Module <cweb/session.h> — in-memory sessions

Simple in-process session store (hash chain via Session.next). For production often replaced by external stores; sufficient for demos and single-node operation.

Constants

• SESSION_ID_LEN — length of session ID string.
• MAX_SESSION_DATA — maximum key/value pairs per session.
• SESSION_LIFETIME — default lifetime in seconds (30 minutes).

Types

• SessionData: key, value (strings).
• Session: id, expires, array data[], data_count, chain next.

Store lifecycle

void session_store_init(void)

• Purpose: Initializes internal structures (mutex/tables per implementation).
• Usage: Once at startup, before first get_or_create_session.

void session_store_destroy(void)

• Purpose: Frees all sessions and store resources (e.g. on shutdown).
• Notes: Among others called from cweb_cleanup_server.

Session operations

Session *get_or_create_session(const char *session_id)

• Purpose: Returns existing session or creates new one (cookie ID may be empty/NULL per implementation — then new ID).
• Parameters: session_id — ID from cookie or equivalent.
• Return: Pointer to valid Session; do not free manually (lifetime managed by store).

const char *get_session_value(Session *s, const char *key)

• Purpose: Reads a stored value.
• Parameters: s — session; key — key.
• Return: value or NULL; pointer valid until entry overwritten/removed.

void set_session_value(Session *s, const char *key, const char *value)

• Purpose: Stores or updates a key/value pair in the session.
• Parameters: strings must remain valid for storage duration or be copied internally (implementation detail — keep copies of external dynamic strings if needed).

See also

• routing.md — requires_session on routes
• http.md — Request.session, cookie fields