Forum: NGINX Memcached Question - Authenticated Users?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Neil S. (Guest)
on 2009-02-27 01:39
(Received via mailing list)
Hello,

I'm looking at enabling the memcache module.  One question - for any
member who has logged in to my site, I don't want to serve a cached
copy of the page.  It's fine for anonymous users, however.  Is this
possible?  If I store a login cookie on the client, would that work?

Thanks!
Nick P. (Guest)
on 2009-02-27 01:59
(Received via mailing list)
I've not used the memcache module, but in general, what you are asking
should be possible using the following:

  location / {
    set $logged_in "no";
    if ($http_cookie ~* "logged_in=yes") {
      set $logged_in "yes";
    }
    if ($logged_in = "yes") {
      proxy_pass  http://app_server;
      break;
    }
    # otherwise, serve a cached page here
  }

I have tested something similar to this, but not this exact config.
Also,
note that this would be easy to spoof.  (My $logged_in variable and the
cookie that sets it are used only to decide whether to serve a cached
page
-- not to determine whether a user is actually logged in.)

Also note that my cookie check is simplified for the purpose of
simplicity.
If you need to read a cookie, see the example in the "if" documentation
here: http://wiki.codemongers.com/NginxHttpRewriteModule#if
Neil S. (Guest)
on 2009-02-27 03:41
(Received via mailing list)
Thanks, I'll look at that -

And yes, I wouldn't be using the cookie to actually determine
logged-in state, it's only for the purpose of determining whether or
not it's ok to serve cached content. . .
This topic is locked and can not be replied to.