Struct actix_session::storage::CookieSessionStore

source · 
#[non_exhaustive]
pub struct CookieSessionStore;
Expand description

Use the session key, stored in the session cookie, as storage backend for the session state.

use actix_web::{cookie::Key, web, App, HttpServer, HttpResponse, Error};
use actix_session::{SessionMiddleware, storage::CookieSessionStore};

// The secret key would usually be read from a configuration file/environment variables.
fn get_secret_key() -> Key {
    // [...]
}

#[actix_web::main]
async fn main() -> std::io::Result<()> {
    let secret_key = get_secret_key();
    HttpServer::new(move ||
            App::new()
            .wrap(SessionMiddleware::new(CookieSessionStore::default(), secret_key.clone()))
            .default_service(web::to(|| HttpResponse::Ok())))
        .bind(("127.0.0.1", 8080))?
        .run()
        .await
}

§Limitations

Cookies are subject to size limits so we require session keys to be shorter than 4096 bytes. This translates into a limit on the maximum size of the session state when using cookies as storage backend.

The session cookie can always be inspected by end users via the developer tools exposed by their browsers. We strongly recommend setting the policy to CookieContentSecurity::Private when using cookies as storage backend.

There is no way to invalidate a session before its natural expiry when using cookies as the storage backend.

Trait Implementations§

source§

impl Default for CookieSessionStore

source§

fn default() -> CookieSessionStore

Returns the “default value” for a type. Read more
source§

impl SessionStore for CookieSessionStore

source§

async fn load( &self, session_key: &SessionKey ) -> Result<Option<HashMap<String, String>>, LoadError>

Loads the session state associated to a session key.
source§

async fn save( &self, session_state: HashMap<String, String>, _ttl: &Duration ) -> Result<SessionKey, SaveError>

Persist the session state for a newly created session. Read more
source§

async fn update( &self, _session_key: SessionKey, session_state: HashMap<String, String>, ttl: &Duration ) -> Result<SessionKey, UpdateError>

Updates the session state associated to a pre-existing session key.
source§

async fn update_ttl( &self, _session_key: &SessionKey, _ttl: &Duration ) -> Result<(), Error>

Updates the TTL of the session state associated to a pre-existing session key.
source§

async fn delete(&self, _session_key: &SessionKey) -> Result<(), Error>

Deletes a session from the store.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided [Span], returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a [WithDispatch] wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a [WithDispatch] wrapper. Read more