Struct actix_session::CookieSession

pub struct CookieSession(_);

Use cookies for session storage.

CookieSession creates sessions which are limited to storing fewer than 4000 bytes of data (as the payload must fit into a single cookie). An Internal Server Error is generated if the session contains more than 4000 bytes.

A cookie may have a security policy of signed or private. Each has a respective CookieSession constructor.

A signed cookie is stored on the client as plaintext alongside a signature such that the cookie may be viewed but not modified by the client.

A private cookie is stored on the client as encrypted text such that it may neither be viewed nor modified by the client.

The constructors take a key as an argument. This is the private key for cookie session - when this value is changed, all session data is lost. The constructors will panic if the key is less than 32 bytes in length.

The backend relies on cookie crate to create and read cookies. By default all cookies are percent encoded, but certain symbols may cause troubles when reading cookie, if they are not properly percent encoded.

Examples

use actix_session::CookieSession;
use actix_web::{web, App, HttpResponse, HttpServer};

let app = App::new().wrap(
    CookieSession::signed(&[0; 32])
        .domain("www.rust-lang.org")
        .name("actix_session")
        .path("/")
        .secure(true))
    .service(web::resource("/").to(|| HttpResponse::Ok()));

Implementations

impl CookieSession

pub fn signed(key: &[u8]) -> CookieSession

Construct new signed CookieSession instance.

Panics if key length is less than 32 bytes.

pub fn private(key: &[u8]) -> CookieSession

Construct new private CookieSession instance.

Panics if key length is less than 32 bytes.

pub fn path<S: Into<String>>(self, value: S) -> CookieSession

Sets the path field in the session cookie being built.

pub fn name<S: Into<String>>(self, value: S) -> CookieSession

Sets the name field in the session cookie being built.

pub fn domain<S: Into<String>>(self, value: S) -> CookieSession

Sets the domain field in the session cookie being built.

pub fn lazy(self, value: bool) -> CookieSession

When true, prevents adding session cookies to responses until the session contains data. Default is false.

Useful when trying to comply with laws that require consent for setting cookies.

pub fn secure(self, value: bool) -> CookieSession

Sets the secure field in the session cookie being built.

If the secure field is set, a cookie will only be transmitted when the connection is secure - i.e. https

pub fn http_only(self, value: bool) -> CookieSession

Sets the http_only field in the session cookie being built.

pub fn same_site(self, value: SameSite) -> CookieSession

Sets the same_site field in the session cookie being built.

pub fn max_age(self, seconds: i64) -> CookieSession

Sets the max-age field in the session cookie being built.

pub fn max_age_time(self, value: Duration) -> CookieSession

Sets the max-age field in the session cookie being built.

pub fn expires_in(self, seconds: i64) -> CookieSession

Sets the expires field in the session cookie being built.

pub fn expires_in_time(self, value: Duration) -> CookieSession

Sets the expires field in the session cookie being built.

Trait Implementations

impl<S, B> Transform<S, ServiceRequest> for CookieSession where
    S: Service<ServiceRequest, Response = ServiceResponse<B>>,
    S::Future: 'static,
    S::Error: 'static,
    B: MessageBody + 'static,
    B::Error: StdError, 

type Response = ServiceResponse

Responses produced by the service.

type Error = S::Error

Errors produced by the service.

type InitError = ()

Errors produced while building a transform service.

type Transform = CookieSessionMiddleware<S>

The TransformService value created by this factory

type Future = Ready<Result<Self::Transform, Self::InitError>>

The future response value.

fn new_transform(&self, service: S) -> Self::Future

Creates and returns a new Transform component, asynchronously