on the frontend, I send some form data via an ajax request to a route.
In the route, I set some session data with session->set([]) after the form validation succeeded and then return a success response.
This works fine as long as I’m not logged in to the panel.
But if I login to the panel in another browser-tab, while the form page is still open, and then switch back to the form page, send the form data, I get back an error from the route, saying that the session is currently readonly, because it was accessed via an old token, which kinda makes sense.
But if that’s the case, how can I determine in the route, if the token has changed and then use session->set([]) on the new session without logging out the panel user- or destroying the session completely first and then require the user to reload the form page?
Some of the people of the team I’m working with, are panel users.
They need to test the frontend form intensively, head back and forth and check the submitted data in the panel, before the form offically goes online for visitors.
So yes, it’s a real use case, but also some kind of a luxury problem.
I’ll check out, how to work with a new session instance.
Right now it’s still a bit confusing to me, since there’s a new session and a new sessions, and I need a new sessions instance first ( where I can also set a cookie name!?), in order to set up a new session and then I’m not sure how set and get only the data from the new session, but not from the already existing kirby session and so on… I’ll see how far I can get
Thanks as always Sonja!
PS: Where would You suggest, does it make sense to handle all that session stuff?
In a custom page method or page model so I can keep my route a bit cleaner?
