Nginx set session-cookie before upstreams are hit

Question

We have a nginx-reverse-proxy/cache and multiple backend-servers.

My current problem with our setup is that if a user hits a cached site he / she does not get a session-cookie set, as the backend is not hit. This is clearly the expected behavior.

In our case, however, I want the reverse-proxy to send a session-cookie with the cached response even before any of the backend-servers are hit.

I know I can use

 add_header Set-Cookie

for this but how can I

make sure the cookie is only set once?
generate a cookie in the form of a uuid which is not hardcoded?

I can't understand how do you have anything in cache. Nginx docs says, that pages with `Set-Cookie` header are not cached. — Alexey Ten, Oct 12 '16 at 17:15
you can actually strip cookies from the request to make it cacheable — gries, Oct 13 '16 at 07:08

score 0 · Answer 1 · answered Oct 12 '16 at 14:38

0

You could try to replicate the session cookie generating logic of your application software with nginx lua language.

However, a better way to implement this would be to use a JavaScript on your page that calls an URL in your page where it gets a session cookie.

answered Oct 12 '16 at 14:38

Tero Kilkanen

34,499
3
38
58

The javascript approach is actually a bit problematic as this is what is causing the troubles. Say you have 4 ajax requests in parallel that are alle generating different sessions due to the fact that they start before the first request finishes. Also I can't delay all the page-loading to wait for that javascript to finish due to loading-times. – gries Oct 12 '16 at 14:40

Nginx set session-cookie before upstreams are hit

1 Answers1