xevion/banner
1
0
Fork 0
mirror of https://github.com/Xevion/banner.git synced 2025-12-09 16:06:32 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
c850acffcd2cda17e87230fe6444d1d523795c14
banner/docs/Sessions.md

1.6 KiB
Raw Blame History

Sessions

All notes on the internal workings of Sessions in the Banner system.

  • Sessions are generated on demand with a random string of characters.
  • Sessions are invalidated after 30 minutes, but may change.
    • This delay can be found in the original HTML returned, find meta[name="maxInactiveInterval"] and read the content attribute.
    • This is read at runtime by the javascript on initialization.
  • Multiple timers exist, one is for the Inactivity Timer.
    • A dialog will appear asking the user to continue their session.
    • If they click the button, the session will be extended via the keepAliveURL (see meta[name="keepAliveURL"]).
    • The keepAliveURL does not seem to care whether the session is or was ever valid, it will always return a 200 OK with I am Alive as the content.
  • When searching with an invalid session (or none at all, as the case may be), the server will return 200 OK, but with an empty result response structure. 
    • {
    "success": true,
    "totalCount": 0,
    "data": null,    // always an array, even if empty
    "pageOffset": 0,                  //
    "pageMaxSize": 10,
    "sectionsFetchedCount": 0,
    "pathMode": "registration",   // normally "search"
    "searchResultsConfigs": null,  // normally an array
    "ztcEncodedImage": null  // normally a static string in base64
}

    
  - This is only the handling for the search endpoint, more research is required to see how other endpoints handle invalid/expired sessions.
  - TODO: How is `pathMode` affected by an expired session, rather than an invalid/non-existent one?
Reference in New Issue View Git Blame Copy Permalink