Session object methods
You can get a session with the request object method *request:getSession".
Method | Description | Sample |
---|---|---|
session:setAttribute(key, value) | Sets a session attribute with the given name. Depending on the Lua type of the attribute (string, number, bool) it will be mapped to a Java-based type (String, Double or Long, Boolean, respectively). Other types cannot be mapped and will not be set. | session:setAttribute("MyKey", "my fancy string value") |
session:getAttribute(key) | Returns the session attribute with the given name. Depending on the Java-based type of the attribute (String, Float, Double, Boolean, ByteArray) it will be mapped to a Lua type (string, number, number, bool, string, respectively). Other types cannot be mapped and nil will be returned. If there was no attribute found then also nil will be returned. | value = session:getAttribute("MyKey") |
session:removeAttribute(key) | Remove an attribute from session. | session:removeAttribute("MyKey") |
session:setInactiveTimeout(timeout) | Set session inactive timeout. | session:setInactiveTimeout(3600) |
session:getInactiveTimeout() | Returns inactive timeout of the session. | inactiveTimeout = session:getInactiveTimeout() |
session:setMaxLifetime(timeout) | Sets the maximum lifetime (seconds) of the session. This feature is only supported for the Dynamic Session Management Engine. | session:setMaxLifetime(86400) |
session:getCreationTime() | Returns the session's creation time, expressed as the number of seconds since January 1, 1970. | creationTime = session:getCreationTime() |
session:getTimeToLive() | Returns the remaining time before the session expires, in seconds. | timeToLive = session:getTimeToLive() |
session:getMaxLifetime() | Returns the session's total life time, in seconds. It is computed as the difference between the expiration time and the creation time. | maxLifetime = session:getMaxLifetime() |
session:invalidate() | Invalidate a session. | session:invalidate() |
session:renegotiate() | Renegotiate the current session. In the end, either a new TLS ID or a new cookie ID will be generated. | session:renegotiate() |
session:renegotiateSSL() | Renegotiate the current TLS session. It removes the current TLS entry, closes the Keep-Alive connection, and starts an TLS handshake. In the end, a new TLS session ID will be generated. | session:renegotiateSSL() |
session:iterateAttributes() | Iterate over all session attributes. | for n, v in session:iterateAttributes() do resp:setHeader(n, v) end |
session:getId() | Returns the session's id | sessionId = session:getId() |
session:getLastTimeStamp() | Returns the timestamp when the session was accessed for the last time, in epoch time (that is, the number of seconds since 1.1.1970 00:00:00 UTC) | timeStamp = session:getLastTimeStamp() |
session:getSecondsUntilTimeout() | Returns the number of seconds until the session expires. This method takes into consideration the maximum timeout and the inactive interval (as opposed to the method session:getTimeToLive, which ignores the inactive timeout). | secondsUntilTimeout = session:getSecondsUntilTimeout() |