NAME
std/web/session - File and database backed sessions for std/web.
SYNOPSIS
from std/web import Request, Response;
from std/web/session import FileSessionHandler;
from std/io import Path;
Request.set_session_handler(
new FileSessionHandler(
dir: new Path( path: "/tmp/zsessions" ),
secret: "change-me",
max_age: 6 * 60 * 60,
),
);
function __request__ ( env ) {
let req := new Request( env: env );
let sess := req.session();
sess{data}.set( "seen", sess{data}.get( "seen", 0 ) + 1 );
return new Response(
session: sess.finalize(),
body: [ "seen ", sess{data}{seen}, "\n" ],
);
}DESCRIPTION
This module provides server-side session handlers for std/web. The contracts SessionHandler and Session are defined by std/web; this module imports those traits and provides file and database storage implementations.
The browser receives only a signed opaque session id. Session data is stored server-side as trusted std/marshal data. Applications which need encrypted or separately authenticated server-side storage should provide their own SessionHandler.
EXPORTS
Session
Concrete session object implementing std/web Session. The public data slot contains marshalable application data.
FileSessionHandler
Stores one marshalled blob per session in the configured dir.
DbSessionHandler
Stores sessions in the configured database handle. The handler creates and manages a zuzu_web_sessions table.
COPYRIGHT AND LICENCE
std/web/session is copyright Toby Inkster.
It is free software; you may redistribute it and/or modify it under the terms of either the Artistic License 1.0 or the GNU General Public License version 2.