Validating SessionID with method ?
devbobo
Registered Users, Retired Mod Posts: 4,339 SmugMug Employee
Hey Don,
I am trying to do some cleanup work around SessionID reuse. At moment, I just try to use the previous SessionID (if the user hasn't logged out)...if the SessionID has timed out obviously, I need to either get the user to log in or use the password hash if I have it stored.
My question is, would it be possible to provide a method that can valid whether a SessionID for a particular user is valid ? To save having to put additional error handling in other method calls, and more importantly to prevent making multiple calls which will all fail if the SessionID has timed out.
Cheers,
David
I am trying to do some cleanup work around SessionID reuse. At moment, I just try to use the previous SessionID (if the user hasn't logged out)...if the SessionID has timed out obviously, I need to either get the user to log in or use the password hash if I have it stored.
My question is, would it be possible to provide a method that can valid whether a SessionID for a particular user is valid ? To save having to put additional error handling in other method calls, and more importantly to prevent making multiple calls which will all fail if the SessionID has timed out.
Cheers,
David
0
Comments
You should be able to use one of the lighter calls and if it returns an error you will know. For example, you could use smugmug.users.getType (or the older smugmug.accounts.getType) and it should return error code 4 (Invalid user) for a stale SessionID.
However, there appears to be a bug (at least with REST calls) where stale SessionIDs incorrectly return error code 18 (invalid API key). I made mention of this last week in a post for smugmug.users.getTree. It appears that it shows up in other calls as well.
http://www.dgrin.com/showthread.php?p=107964#post107964
-J