Skip to main content
Version: 9.2605.x.x RR

Session

You can get a session with request:getSession(boolean). For more information, see Request.

session:setAttribute(key, value)

Sets a session attribute with the given name. Depending on the Lua type of the value (string, number, bool), it is mapped to a Java-based type (String, Double or Long, Boolean). Other types cannot be mapped and will not be set.

Sample:

session:setAttribute("MyKey", "my fancy string value")

session:getAttribute(key)

Returns the session attribute with the given name. Depending on the Java-based type (String, Float, Double, Boolean, ByteArray), it is mapped to a Lua type (string, number, number, bool, string). Other types cannot be mapped and nil is returned. Returns nil if no attribute is found.

Sample:

value = session:getAttribute("MyKey")

session:removeAttribute(key)

Removes an attribute from the session.

Sample:

session:removeAttribute("MyKey")

session:setInactiveTimeout(timeout)

Sets the session inactive timeout in seconds.

Sample:

session:setInactiveTimeout(3600)

session:getInactiveTimeout()

Returns the inactive timeout of the session in seconds.

Sample:

inactiveTimeout = session:getInactiveTimeout()

session:setMaxLifetime(timeout)

Sets the maximum lifetime of the session in seconds. Only supported for the Dynamic Session Management Engine.

Sample:

session:setMaxLifetime(86400)

session:getCreationTime()

Returns the session's creation time as the number of seconds since January 1, 1970.

Sample:

creationTime = session:getCreationTime()

session:getTimeToLive()

Returns the remaining time before the session expires, in seconds.

Sample:

timeToLive = session:getTimeToLive()

session:getMaxLifetime()

Returns the session's total lifetime in seconds, computed as the difference between the expiration time and the creation time.

Sample:

maxLifetime = session:getMaxLifetime()

session:invalidate()

Invalidates the session.

Sample:

session:invalidate()

session:renegotiate()

Renegotiates the current session. Either a new TLS ID or a new cookie ID will be generated.

Sample:

session:renegotiate()

session:iterateAttributes()

Iterates over all session attributes.

Sample:

for n, v in session:iterateAttributes() do
resp:setHeader(n, v)
end

session:getId()

Returns the session's ID.

Sample:

sessionId = session:getId()

session:getLastTimeStamp()

Returns the timestamp when the session was last accessed, in epoch seconds (seconds since 1970-01-01 00:00:00 UTC).

Sample:

timeStamp = session:getLastTimeStamp()

session:getSecondsUntilTimeout()

Returns the number of seconds until the session expires, taking into account both the maximum timeout and the inactive interval. Unlike session:getTimeToLive(), this method considers the inactive timeout.

Sample:

secondsUntilTimeout = session:getSecondsUntilTimeout()