Igor Chudov wrote:
Guys, I completely love this discussion about cookies. You have really
enlightened me.
I think that letting users store cookie info in a manner that is secure
(involves both encryption and some form of authentication), instead of
storing them in a table, could possibly result in a very substantial
reduction of database use.
Alternatively store the information in a two level cache!
memcached/database - with
write through - then most of the time you get the data from memcached -
you can do
the same with the images...
write entry: -> write data to memcached ; write data to sql cache
read entry: -> read data from memcached and return OR
read data from sql cache and write to memcached
and return
Should avoid most database reads! works well for the images you create
to minimize
database accesses
The cookie is
1) Encrypted string that I want and
2) MD5 of that string with a secret code appended that the users do not
know, which serves as a form of signing
That should work. I will not change it now, but will do if I get 2x more
traffic.
That way I would need zero hits to the database to handle my users sessions.
(I only retrieve account information when necessary)
As far as I remember now, I do not store much more information in a session
beyond username. (I hope that I am not wrong). So it should be easy.
Even now, I make sure that I reset the cookie table only every several
months. This way I would let users stay logged on forever.
Thanks a lot.
Igor
--
The Wellcome Trust Sanger Institute is operated by Genome Research
Limited, a charity registered in England with number 1021457 and a
company registered in England with number 2742969, whose registered
office is 215 Euston Road, London, NW1 2BE.
