actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2025-02-23 02:43:16 +01:00
Code Issues Releases Wiki Activity

[actix-session] Documentation - Typo(s) / Improvements (#228)

Browse Source
This commit is contained in:
Luca Palmieri 2022-03-20 21:57:26 +00:00 committed by GitHub
parent 977e3141c9
commit 449abd6081
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
actix-session/src/lib.rs
View File

@ -5,7 +5,7 @@
//! influenced by the provided inputs (i.e. the request content) and whatever state the server //! influenced by the provided inputs (i.e. the request content) and whatever state the server
//! queries while performing its processing. //! queries while performing its processing.
//! //!
//! Stateless systems are easier to reason about, but they are not quite as powerful as we need to //! Stateless systems are easier to reason about, but they are not quite as powerful as we need them to
//! be - e.g. how do you authenticate a user? The user would be forced to authenticate **for every //! be - e.g. how do you authenticate a user? The user would be forced to authenticate **for every
//! single request**. That is, for example, how 'Basic' Authentication works. While it may work for //! single request**. That is, for example, how 'Basic' Authentication works. While it may work for
//! a machine user (i.e. an API client), it is impractical for a person—you do not want a login //! a machine user (i.e. an API client), it is impractical for a person—you do not want a login

14
actix-session/src/middleware.rs
View File

@ -147,7 +147,7 @@ pub enum SessionLength {
/// When does a browser session end? It depends on the browser! Chrome, for example, will often /// When does a browser session end? It depends on the browser! Chrome, for example, will often
/// continue running in the background when the browser is closed—session cookies are not /// continue running in the background when the browser is closed—session cookies are not
/// deleted and they will still be available when the browser is opened again. Check the /// deleted and they will still be available when the browser is opened again. Check the
/// documentation of the browser you are targeting for up-to-date information. /// documentation of the browsers you are targeting for up-to-date information.
BrowserSession { BrowserSession {
/// We must provide a time-to-live (TTL) when storing the session state in the storage /// We must provide a time-to-live (TTL) when storing the session state in the storage
/// backend—we do not want to store session states indefinitely, otherwise we will /// backend—we do not want to store session states indefinitely, otherwise we will
@ -188,15 +188,17 @@ pub enum SessionLength {
/// the content of the session cookie. /// the content of the session cookie.
#[derive(Debug, Clone, Copy)] #[derive(Debug, Clone, Copy)]
pub enum CookieContentSecurity { pub enum CookieContentSecurity {
/// `CookieContentSecurity::Private` selects encrypted cookie content. /// The cookie content is encrypted when using `CookieContentSecurity::Private`.
/// ///
/// The client cannot tamper with its contents nor decode it (i.e., preserves confidentiality as /// Encryption guarantees confidentiality and integrity: the client cannot
/// long the as the encryption key is not breached). /// tamper with the cookie content nor decode it, as long as the encryption key remains
/// confidential.
Private, Private,
/// `CookieContentSecurity::Signed` selects signed cookie content. /// The cookie content is signed when using `CookieContentSecurity::Signed`.
/// ///
/// The client cannot tamper with its contents, but they can read it (i.e., no confidentiality). /// Signing guarantees integrity, but it doesn't ensure confidentiality: the client
/// cannot tamper with the cookie content, but they can read it.
Signed, Signed,
} }