TheDeveloper
commented
11 years ago @cepreu2github well spotted. I should have documented that it expects to receive a session ID with unique string and hashed unique string components delimited by a period '.'
I will change the default mutator to be a no-op to return the un-altered session ID.
When you create session with RedisSession::start(); it is write to Redis key only prefix. No session id writed. So your session is shared between all users of your service. Problem appeared after this commit: 4b8df2e318b7da8754d6b9dee94d941b7c0a8c09.