1
0
mirror of https://github.com/actix/actix-extras.git synced 2024-11-28 09:42:40 +01:00
actix-extras/src/middleware/session.rs

618 lines
19 KiB
Rust
Raw Normal View History

2018-04-19 05:11:49 +02:00
//! User sessions.
//!
//! Actix provides a general solution for session management. The
//! [**SessionStorage**](struct.SessionStorage.html)
//! middleware can be used with different backend types to store session
//! data in different backends.
//!
//! By default, only cookie session backend is implemented. Other
//! backend implementations can be added.
//!
//! [**CookieSessionBackend**](struct.CookieSessionBackend.html)
2018-04-19 05:16:29 +02:00
//! uses cookies as session storage. `CookieSessionBackend` creates sessions
//! which are limited to storing fewer than 4000 bytes of data, as the payload
//! must fit into a single cookie. An internal server error is generated if a
//! session contains more than 4000 bytes.
2018-04-19 05:11:49 +02:00
//!
//! A cookie may have a security policy of *signed* or *private*. Each has
//! a respective `CookieSessionBackend` constructor.
//!
//! A *signed* cookie may be viewed but not modified by the client. A *private*
//! cookie may neither be viewed nor modified by the client.
//!
//! The constructors take a key as an argument. This is the private key
//! for cookie session - when this value is changed, all session data is lost.
//!
//! In general, you create a `SessionStorage` middleware and initialize it
//! with specific backend implementation, such as a `CookieSessionBackend`.
//! To access session data,
//! [*HttpRequest::session()*](trait.RequestSession.html#tymethod.session)
//! must be used. This method returns a
//! [*Session*](struct.Session.html) object, which allows us to get or set
//! session data.
//!
//! ```rust
2018-06-01 19:27:23 +02:00
//! # extern crate actix_web;
//! use actix_web::{actix, server, App, HttpRequest, Result};
2018-04-30 06:05:10 +02:00
//! use actix_web::middleware::session::{RequestSession, SessionStorage, CookieSessionBackend};
2018-04-19 05:11:49 +02:00
//!
2018-05-03 04:11:44 +02:00
//! fn index(req: HttpRequest) -> Result<&'static str> {
2018-04-19 05:11:49 +02:00
//! // access session data
//! if let Some(count) = req.session().get::<i32>("counter")? {
//! println!("SESSION value: {}", count);
//! req.session().set("counter", count+1)?;
//! } else {
//! req.session().set("counter", 1)?;
//! }
//!
//! Ok("Welcome!")
//! }
//!
//! fn main() {
2018-05-29 19:31:37 +02:00
//! actix::System::run(|| {
//! server::new(
//! || App::new().middleware(
//! SessionStorage::new( // <- create session middleware
//! CookieSessionBackend::signed(&[0; 32]) // <- create signed cookie session backend
//! .secure(false)
//! )))
//! .bind("127.0.0.1:59880").unwrap()
//! .start();
2018-06-14 08:37:19 +02:00
//! # actix::System::current().stop();
2018-05-29 19:31:37 +02:00
//! });
2018-04-19 05:11:49 +02:00
//! }
//! ```
2018-05-01 18:40:23 +02:00
use std::cell::RefCell;
2018-04-14 01:02:01 +02:00
use std::collections::HashMap;
use std::marker::PhantomData;
2017-11-25 18:52:32 +01:00
use std::rc::Rc;
use std::sync::Arc;
2017-11-27 02:30:35 +01:00
use cookie::{Cookie, CookieJar, Key, SameSite};
2018-04-29 07:55:47 +02:00
use futures::future::{err as FutErr, ok as FutOk, FutureResult};
2018-04-14 01:02:01 +02:00
use futures::Future;
use http::header::{self, HeaderValue};
2018-05-01 18:40:23 +02:00
use serde::de::DeserializeOwned;
use serde::Serialize;
2017-11-25 18:52:32 +01:00
use serde_json;
2017-11-27 02:30:35 +01:00
use serde_json::error::Error as JsonError;
use time::Duration;
2017-11-25 18:52:32 +01:00
2018-04-14 01:02:01 +02:00
use error::{Error, ResponseError, Result};
2018-05-17 06:02:51 +02:00
use handler::FromRequest;
2017-11-25 18:52:32 +01:00
use httprequest::HttpRequest;
use httpresponse::HttpResponse;
2018-04-14 01:02:01 +02:00
use middleware::{Middleware, Response, Started};
2017-11-25 18:52:32 +01:00
/// The helper trait to obtain your session data from a request.
2017-12-20 01:09:19 +01:00
///
/// ```rust
2018-04-30 06:05:10 +02:00
/// use actix_web::middleware::session::RequestSession;
2018-06-01 18:36:16 +02:00
/// use actix_web::*;
2017-12-20 01:09:19 +01:00
///
/// fn index(mut req: HttpRequest) -> Result<&'static str> {
/// // access session data
/// if let Some(count) = req.session().get::<i32>("counter")? {
2018-06-01 18:36:16 +02:00
/// req.session().set("counter", count + 1)?;
2017-12-20 01:09:19 +01:00
/// } else {
/// req.session().set("counter", 1)?;
/// }
///
/// Ok("Welcome!")
/// }
/// # fn main() {}
/// ```
2017-11-25 18:52:32 +01:00
pub trait RequestSession {
/// Get the session from the request
2018-05-01 18:40:23 +02:00
fn session(&self) -> Session;
2017-11-25 18:52:32 +01:00
}
impl<S> RequestSession for HttpRequest<S> {
2018-05-01 18:40:23 +02:00
fn session(&self) -> Session {
if let Some(s_impl) = self.extensions().get::<Arc<SessionImplCell>>() {
return Session(SessionInner::Session(Arc::clone(&s_impl)));
2017-11-25 18:52:32 +01:00
}
2018-05-01 18:40:23 +02:00
Session(SessionInner::None)
2017-11-25 18:52:32 +01:00
}
}
/// The high-level interface you use to modify session data.
///
/// Session object could be obtained with
/// [`RequestSession::session`](trait.RequestSession.html#tymethod.session)
/// method. `RequestSession` trait is implemented for `HttpRequest`.
2017-12-20 00:44:25 +01:00
///
/// ```rust
2018-04-30 06:05:10 +02:00
/// use actix_web::middleware::session::RequestSession;
2018-06-01 18:36:16 +02:00
/// use actix_web::*;
2017-12-20 00:44:25 +01:00
///
/// fn index(mut req: HttpRequest) -> Result<&'static str> {
/// // access session data
/// if let Some(count) = req.session().get::<i32>("counter")? {
2018-06-01 18:36:16 +02:00
/// req.session().set("counter", count + 1)?;
2017-12-20 00:44:25 +01:00
/// } else {
/// req.session().set("counter", 1)?;
/// }
///
/// Ok("Welcome!")
/// }
/// # fn main() {}
/// ```
2018-05-01 18:40:23 +02:00
pub struct Session(SessionInner);
enum SessionInner {
Session(Arc<SessionImplCell>),
None,
}
2017-11-25 18:52:32 +01:00
2018-05-01 18:40:23 +02:00
impl Session {
2017-11-25 18:52:32 +01:00
/// Get a `value` from the session.
2018-05-01 18:40:23 +02:00
pub fn get<T: DeserializeOwned>(&self, key: &str) -> Result<Option<T>> {
match self.0 {
SessionInner::Session(ref sess) => {
if let Some(s) = sess.as_ref().0.borrow().get(key) {
Ok(Some(serde_json::from_str(s)?))
} else {
Ok(None)
}
}
SessionInner::None => Ok(None),
2017-11-25 18:52:32 +01:00
}
}
/// Set a `value` from the session.
2018-05-01 18:40:23 +02:00
pub fn set<T: Serialize>(&self, key: &str, value: T) -> Result<()> {
match self.0 {
SessionInner::Session(ref sess) => {
sess.as_ref()
.0
.borrow_mut()
.set(key, serde_json::to_string(&value)?);
Ok(())
}
SessionInner::None => Ok(()),
}
2017-11-25 18:52:32 +01:00
}
/// Remove value from the session.
2018-05-01 18:40:23 +02:00
pub fn remove(&self, key: &str) {
match self.0 {
SessionInner::Session(ref sess) => sess.as_ref().0.borrow_mut().remove(key),
SessionInner::None => (),
}
2017-11-25 18:52:32 +01:00
}
/// Clear the session.
2018-05-01 18:40:23 +02:00
pub fn clear(&self) {
match self.0 {
SessionInner::Session(ref sess) => sess.as_ref().0.borrow_mut().clear(),
SessionInner::None => (),
}
2017-11-25 18:52:32 +01:00
}
}
2018-05-17 06:05:59 +02:00
/// Extractor implementation for Session type.
///
/// ```rust
/// # use actix_web::*;
/// use actix_web::middleware::session::Session;
///
/// fn index(session: Session) -> Result<&'static str> {
/// // access session data
/// if let Some(count) = session.get::<i32>("counter")? {
2018-06-01 18:36:16 +02:00
/// session.set("counter", count + 1)?;
2018-05-17 06:05:59 +02:00
/// } else {
/// session.set("counter", 1)?;
/// }
///
/// Ok("Welcome!")
/// }
/// # fn main() {}
/// ```
2018-05-17 06:02:51 +02:00
impl<S> FromRequest<S> for Session {
type Config = ();
type Result = Session;
#[inline]
fn from_request(req: &HttpRequest<S>, _: &Self::Config) -> Self::Result {
req.session()
}
}
2018-05-01 18:40:23 +02:00
struct SessionImplCell(RefCell<Box<SessionImpl>>);
2017-11-25 18:52:32 +01:00
/// Session storage middleware
2017-12-20 00:44:25 +01:00
///
/// ```rust
/// # extern crate actix_web;
2018-06-01 18:36:16 +02:00
/// use actix_web::middleware::session::{CookieSessionBackend, SessionStorage};
2018-03-31 09:16:55 +02:00
/// use actix_web::App;
2017-12-20 00:44:25 +01:00
///
/// fn main() {
2018-06-01 18:36:16 +02:00
/// let app = App::new().middleware(SessionStorage::new(
/// // <- create session middleware
/// CookieSessionBackend::signed(&[0; 32]) // <- create cookie session backend
/// .secure(false),
/// ));
2017-12-20 00:44:25 +01:00
/// }
/// ```
2017-12-09 13:33:40 +01:00
pub struct SessionStorage<T, S>(T, PhantomData<S>);
2017-11-25 18:52:32 +01:00
2017-12-09 13:33:40 +01:00
impl<S, T: SessionBackend<S>> SessionStorage<T, S> {
2017-11-25 18:52:32 +01:00
/// Create session storage
2017-12-09 13:33:40 +01:00
pub fn new(backend: T) -> SessionStorage<T, S> {
SessionStorage(backend, PhantomData)
2017-11-25 18:52:32 +01:00
}
}
2017-12-09 13:33:40 +01:00
impl<S: 'static, T: SessionBackend<S>> Middleware<S> for SessionStorage<T, S> {
2018-06-25 06:58:04 +02:00
fn start(&self, req: &HttpRequest<S>) -> Result<Started> {
2017-11-27 06:47:33 +01:00
let mut req = req.clone();
2018-05-17 06:02:51 +02:00
let fut = self.0.from_request(&mut req).then(move |res| match res {
Ok(sess) => {
req.extensions_mut()
.insert(Arc::new(SessionImplCell(RefCell::new(Box::new(sess)))));
FutOk(None)
}
Err(err) => FutErr(err),
});
2018-01-10 07:48:35 +01:00
Ok(Started::Future(Box::new(fut)))
2017-11-25 18:52:32 +01:00
}
2018-06-25 06:58:04 +02:00
fn response(&self, req: &HttpRequest<S>, resp: HttpResponse) -> Result<Response> {
if let Some(s_box) = req.extensions().get::<Arc<SessionImplCell>>() {
2018-05-01 18:40:23 +02:00
s_box.0.borrow_mut().write(resp)
2017-11-25 18:52:32 +01:00
} else {
2018-01-10 07:48:35 +01:00
Ok(Response::Done(resp))
2017-11-25 18:52:32 +01:00
}
}
}
/// A simple key-value storage interface that is internally used by `Session`.
pub trait SessionImpl: 'static {
/// Get session value by key
2017-11-25 18:52:32 +01:00
fn get(&self, key: &str) -> Option<&str>;
/// Set session value
2017-11-25 18:52:32 +01:00
fn set(&mut self, key: &str, value: String);
/// Remove specific key from session
2017-11-25 18:52:32 +01:00
fn remove(&mut self, key: &str);
/// Remove all values from session
2017-11-25 18:52:32 +01:00
fn clear(&mut self);
/// Write session to storage backend.
2018-01-10 07:48:35 +01:00
fn write(&self, resp: HttpResponse) -> Result<Response>;
2017-11-25 18:52:32 +01:00
}
/// Session's storage backend trait definition.
2017-12-09 13:33:40 +01:00
pub trait SessionBackend<S>: Sized + 'static {
/// Session item
2017-11-25 18:52:32 +01:00
type Session: SessionImpl;
/// Future that reads session
2018-04-14 01:02:01 +02:00
type ReadFuture: Future<Item = Self::Session, Error = Error>;
2017-11-25 18:52:32 +01:00
/// Parse the session from request and load data from a storage backend.
2017-12-09 13:33:40 +01:00
fn from_request(&self, request: &mut HttpRequest<S>) -> Self::ReadFuture;
2017-11-25 18:52:32 +01:00
}
/// Session that uses signed cookies as session storage
pub struct CookieSession {
2017-11-27 02:30:35 +01:00
changed: bool,
state: HashMap<String, String>,
inner: Rc<CookieSessionInner>,
}
2018-01-15 22:47:25 +01:00
/// Errors that can occur during handling cookie session
2017-11-27 02:30:35 +01:00
#[derive(Fail, Debug)]
pub enum CookieSessionError {
/// Size of the serialized session is greater than 4000 bytes.
2018-04-14 01:02:01 +02:00
#[fail(display = "Size of the serialized session is greater than 4000 bytes.")]
2017-11-27 02:30:35 +01:00
Overflow,
/// Fail to serialize session.
2018-04-14 01:02:01 +02:00
#[fail(display = "Fail to serialize session")]
2017-11-27 02:30:35 +01:00
Serialize(JsonError),
2017-11-25 18:52:32 +01:00
}
impl ResponseError for CookieSessionError {}
2017-11-27 02:30:35 +01:00
2017-11-25 18:52:32 +01:00
impl SessionImpl for CookieSession {
fn get(&self, key: &str) -> Option<&str> {
2017-11-27 02:30:35 +01:00
if let Some(s) = self.state.get(key) {
Some(s)
} else {
None
}
2017-11-25 18:52:32 +01:00
}
fn set(&mut self, key: &str, value: String) {
2017-11-27 02:30:35 +01:00
self.changed = true;
self.state.insert(key.to_owned(), value);
2017-11-25 18:52:32 +01:00
}
fn remove(&mut self, key: &str) {
2017-11-27 02:30:35 +01:00
self.changed = true;
self.state.remove(key);
2017-11-25 18:52:32 +01:00
}
fn clear(&mut self) {
2017-11-27 02:30:35 +01:00
self.changed = true;
self.state.clear()
2017-11-25 18:52:32 +01:00
}
2018-01-10 07:48:35 +01:00
fn write(&self, mut resp: HttpResponse) -> Result<Response> {
2017-11-27 02:30:35 +01:00
if self.changed {
let _ = self.inner.set_cookie(&mut resp, &self.state);
2017-11-25 18:52:32 +01:00
}
2018-01-10 07:48:35 +01:00
Ok(Response::Done(resp))
2017-11-25 18:52:32 +01:00
}
}
2018-04-09 17:22:25 +02:00
enum CookieSecurity {
Signed,
2018-04-14 01:02:01 +02:00
Private,
2018-04-09 17:22:25 +02:00
}
2017-11-27 02:30:35 +01:00
struct CookieSessionInner {
key: Key,
2018-04-09 17:22:25 +02:00
security: CookieSecurity,
2017-11-27 02:30:35 +01:00
name: String,
path: String,
domain: Option<String>,
secure: bool,
http_only: bool,
max_age: Option<Duration>,
same_site: Option<SameSite>,
2017-11-27 02:30:35 +01:00
}
impl CookieSessionInner {
2018-04-09 17:22:25 +02:00
fn new(key: &[u8], security: CookieSecurity) -> CookieSessionInner {
2017-11-27 02:30:35 +01:00
CookieSessionInner {
security,
2017-11-27 02:30:35 +01:00
key: Key::from_master(key),
2017-12-29 10:01:31 +01:00
name: "actix-session".to_owned(),
2017-11-27 02:30:35 +01:00
path: "/".to_owned(),
domain: None,
secure: true,
http_only: true,
2018-04-09 17:22:25 +02:00
max_age: None,
same_site: None,
2018-04-09 17:22:25 +02:00
}
2017-11-27 02:30:35 +01:00
}
2018-04-14 01:02:01 +02:00
fn set_cookie(
2018-05-17 21:20:20 +02:00
&self, resp: &mut HttpResponse, state: &HashMap<String, String>,
2018-04-14 01:02:01 +02:00
) -> Result<()> {
let value =
serde_json::to_string(&state).map_err(CookieSessionError::Serialize)?;
2017-11-27 02:30:35 +01:00
if value.len() > 4064 {
2018-04-14 01:02:01 +02:00
return Err(CookieSessionError::Overflow.into());
2017-11-27 02:30:35 +01:00
}
let mut cookie = Cookie::new(self.name.clone(), value);
cookie.set_path(self.path.clone());
cookie.set_secure(self.secure);
cookie.set_http_only(self.http_only);
2017-11-27 02:30:35 +01:00
if let Some(ref domain) = self.domain {
cookie.set_domain(domain.clone());
}
if let Some(max_age) = self.max_age {
cookie.set_max_age(max_age);
}
if let Some(same_site) = self.same_site {
cookie.set_same_site(same_site);
}
2017-11-27 02:30:35 +01:00
let mut jar = CookieJar::new();
2018-04-09 17:22:25 +02:00
match self.security {
CookieSecurity::Signed => jar.signed(&self.key).add(cookie),
CookieSecurity::Private => jar.private(&self.key).add(cookie),
}
2017-11-27 02:30:35 +01:00
for cookie in jar.delta() {
let val = HeaderValue::from_str(&cookie.encoded().to_string())?;
2017-11-27 02:30:35 +01:00
resp.headers_mut().append(header::SET_COOKIE, val);
}
Ok(())
}
2017-12-09 13:33:40 +01:00
fn load<S>(&self, req: &mut HttpRequest<S>) -> HashMap<String, String> {
2017-12-08 03:00:20 +01:00
if let Ok(cookies) = req.cookies() {
2018-06-25 06:58:04 +02:00
for cookie in cookies.iter() {
2017-11-27 02:30:35 +01:00
if cookie.name() == self.name {
let mut jar = CookieJar::new();
jar.add_original(cookie.clone());
2018-04-09 17:22:25 +02:00
let cookie_opt = match self.security {
CookieSecurity::Signed => jar.signed(&self.key).get(&self.name),
2018-04-14 01:02:01 +02:00
CookieSecurity::Private => {
jar.private(&self.key).get(&self.name)
}
2018-04-09 17:22:25 +02:00
};
if let Some(cookie) = cookie_opt {
2017-11-27 02:30:35 +01:00
if let Ok(val) = serde_json::from_str(cookie.value()) {
return val;
}
}
}
}
}
HashMap::new()
}
}
2018-04-09 17:22:25 +02:00
/// Use cookies for session storage.
2017-11-25 18:52:32 +01:00
///
2017-11-27 02:30:35 +01:00
/// `CookieSessionBackend` creates sessions which are limited to storing
2018-04-14 01:02:01 +02:00
/// fewer than 4000 bytes of data (as the payload must fit into a single
/// cookie). An Internal Server Error is generated if the session contains more
/// than 4000 bytes.
2018-04-09 17:22:25 +02:00
///
2018-04-14 01:02:01 +02:00
/// A cookie may have a security policy of *signed* or *private*. Each has a
/// respective `CookieSessionBackend` constructor.
2018-04-09 17:22:25 +02:00
///
/// A *signed* cookie is stored on the client as plaintext alongside
2018-04-14 01:02:01 +02:00
/// a signature such that the cookie may be viewed but not modified by the
/// client.
2017-11-27 02:30:35 +01:00
///
2018-04-09 17:22:25 +02:00
/// A *private* cookie is stored on the client as encrypted text
/// such that it may neither be viewed nor modified by the client.
2017-11-25 18:52:32 +01:00
///
2018-04-09 17:22:25 +02:00
/// The constructors take a key as an argument.
2018-04-14 01:02:01 +02:00
/// This is the private key for cookie session - when this value is changed,
/// all session data is lost. The constructors will panic if the key is less
/// than 32 bytes in length.
2017-11-25 18:52:32 +01:00
///
/// The backend relies on `cookie` crate to create and read cookies.
/// By default all cookies are percent encoded, but certain symbols may
/// cause troubles when reading cookie, if they are not properly percent encoded.
2017-11-27 02:30:35 +01:00
///
/// # Example
///
/// ```rust
/// # extern crate actix_web;
2018-04-30 06:05:10 +02:00
/// use actix_web::middleware::session::CookieSessionBackend;
2017-11-27 02:30:35 +01:00
///
/// # fn main() {
2018-04-09 17:22:25 +02:00
/// let backend: CookieSessionBackend = CookieSessionBackend::signed(&[0; 32])
2017-11-27 02:30:35 +01:00
/// .domain("www.rust-lang.org")
2017-12-28 13:02:46 +01:00
/// .name("actix_session")
2017-11-27 02:30:35 +01:00
/// .path("/")
/// .secure(true);
2017-11-27 02:30:35 +01:00
/// # }
/// ```
pub struct CookieSessionBackend(Rc<CookieSessionInner>);
2017-11-27 02:30:35 +01:00
impl CookieSessionBackend {
2018-04-09 17:22:25 +02:00
/// Construct new *signed* `CookieSessionBackend` instance.
///
/// Panics if key length is less than 32 bytes.
pub fn signed(key: &[u8]) -> CookieSessionBackend {
2018-04-14 01:02:01 +02:00
CookieSessionBackend(Rc::new(CookieSessionInner::new(
key,
CookieSecurity::Signed,
)))
2018-04-09 17:22:25 +02:00
}
/// Construct new *private* `CookieSessionBackend` instance.
///
/// Panics if key length is less than 32 bytes.
pub fn private(key: &[u8]) -> CookieSessionBackend {
2018-04-14 01:02:01 +02:00
CookieSessionBackend(Rc::new(CookieSessionInner::new(
key,
CookieSecurity::Private,
)))
2017-11-27 02:30:35 +01:00
}
/// Sets the `path` field in the session cookie being built.
pub fn path<S: Into<String>>(mut self, value: S) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().path = value.into();
2017-11-27 02:30:35 +01:00
self
}
2017-12-28 13:02:46 +01:00
/// Sets the `name` field in the session cookie being built.
pub fn name<S: Into<String>>(mut self, value: S) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().name = value.into();
2017-12-28 13:02:46 +01:00
self
}
2017-11-27 02:30:35 +01:00
/// Sets the `domain` field in the session cookie being built.
pub fn domain<S: Into<String>>(mut self, value: S) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().domain = Some(value.into());
2017-11-27 02:30:35 +01:00
self
}
/// Sets the `secure` field in the session cookie being built.
2018-04-09 17:22:25 +02:00
///
/// If the `secure` field is set, a cookie will only be transmitted when the
/// connection is secure - i.e. `https`
pub fn secure(mut self, value: bool) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().secure = value;
2017-11-27 02:30:35 +01:00
self
}
/// Sets the `http_only` field in the session cookie being built.
pub fn http_only(mut self, value: bool) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().http_only = value;
self
}
/// Sets the `same_site` field in the session cookie being built.
pub fn same_site(mut self, value: SameSite) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().same_site = Some(value);
self
}
/// Sets the `max-age` field in the session cookie being built.
pub fn max_age(mut self, value: Duration) -> CookieSessionBackend {
Rc::get_mut(&mut self.0).unwrap().max_age = Some(value);
self
}
}
impl<S> SessionBackend<S> for CookieSessionBackend {
type Session = CookieSession;
type ReadFuture = FutureResult<CookieSession, Error>;
fn from_request(&self, req: &mut HttpRequest<S>) -> Self::ReadFuture {
let state = self.0.load(req);
2018-04-14 01:02:01 +02:00
FutOk(CookieSession {
changed: false,
inner: Rc::clone(&self.0),
state,
})
2017-11-25 18:52:32 +01:00
}
}
2018-05-03 04:11:44 +02:00
#[cfg(test)]
mod tests {
use super::*;
use application::App;
use test;
#[test]
fn cookie_session() {
let mut srv = test::TestServer::with_factory(|| {
App::new()
.middleware(SessionStorage::new(
CookieSessionBackend::signed(&[0; 32]).secure(false),
2018-08-23 18:48:01 +02:00
)).resource("/", |r| {
2018-05-03 04:11:44 +02:00
r.f(|req| {
let _ = req.session().set("counter", 100);
"test"
})
})
});
let request = srv.get().uri(srv.url("/")).finish().unwrap();
let response = srv.execute(request.send()).unwrap();
assert!(response.cookie("actix-session").is_some());
}
2018-05-17 06:02:51 +02:00
#[test]
fn cookie_session_extractor() {
let mut srv = test::TestServer::with_factory(|| {
App::new()
.middleware(SessionStorage::new(
CookieSessionBackend::signed(&[0; 32]).secure(false),
2018-08-23 18:48:01 +02:00
)).resource("/", |r| {
2018-05-17 06:02:51 +02:00
r.with(|ses: Session| {
let _ = ses.set("counter", 100);
"test"
})
})
});
let request = srv.get().uri(srv.url("/")).finish().unwrap();
let response = srv.execute(request.send()).unwrap();
assert!(response.cookie("actix-session").is_some());
}
2018-05-03 04:11:44 +02:00
}