Sessions¶

The httpkom connection id is the unique identifier that a httpkom client uses to identify which LysKOM connection that it owns. Since httpkom can be configured to allow connections to several different LysKOM servers, the connection id refers to a specific session on a specific LysKOM server.

The session number is what the LysKOM server uses to identify an open connection.

There is a 1-to-1 relation between httpkom connection ids and LysKOM session numbers. The important difference between the session number and the connection id, is that the session number is not secret. Httpkom uses a separate connection identifier, the httpkom connection id (a random UUID), to make it close to impossible to intentionally take over another httpkom client’s LysKOM connection.

The httpkom connection id is specified as a HTTP header:

Httpkom-Connection: <uuid>

To open a new connection, make a request like this:

POST /<server_id>/sessions/
Content-Type: application/json

{ "client": { "name": "jskom", "version": "0.6" } }

The response will look like this:

HTTP/1.0 201 Created
Content-Type: application/json
Httpkom-Connection: <uuid>

{ "session_no": 123456 }

This is the only response that will contain the Httpkom-Connection. The request must not contain any Httpkom-Connnection header. If the request contains a Httpkom-Connection header, the request will fail and the response will be:

HTTP/1.0 409 Conflict

Subsequent request to that server should contain the returned Httpkom-Connection header. For example, a login request will look like this:

POST /<server_id>/sessions/login
Content-Type: application/json
Httpkom-Connection: <uuid>

{ "pers_no": 14506, "passwd": "test123" }

and the response:

HTTP/1.0 201 Created
Content-Type: application/json

{ "pers_no": 14506, "pers_name": "Oskars Testperson" }

If a resource requires a logged in session and the request contains a valid Httpkom-Connection header which is not logged in, the response will be:

HTTP/1.0 401 Unauthorized

If the Httpkom-Connection is missing, or if the connection id specified by the Httpkom-Connection header is invalid (for example if the connection was to another server than <server_id>, or if there is no connection with that id), the response will be:

HTTP/1.0 403 Forbidden

When you get a 403 response, the used Httpkom-Connection should be considered invalid and should not be used again. If the Httpkom-Connection specifies a working connection, but to another server than <server_id>, httpkom might close the connection before returning 403.

It is up to the client to keep track of opened connection and to use them with the correct <server_id>. The /<server_id> prefix to all resources could be seen as redundant, since the Httpkom-Connection also specifies the server, but it makes the API resources consistent. Also, the resources on different LysKOM servers has nothing to do with each other, so it is a good idea from “REST” perspective to have them different resources (i.e. different /<server_id> prefixes).

httpkom.sessions.requires_login(f)¶: View function decorator. Check if the request points out a logged in LysKOM session. If the session is not logged in, return status code 401.

httpkom.sessions.requires_session(f)¶: View function decorator. Check if the request has a Httpkom-Connection header that points out a valid LysKOM session. If the header is missing, or if there is no session for the id, return an empty response with status code 403.

httpkom.sessions.sessions_change_working_conference()¶

Change current working conference of the current session.

Request

POST /<server_id>/sessions/current/working-conference HTTP/1.1
Httpkom-Connection: <id>

{
  "conf_no": 14506,
}

Responses

HTTP/1.1 204 No Content

Example

curl -v -H "Httpkom-Connection: 033556ee-3e52-423f-9c9a-d85aed7688a1" \
     -X POST -H "Content-Type: application/json" \
     -d '{ "conf_no": 14506 }' \
     "http://localhost:5001/lyskom/sessions/current/working-conference"

httpkom.sessions.sessions_create()¶

Create a new session (a connection to the LysKOM server).

Note: The response body also contains the connection_id (in addition to the response header) to around problems with buggy CORS implementations[1] in combination with certain javascript libraries (AngularJS).

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=608735

Request

POST /<server_id>/sessions/ HTTP/1.1

{
  "client": { "name": "jskom", "version": "0.2" }
}

Responses

Successful connect:

HTTP/1.0 201 Created
Httpkom-Connection: 033556ee-3e52-423f-9c9a-d85aed7688a1

{
  "session_no": 12345,
  "connection_id": "033556ee-3e52-423f-9c9a-d85aed7688a1"
}

If the request contains a Httpkom-Connection header:

HTTP/1.0 409 CONFLICT

httpkom.sessions.sessions_current_active()¶

Tell the LysKOM server that the current user is active.

POST /<server_id>/sessions/current/active HTTP/1.1

httpkom.sessions.sessions_delete(session_no)¶

Delete a session (disconnect from the LysKOM server).

Parameters: session_no (int) – Session number

If the request disconnects the current session, the used Httpkom-Connection id is no longer valid.

Note (from the protocol A spec): “Session number zero is always interpreted as the session making the call, so the easiest way to disconnect the current session is to disconnect session zero.”

Request

DELETE /<server_id>/sessions/12345 HTTP/1.1
Httpkom-Connection: <id>

Responses

Success:

HTTP/1.1 204 No Content

Session does not exist:

HTTP/1.1 404 Not Found

Example

curl -v -H "Httpkom-Connection: 033556ee-3e52-423f-9c9a-d85aed7688a1" \
     -X DELETE "http://localhost:5001/lyskom/sessions/abc123"

httpkom.sessions.sessions_login()¶

Log in using the current session.

Note: If the login is successful, the matched full name will be returned in the response.

Request

POST /<server_id>/sessions/current/login HTTP/1.1
Httpkom-Connection: <id>

{
  "pers_no": 14506,
  "passwd": "test123"
}

Responses

Successful login:

HTTP/1.0 201 Created

{
  "pers_no": 14506,
  "pers_name": "Oskars testperson"
}

Failed login:

HTTP/1.1 401 Unauthorized

Example

curl -v -X POST -H "Content-Type: application/json" \
     -H "Httpkom-Connection: 033556ee-3e52-423f-9c9a-d85aed7688a1" \
     -d '{ "pers_no": 14506, "passwd": "test123" }' \
      "http://localhost:5001/lyskom/sessions/current/login"

httpkom.sessions.sessions_logout()¶

Log out in the current session.

Request

POST /<server_id>/sessions/current/logout HTTP/1.1
Httpkom-Connection: <id>

Responses

Successful logout:

HTTP/1.0 204 NO CONTENT

Example

curl -v -H "Httpkom-Connection: 033556ee-3e52-423f-9c9a-d85aed7688a1" \
     -X POST "http://localhost:5001/lyskom/sessions/current/logout"

httpkom.sessions.sessions_who_am_i()¶: TODO

httpkom.sessions.with_connection_id(f)¶: View function decorator. Get the connection id from the request and assign it to ‘g.connection_id’.

Sessions¶

Previous topic

Next topic

This Page