I was testing our site after working on a new feature and found that some pages showed the customer as not logged in even though it was. For example, the welcome message would show "Welcome to the Site!" instead of "Welcome [customer name]!". I hooked an observer to the controller_action_predispatch
event and started printing the results for:
$session = Mage::getSingleton('customer/session');
echo $session ? 'set' : 'not set';
echo $session->isLoggedIn() ? 'logged in' : 'not logged in';
and I found that the session singleton is always set, but the isLoggedIn()
method returns false in some of the pages in the site. I also found that it wasn't that the session had been closed, because if I returned to a different page, isLoggedIn()
returned true again; I didn't have to log in again.
What could be causing this?
I have a custom module that creates a custom session object as well, but that has been working well for a while (it's in production). I don't know if that has anything to do with it. I realized that that session (mymodule/session
) has sort of the same problem. I declared a protected
variable inside the custom session class and defined getter and setter public methods to access it. At times the value is null even though the variable is never unset.
I can only think there's something wrong with the way Magento is handling sessions; one may be interferring with the other?
Best Answer
So I found out the problem with the customer session was that I was instantiating my own custom session way to early. As I learned from this article by Alan Storm, instantiating sessions too early can break session storage, so different pages where accessing different sessions. That's why sometimes I didn't get the correct customer session data.
I was trying to use a session object in a custom router and found it's a big NO. I changed my router code to instead set a
POST
param to pass on my value and then store it to the session later on in the process.P.S. My custom session is still buggy, since it appears its data is only accessible in the page request that set it and not any other subsequent requests, but the customer session is okay now so that's half the problem gone.