TsgcWebSocketHTTPServer › Events › OnInvalidSession
Fires when an HTTP request presents an unknown or expired session ID so the application can decide how to react.
public event TIdHTTPInvalidSessionEventHandler OnInvalidSession;
// delegate void TIdHTTPInvalidSessionEventHandler(TIdContext AContext, TIdHTTPRequestInfo ARequestInfo, TIdHTTPResponseInfo AResponseInfo, out bool VContinueProcessing, string AInvalidSessionID)—
OnInvalidSession is raised when an incoming HTTP request carries a session cookie whose identifier is not present in SessionList (the session expired or was never created on this server). AInvalidSessionID is the rejected identifier and VContinueProcessing lets the handler decide what happens next: leave it True to keep dispatching the request (useful to serve a redirect to a login page from OnCommandGet) or set it to False to stop the pipeline here; in that case the application should populate AResponseInfo before returning. The event only fires when SessionState is True.
void OnInvalidSession(TIdContext AContext, TIdHTTPRequestInfo ARequestInfo,
TIdHTTPResponseInfo AResponseInfo, ref bool VContinueProcessing,
string AInvalidSessionID)
{
AResponseInfo.Redirect("/login");
VContinueProcessing = false;
}