ESC
Type to search...
S
Soli Docs

Session Functions

Server-side session management for user state.

Basic Operations

session_get(key)

Get a value from the session.

Parameters

key : String - The session key

Returns

Any? - The stored value or null if not found 
let user_id = session_get("user_id")
let cart = session_get("shopping_cart") ?? []
session_set(key, value)

Store a value in the session.

Parameters

key : String - The session key
value : Any - The value to store (must be JSON-serializable)
session_set("user_id", 123)
session_set("preferences", { "theme": "dark", "lang": "en" })
session_delete(key)

Remove a value from the session.

session_delete("user_id")
session_delete("temporary_data")
session_has(key)

Check if a key exists in the session.

Returns

Bool - true if the key exists 
if session_has("user_id") {
    # User is logged in
}

Session Management

session_destroy()

Destroy the entire session. Removes all data and invalidates the session ID.

# Logout
session_destroy()
session_regenerate()

Generate a new session ID while preserving data. Important: Call this after login to prevent session fixation attacks.

# After successful login
session_set("user_id", user["id"])
session_regenerate()  # Security: generate new session ID
session_id()

Get the current session ID.

Returns

String - The session identifier

Common Patterns

Authentication Flow

# Login
def login(email: String, password: String) -> Bool
    let user = User.find_by_email(email)
    if !user || !argon2_verify(password, user["password_hash"]) {
        return false
    }

    session_set("user_id", user["id"])
    session_regenerate()  # Prevent session fixation
    true
end

# Check authentication
def current_user -> Hash?
    let user_id = session_get("user_id")
    if !user_id {
        return null
    }
    User.find(user_id)
end

# Logout
def logout
    session_destroy()
end

Flash Messages

# Set a flash message
def flash(type: String, message: String)
    let flashes = session_get("_flashes") ?? []
    push(flashes, { "type": type, "message": message })
    session_set("_flashes", flashes)
end

# Get and clear flash messages
def get_flashes -> Array
    let flashes = session_get("_flashes") ?? []
    session_delete("_flashes")
    flashes
end

# Usage
flash("success", "Account created!")
flash("error", "Invalid email address")
Validation Functions Testing Functions