actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2025-02-22 18:33:18 +01:00
Code Issues Releases Wiki Activity

[actix-session] Documentation - Typo(s) / Improvements (#228)

Browse Source
This commit is contained in:
Luca Palmieri 2022-03-20 21:57:26 +00:00 committed by GitHub
parent 977e3141c9
commit 449abd6081
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
actix-session/src/lib.rs
View File

@ -5,7 +5,7 @@
//! influenced by the provided inputs (i.e. the request content) and whatever state the server
//! queries while performing its processing.
//!
//! Stateless systems are easier to reason about, but they are not quite as powerful as we need to
//! Stateless systems are easier to reason about, but they are not quite as powerful as we need them to
//! be - e.g. how do you authenticate a user? The user would be forced to authenticate **for every
//! single request**. That is, for example, how 'Basic' Authentication works. While it may work for
//! a machine user (i.e. an API client), it is impractical for a person—you do not want a login

14
actix-session/src/middleware.rs
View File

@ -147,7 +147,7 @@ pub enum SessionLength {
/// When does a browser session end? It depends on the browser! Chrome, for example, will often
/// continue running in the background when the browser is closed—session cookies are not
/// deleted and they will still be available when the browser is opened again. Check the
/// documentation of the browser you are targeting for up-to-date information.
/// documentation of the browsers you are targeting for up-to-date information.
BrowserSession {
/// We must provide a time-to-live (TTL) when storing the session state in the storage
/// backend—we do not want to store session states indefinitely, otherwise we will
@ -188,15 +188,17 @@ pub enum SessionLength {
/// the content of the session cookie.
#[derive(Debug, Clone, Copy)]
pub enum CookieContentSecurity {
/// `CookieContentSecurity::Private` selects encrypted cookie content.
/// The cookie content is encrypted when using `CookieContentSecurity::Private`.
///
/// The client cannot tamper with its contents nor decode it (i.e., preserves confidentiality as
/// long the as the encryption key is not breached).
/// Encryption guarantees confidentiality and integrity: the client cannot
/// tamper with the cookie content nor decode it, as long as the encryption key remains
/// confidential.
Private,
/// `CookieContentSecurity::Signed` selects signed cookie content.
/// The cookie content is signed when using `CookieContentSecurity::Signed`.
///
/// The client cannot tamper with its contents, but they can read it (i.e., no confidentiality).
/// Signing guarantees integrity, but it doesn't ensure confidentiality: the client
/// cannot tamper with the cookie content, but they can read it.
Signed,
}