found, the server can create a new empty session or consider no session at all.
The role of a session is to store a minimal amount of transient information related to the client. The purpose is not to store long term data, for example, the session information could be fully stored in cookies or in volatile memory. The only effect of loosing session data should not be worse than logging out the user if logged in, losing possible A/B testing information or other related minor stuff.
Photon has two storages for the session data by default with both of them using a cookie to store the session id once defined.
All the data are stored in signed cookies. The system is smart enough to limit the data transfer and avoid sending too many cookies.
The data is stored in an in process storage, this means that you can have only one Photon process running for the session system to work at the moment as the data are not synchronized between the processes. This could be added in the future, but it is most likely better to just put the data in MongoDB or Memcached if you really need something like that.