update session guide section

guide/src/qs_10.md

@@ -64,7 +64,8 @@ INFO:actix_web::middlewares::logger: 127.0.0.1:59947 [02/Dec/2017:00:22:40 -0800
 ## Default headers
 
 To set default response headers `DefaultHeaders` middleware could be used.
-*DefaultHeaders* middleware does not set header if response headers contains header.
+*DefaultHeaders* middleware does not set header if response headers already contains
+specified header.
 
 ```rust
 # extern crate actix_web;
@@ -86,4 +87,60 @@ fn main() {
 
 ## User sessions
 
-[WIP]
+Actix provides general solution for session management. 
+[*Session storage*](../actix_web/middlewares/struct.SessionStorage.html) middleare can be 
+use with different backend types to store session data in different backends. 
+By default only cookie session backend is implemented. Other backend implementations 
+could be added later.
+
+[*Cookie session backend*](../actix_web/middlewares/struct.CookieSessionBackend.html) 
+uses signed cookies as session storage. *Cookie session backend* creates sessions which 
+are limited to storing fewer than 4000 bytes of data (as the payload must fit into a 
+single cookie). Internal server error get generated if session contains more than 4000 bytes.
+
+You need to pass a random value to the constructor of *CookieSessionBackend*.
+This is private key for cookie session. When this value is changed, all session data is lost.
+Note that whatever you write into your session is visible by the user (but not modifiable).
+
+In general case, you cretate
+[*Session storage*](../actix_web/middlewares/struct.SessionStorage.html) middleware 
+and initializes it with specific backend implementation, like *CookieSessionBackend*. 
+To access session data
+[*HttpRequest::session()*](../actix_web/middlewares/trait.RequestSession.html#tymethod.session)
+method has to be used. This method returns
+[*Session*](../actix_web/middlewares/struct.Session.html) object, which allows to get or set
+session data.
+
+```rust
+# extern crate actix;
+# extern crate actix_web;
+use actix_web::*;
+use actix_web::middlewares::RequestSession;
+
+fn index(mut req: HttpRequest) -> Result<&'static str> {
+    // access session data
+    if let Some(count) = req.session().get::<i32>("counter")? {
+        println!("SESSION value: {}", count);
+        req.session().set("counter", count+1)?;
+    } else {
+        req.session().set("counter", 1)?;
+    }
+
+    Ok("Welcome!")
+}
+
+fn main() {
+#   let sys = actix::System::new("basic-example");
+    HttpServer::new(
+        || Application::new()
+            .middleware(middlewares::SessionStorage::new(          // <- create session middlewares
+                middlewares::CookieSessionBackend::build(&[0; 32]) // <- create cookie session backend
+                    .secure(false)
+                    .finish()
+            )))            
+        .bind("127.0.0.1:59880").unwrap()
+        .start();
+#     actix::Arbiter::system().send(actix::msgs::SystemExit(0));
+#     let _ = sys.run();
+}
+```

src/middlewares/session.rs

@@ -42,6 +42,23 @@ impl RequestSession for HttpRequest {
 /// Session object could be obtained with
 /// [`RequestSession::session`](trait.RequestSession.html#tymethod.session)
 /// method. `RequestSession` trait is implemented for `HttpRequest`.
+///
+/// ```rust
+/// use actix_web::*;
+/// use actix_web::middlewares::RequestSession;
+///
+/// fn index(mut req: HttpRequest) -> Result<&'static str> {
+///     // access session data
+///     if let Some(count) = req.session().get::<i32>("counter")? {
+///         req.session().set("counter", count+1)?;
+///     } else {
+///         req.session().set("counter", 1)?;
+///     }
+///
+///     Ok("Welcome!")
+/// }
+/// # fn main() {}
+/// ```
 pub struct Session<'a>(&'a mut SessionImpl);
 
 impl<'a> Session<'a> {
@@ -80,6 +97,21 @@ unsafe impl Send for SessionImplBox {}
 unsafe impl Sync for SessionImplBox {}
 
 /// Session storage middleware
+///
+/// ```rust
+/// # extern crate actix;
+/// # extern crate actix_web;
+/// use actix_web::*;
+///
+/// fn main() {
+///    let app = Application::new()
+///        .middleware(middlewares::SessionStorage::new(          // <- create session middlewares
+///           middlewares::CookieSessionBackend::build(&[0; 32]) // <- create cookie session backend
+///        .secure(false)
+///        .finish())
+///    );
+/// }
+/// ```
 pub struct SessionStorage<T, S>(T, PhantomData<S>);
 
 impl<S, T: SessionBackend<S>> SessionStorage<T, S> {