<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `actix-session/src/storage/cookie.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>cookie.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" type="text/css" href="../../../normalize.css"><link rel="stylesheet" type="text/css" href="../../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" type="text/css" href="../../../ayu.css" disabled><link rel="stylesheet" type="text/css" href="../../../dark.css" disabled><link rel="stylesheet" type="text/css" href="../../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../../storage.js"></script><script defer src="../../../source-script.js"></script><script defer src="../../../source-files.js"></script><script defer src="../../../main.js"></script><noscript><link rel="stylesheet" href="../../../noscript.css"></noscript><link rel="icon" href="https://actix.rs/favicon.ico"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle">☰</button><a class="sidebar-logo" href="../../../actix_session/index.html"><div class="logo-container"><img src="https://actix.rs/img/logo.png" alt="logo"></div></a><h2 class="location"></h2></nav><nav class="sidebar"><a class="sidebar-logo" href="../../../actix_session/index.html"><div class="logo-container">
<img src="https://actix.rs/img/logo.png" alt="logo"></div></a></nav><main><div class="width-limiter"><div class="sub-container"><a class="sub-logo-container" href="../../../actix_session/index.html">
<img src="https://actix.rs/img/logo.png" alt="logo"></a><nav class="sub"><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><button type="button">?</button></div><div id="settings-menu" tabindex="-1"><a href="../../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../../wheel.svg"></a></div></div></form></nav></div><section id="main-content" class="content"><div class="example-wrap"><pre class="line-numbers"><span id="1">1</span>
<span id="2">2</span>
<span id="3">3</span>
<span id="4">4</span>
<span id="5">5</span>
<span id="6">6</span>
<span id="7">7</span>
<span id="8">8</span>
<span id="9">9</span>
<span id="10">10</span>
<span id="11">11</span>
<span id="12">12</span>
<span id="13">13</span>
<span id="14">14</span>
<span id="15">15</span>
<span id="16">16</span>
<span id="17">17</span>
<span id="18">18</span>
<span id="19">19</span>
<span id="20">20</span>
<span id="21">21</span>
<span id="22">22</span>
<span id="23">23</span>
<span id="24">24</span>
<span id="25">25</span>
<span id="26">26</span>
<span id="27">27</span>
<span id="28">28</span>
<span id="29">29</span>
<span id="30">30</span>
<span id="31">31</span>
<span id="32">32</span>
<span id="33">33</span>
<span id="34">34</span>
<span id="35">35</span>
<span id="36">36</span>
<span id="37">37</span>
<span id="38">38</span>
<span id="39">39</span>
<span id="40">40</span>
<span id="41">41</span>
<span id="42">42</span>
<span id="43">43</span>
<span id="44">44</span>
<span id="45">45</span>
<span id="46">46</span>
<span id="47">47</span>
<span id="48">48</span>
<span id="49">49</span>
<span id="50">50</span>
<span id="51">51</span>
<span id="52">52</span>
<span id="53">53</span>
<span id="54">54</span>
<span id="55">55</span>
<span id="56">56</span>
<span id="57">57</span>
<span id="58">58</span>
<span id="59">59</span>
<span id="60">60</span>
<span id="61">61</span>
<span id="62">62</span>
<span id="63">63</span>
<span id="64">64</span>
<span id="65">65</span>
<span id="66">66</span>
<span id="67">67</span>
<span id="68">68</span>
<span id="69">69</span>
<span id="70">70</span>
<span id="71">71</span>
<span id="72">72</span>
<span id="73">73</span>
<span id="74">74</span>
<span id="75">75</span>
<span id="76">76</span>
<span id="77">77</span>
<span id="78">78</span>
<span id="79">79</span>
<span id="80">80</span>
<span id="81">81</span>
<span id="82">82</span>
<span id="83">83</span>
<span id="84">84</span>
<span id="85">85</span>
<span id="86">86</span>
<span id="87">87</span>
<span id="88">88</span>
<span id="89">89</span>
<span id="90">90</span>
<span id="91">91</span>
<span id="92">92</span>
<span id="93">93</span>
<span id="94">94</span>
<span id="95">95</span>
<span id="96">96</span>
<span id="97">97</span>
<span id="98">98</span>
<span id="99">99</span>
<span id="100">100</span>
<span id="101">101</span>
<span id="102">102</span>
<span id="103">103</span>
<span id="104">104</span>
<span id="105">105</span>
<span id="106">106</span>
<span id="107">107</span>
<span id="108">108</span>
<span id="109">109</span>
<span id="110">110</span>
<span id="111">111</span>
<span id="112">112</span>
<span id="113">113</span>
<span id="114">114</span>
<span id="115">115</span>
<span id="116">116</span>
<span id="117">117</span>
<span id="118">118</span>
<span id="119">119</span>
<span id="120">120</span>
<span id="121">121</span>
</pre><pre class="rust"><code><span class="kw">use </span>std::convert::TryInto;
<span class="kw">use </span>actix_web::cookie::time::Duration;
<span class="kw">use </span>anyhow::Error;
<span class="kw">use </span><span class="kw">super</span>::SessionKey;
<span class="kw">use </span><span class="kw">crate</span>::storage::{
interface::{LoadError, SaveError, SessionState, UpdateError},
SessionStore,
};
<span class="doccomment">/// Use the session key, stored in the session cookie, as storage backend for the session state.
///
/// ```no_run
/// use actix_web::{cookie::Key, web, App, HttpServer, HttpResponse, Error};
/// use actix_session::{SessionMiddleware, storage::CookieSessionStore};
///
/// // The secret key would usually be read from a configuration file/environment variables.
/// fn get_secret_key() -> Key {
/// # todo!()
/// // [...]
/// }
///
/// #[actix_web::main]
/// async fn main() -> std::io::Result<()> {
/// let secret_key = get_secret_key();
/// HttpServer::new(move ||
/// App::new()
/// .wrap(SessionMiddleware::new(CookieSessionStore::default(), secret_key.clone()))
/// .default_service(web::to(|| HttpResponse::Ok())))
/// .bind(("127.0.0.1", 8080))?
/// .run()
/// .await
/// }
/// ```
///
/// # Limitations
/// Cookies are subject to size limits so we require session keys to be shorter than 4096 bytes.
/// This translates into a limit on the maximum size of the session state when using cookies as
/// storage backend.
///
/// The session cookie can always be inspected by end users via the developer tools exposed by their
/// browsers. We strongly recommend setting the policy to [`CookieContentSecurity::Private`] when
/// using cookies as storage backend.
///
/// There is no way to invalidate a session before its natural expiry when using cookies as the
/// storage backend.
///
/// [`CookieContentSecurity::Private`]: crate::config::CookieContentSecurity::Private
</span><span class="attribute">#[cfg_attr(docsrs, doc(cfg(feature = <span class="string">"cookie-session"</span>)))]
#[derive(Default)]
#[non_exhaustive]
</span><span class="kw">pub struct </span>CookieSessionStore;
<span class="attribute">#[async_trait::async_trait(<span class="question-mark">?</span>Send)]
</span><span class="kw">impl </span>SessionStore <span class="kw">for </span>CookieSessionStore {
<span class="kw">async fn </span>load(<span class="kw-2">&</span><span class="self">self</span>, session_key: <span class="kw-2">&</span>SessionKey) -> <span class="prelude-ty">Result</span><<span class="prelude-ty">Option</span><SessionState>, LoadError> {
serde_json::from_str(session_key.as_ref())
.map(<span class="prelude-val">Some</span>)
.map_err(anyhow::Error::new)
.map_err(LoadError::Deserialization)
}
<span class="kw">async fn </span>save(
<span class="kw-2">&</span><span class="self">self</span>,
session_state: SessionState,
_ttl: <span class="kw-2">&</span>Duration,
) -> <span class="prelude-ty">Result</span><SessionKey, SaveError> {
<span class="kw">let </span>session_key = serde_json::to_string(<span class="kw-2">&</span>session_state)
.map_err(anyhow::Error::new)
.map_err(SaveError::Serialization)<span class="question-mark">?</span>;
<span class="prelude-val">Ok</span>(session_key
.try_into()
.map_err(Into::into)
.map_err(SaveError::Other)<span class="question-mark">?</span>)
}
<span class="kw">async fn </span>update(
<span class="kw-2">&</span><span class="self">self</span>,
_session_key: SessionKey,
session_state: SessionState,
ttl: <span class="kw-2">&</span>Duration,
) -> <span class="prelude-ty">Result</span><SessionKey, UpdateError> {
<span class="self">self</span>.save(session_state, ttl)
.<span class="kw">await
</span>.map_err(|err| <span class="kw">match </span>err {
SaveError::Serialization(err) => UpdateError::Serialization(err),
SaveError::Other(err) => UpdateError::Other(err),
})
}
<span class="kw">async fn </span>update_ttl(<span class="kw-2">&</span><span class="self">self</span>, _session_key: <span class="kw-2">&</span>SessionKey, _ttl: <span class="kw-2">&</span>Duration) -> <span class="prelude-ty">Result</span><(), Error> {
<span class="prelude-val">Ok</span>(())
}
<span class="kw">async fn </span>delete(<span class="kw-2">&</span><span class="self">self</span>, _session_key: <span class="kw-2">&</span>SessionKey) -> <span class="prelude-ty">Result</span><(), anyhow::Error> {
<span class="prelude-val">Ok</span>(())
}
}
<span class="attribute">#[cfg(test)]
</span><span class="kw">mod </span>tests {
<span class="kw">use super</span>::<span class="kw-2">*</span>;
<span class="kw">use crate</span>::{storage::utils::generate_session_key, test_helpers::acceptance_test_suite};
<span class="attribute">#[actix_web::test]
</span><span class="kw">async fn </span>test_session_workflow() {
acceptance_test_suite(CookieSessionStore::default, <span class="bool-val">false</span>).<span class="kw">await</span>;
}
<span class="attribute">#[actix_web::test]
</span><span class="kw">async fn </span>loading_a_random_session_key_returns_deserialization_error() {
<span class="kw">let </span>store = CookieSessionStore::default();
<span class="kw">let </span>session_key = generate_session_key();
<span class="macro">assert!</span>(<span class="macro">matches!</span>(
store.load(<span class="kw-2">&</span>session_key).<span class="kw">await</span>.unwrap_err(),
LoadError::Deserialization(<span class="kw">_</span>),
));
}
}
</code></pre></div>
</section></div></main><div id="rustdoc-vars" data-root-path="../../../" data-current-crate="actix_session" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.65.0-nightly (060e47f74 2022-08-23)" ></div></body></html>