Is there a way to fetch the session ID of the user making the API action, I wanted to log it in the logs so as to have a trace of all actions performed by the user in that particular session.
The $_SESSION only provides securityId and session_authorized, and not the session ID sess:*
What server model are you using?
You can access the currently logged in users id with a security.identify step. Will that not suffice?
Hi @Hyperbytes,
No, it wouldn’t, We wouldn’t be able to distinguish which user performed the actions from the various machines he was logged in with at any given moment.
Imagine a situation where a session was hijacked, we would need a track of events that were performed by the use of that user id using that specific session, basically to have a trace of events session wise
You can get it via middleware @Roney_Dsilva
I used that method to build a session display/revoke extension.
exports.handler= function(app) {
app.use((req, res, next) => {
console.log('session id is: ' + req.session.id);
next();
});
};
Or inside server connect:
$_SESSION.id
. Thanks a ton