Authentication flow - AuthTools Notes
Comments please. If you can't bring yourself to read it, that's a problem too, which means that I haven't made reading it delightful enough.
Moderator: General Moderators
Arguing strongly for it?The part I am suspicious of is the sub-session -- mainly because of you argue a little to strongly for it. My sense is that you have talked yourself into that design, but probably only multiple sessions are needed -- if that.
Thanks.Seems very well written, I'll read the entire thing when I have more time.
Sounds more like you could have a SessionManager (or more specific: SessionStatusManager) that took care of just that. Probably just renaming them (from Session/Subsession to SessionManager/Session) might make sense if that is what they are. The problem with the name sub-session is that it sounds like component/composite thing when you clearly state that it is not.Ambush Commander wrote:Actually, multiple sessions where the original plan, but I realized that each of these would then have it's own authentication status, and it made more sense to delegate that to one session.
The trouble with that is that SessionManager is still a session in its own right, so that name is misleading too.Probably just renaming them (from Session/Subsession to SessionManager/Session) might make sense if that is what they are.
It is a component thing. It's not a composite thing.The problem with the name sub-session is that it sounds like component/composite thing when you clearly state that it is not.