<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `actix-session/src/lib.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>lib.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" href="../../normalize.css"><link rel="stylesheet" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" href="../../ayu.css" disabled><link rel="stylesheet" href="../../dark.css" disabled><link rel="stylesheet" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="icon" href="https://actix.rs/favicon.ico"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle">☰</button><a class="sidebar-logo" href="../../actix_session/index.html"><div class="logo-container"><img src="https://actix.rs/img/logo.png" alt="logo"></div></a><h2 class="location"></h2></nav><nav class="sidebar"><a class="sidebar-logo" href="../../actix_session/index.html"><div class="logo-container"> <img src="https://actix.rs/img/logo.png" alt="logo"></div></a></nav><main><div class="width-limiter"><div class="sub-container"><a class="sub-logo-container" href="../../actix_session/index.html"> <img src="https://actix.rs/img/logo.png" alt="logo"></a><nav class="sub"><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press ‘S’ to search, ‘?’ for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><button type="button">?</button></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav></div><section id="main-content" class="content"><div class="example-wrap"><pre class="line-numbers"><span id="1">1</span> <span id="2">2</span> <span id="3">3</span> <span id="4">4</span> <span id="5">5</span> <span id="6">6</span> <span id="7">7</span> <span id="8">8</span> <span id="9">9</span> <span id="10">10</span> <span id="11">11</span> <span id="12">12</span> <span id="13">13</span> <span id="14">14</span> <span id="15">15</span> <span id="16">16</span> <span id="17">17</span> <span id="18">18</span> <span id="19">19</span> <span id="20">20</span> <span id="21">21</span> <span id="22">22</span> <span id="23">23</span> <span id="24">24</span> <span id="25">25</span> <span id="26">26</span> <span id="27">27</span> <span id="28">28</span> <span id="29">29</span> <span id="30">30</span> <span id="31">31</span> <span id="32">32</span> <span id="33">33</span> <span id="34">34</span> <span id="35">35</span> <span id="36">36</span> <span id="37">37</span> <span id="38">38</span> <span id="39">39</span> <span id="40">40</span> <span id="41">41</span> <span id="42">42</span> <span id="43">43</span> <span id="44">44</span> <span id="45">45</span> <span id="46">46</span> <span id="47">47</span> <span id="48">48</span> <span id="49">49</span> <span id="50">50</span> <span id="51">51</span> <span id="52">52</span> <span id="53">53</span> <span id="54">54</span> <span id="55">55</span> <span id="56">56</span> <span id="57">57</span> <span id="58">58</span> <span id="59">59</span> <span id="60">60</span> <span id="61">61</span> <span id="62">62</span> <span id="63">63</span> <span id="64">64</span> <span id="65">65</span> <span id="66">66</span> <span id="67">67</span> <span id="68">68</span> <span id="69">69</span> <span id="70">70</span> <span id="71">71</span> <span id="72">72</span> <span id="73">73</span> <span id="74">74</span> <span id="75">75</span> <span id="76">76</span> <span id="77">77</span> <span id="78">78</span> <span id="79">79</span> <span id="80">80</span> <span id="81">81</span> <span id="82">82</span> <span id="83">83</span> <span id="84">84</span> <span id="85">85</span> <span id="86">86</span> <span id="87">87</span> <span id="88">88</span> <span id="89">89</span> <span id="90">90</span> <span id="91">91</span> <span id="92">92</span> <span id="93">93</span> <span id="94">94</span> <span id="95">95</span> <span id="96">96</span> <span id="97">97</span> <span id="98">98</span> <span id="99">99</span> <span id="100">100</span> <span id="101">101</span> <span id="102">102</span> <span id="103">103</span> <span id="104">104</span> <span id="105">105</span> <span id="106">106</span> <span id="107">107</span> <span id="108">108</span> <span id="109">109</span> <span id="110">110</span> <span id="111">111</span> <span id="112">112</span> <span id="113">113</span> <span id="114">114</span> <span id="115">115</span> <span id="116">116</span> <span id="117">117</span> <span id="118">118</span> <span id="119">119</span> <span id="120">120</span> <span id="121">121</span> <span id="122">122</span> <span id="123">123</span> <span id="124">124</span> <span id="125">125</span> <span id="126">126</span> <span id="127">127</span> <span id="128">128</span> <span id="129">129</span> <span id="130">130</span> <span id="131">131</span> <span id="132">132</span> <span id="133">133</span> <span id="134">134</span> <span id="135">135</span> <span id="136">136</span> <span id="137">137</span> <span id="138">138</span> <span id="139">139</span> <span id="140">140</span> <span id="141">141</span> <span id="142">142</span> <span id="143">143</span> <span id="144">144</span> <span id="145">145</span> <span id="146">146</span> <span id="147">147</span> <span id="148">148</span> <span id="149">149</span> <span id="150">150</span> <span id="151">151</span> <span id="152">152</span> <span id="153">153</span> <span id="154">154</span> <span id="155">155</span> <span id="156">156</span> <span id="157">157</span> <span id="158">158</span> <span id="159">159</span> <span id="160">160</span> <span id="161">161</span> <span id="162">162</span> <span id="163">163</span> <span id="164">164</span> <span id="165">165</span> <span id="166">166</span> <span id="167">167</span> <span id="168">168</span> <span id="169">169</span> <span id="170">170</span> <span id="171">171</span> <span id="172">172</span> <span id="173">173</span> <span id="174">174</span> <span id="175">175</span> <span id="176">176</span> <span id="177">177</span> <span id="178">178</span> <span id="179">179</span> <span id="180">180</span> <span id="181">181</span> <span id="182">182</span> <span id="183">183</span> <span id="184">184</span> <span id="185">185</span> <span id="186">186</span> <span id="187">187</span> <span id="188">188</span> <span id="189">189</span> <span id="190">190</span> <span id="191">191</span> <span id="192">192</span> <span id="193">193</span> <span id="194">194</span> <span id="195">195</span> <span id="196">196</span> <span id="197">197</span> <span id="198">198</span> <span id="199">199</span> <span id="200">200</span> <span id="201">201</span> <span id="202">202</span> <span id="203">203</span> <span id="204">204</span> <span id="205">205</span> <span id="206">206</span> <span id="207">207</span> <span id="208">208</span> <span id="209">209</span> <span id="210">210</span> <span id="211">211</span> <span id="212">212</span> <span id="213">213</span> <span id="214">214</span> <span id="215">215</span> <span id="216">216</span> <span id="217">217</span> <span id="218">218</span> <span id="219">219</span> <span id="220">220</span> <span id="221">221</span> <span id="222">222</span> <span id="223">223</span> <span id="224">224</span> <span id="225">225</span> <span id="226">226</span> <span id="227">227</span> <span id="228">228</span> <span id="229">229</span> <span id="230">230</span> <span id="231">231</span> <span id="232">232</span> <span id="233">233</span> <span id="234">234</span> <span id="235">235</span> <span id="236">236</span> <span id="237">237</span> <span id="238">238</span> <span id="239">239</span> <span id="240">240</span> <span id="241">241</span> <span id="242">242</span> <span id="243">243</span> <span id="244">244</span> <span id="245">245</span> <span id="246">246</span> <span id="247">247</span> <span id="248">248</span> <span id="249">249</span> <span id="250">250</span> <span id="251">251</span> <span id="252">252</span> <span id="253">253</span> <span id="254">254</span> <span id="255">255</span> <span id="256">256</span> <span id="257">257</span> <span id="258">258</span> <span id="259">259</span> <span id="260">260</span> <span id="261">261</span> <span id="262">262</span> <span id="263">263</span> <span id="264">264</span> <span id="265">265</span> <span id="266">266</span> <span id="267">267</span> <span id="268">268</span> <span id="269">269</span> <span id="270">270</span> <span id="271">271</span> <span id="272">272</span> <span id="273">273</span> <span id="274">274</span> <span id="275">275</span> <span id="276">276</span> <span id="277">277</span> <span id="278">278</span> <span id="279">279</span> <span id="280">280</span> <span id="281">281</span> <span id="282">282</span> <span id="283">283</span> <span id="284">284</span> <span id="285">285</span> <span id="286">286</span> <span id="287">287</span> <span id="288">288</span> <span id="289">289</span> <span id="290">290</span> <span id="291">291</span> <span id="292">292</span> <span id="293">293</span> <span id="294">294</span> <span id="295">295</span> <span id="296">296</span> <span id="297">297</span> <span id="298">298</span> <span id="299">299</span> <span id="300">300</span> <span id="301">301</span> <span id="302">302</span> <span id="303">303</span> <span id="304">304</span> <span id="305">305</span> <span id="306">306</span> <span id="307">307</span> <span id="308">308</span> <span id="309">309</span> <span id="310">310</span> <span id="311">311</span> <span id="312">312</span> <span id="313">313</span> <span id="314">314</span> <span id="315">315</span> <span id="316">316</span> <span id="317">317</span> <span id="318">318</span> <span id="319">319</span> <span id="320">320</span> <span id="321">321</span> <span id="322">322</span> <span id="323">323</span> <span id="324">324</span> <span id="325">325</span> <span id="326">326</span> <span id="327">327</span> <span id="328">328</span> <span id="329">329</span> <span id="330">330</span> <span id="331">331</span> <span id="332">332</span> <span id="333">333</span> <span id="334">334</span> <span id="335">335</span> <span id="336">336</span> <span id="337">337</span> <span id="338">338</span> <span id="339">339</span> <span id="340">340</span> <span id="341">341</span> <span id="342">342</span> <span id="343">343</span> <span id="344">344</span> <span id="345">345</span> <span id="346">346</span> <span id="347">347</span> <span id="348">348</span> <span id="349">349</span> <span id="350">350</span> <span id="351">351</span> <span id="352">352</span> <span id="353">353</span> <span id="354">354</span> <span id="355">355</span> <span id="356">356</span> <span id="357">357</span> <span id="358">358</span> <span id="359">359</span> <span id="360">360</span> <span id="361">361</span> <span id="362">362</span> <span id="363">363</span> <span id="364">364</span> <span id="365">365</span> <span id="366">366</span> <span id="367">367</span> <span id="368">368</span> <span id="369">369</span> <span id="370">370</span> <span id="371">371</span> <span id="372">372</span> <span id="373">373</span> <span id="374">374</span> <span id="375">375</span> <span id="376">376</span> <span id="377">377</span> <span id="378">378</span> <span id="379">379</span> <span id="380">380</span> <span id="381">381</span> <span id="382">382</span> <span id="383">383</span> <span id="384">384</span> <span id="385">385</span> <span id="386">386</span> <span id="387">387</span> <span id="388">388</span> <span id="389">389</span> <span id="390">390</span> <span id="391">391</span> <span id="392">392</span> <span id="393">393</span> <span id="394">394</span> <span id="395">395</span> <span id="396">396</span> <span id="397">397</span> <span id="398">398</span> <span id="399">399</span> <span id="400">400</span> <span id="401">401</span> <span id="402">402</span> <span id="403">403</span> <span id="404">404</span> <span id="405">405</span> <span id="406">406</span> <span id="407">407</span> <span id="408">408</span> <span id="409">409</span> <span id="410">410</span> <span id="411">411</span> <span id="412">412</span> <span id="413">413</span> <span id="414">414</span> <span id="415">415</span> <span id="416">416</span> <span id="417">417</span> <span id="418">418</span> <span id="419">419</span> <span id="420">420</span> <span id="421">421</span> <span id="422">422</span> <span id="423">423</span> <span id="424">424</span> <span id="425">425</span> <span id="426">426</span> <span id="427">427</span> <span id="428">428</span> <span id="429">429</span> <span id="430">430</span> <span id="431">431</span> <span id="432">432</span> <span id="433">433</span> <span id="434">434</span> <span id="435">435</span> <span id="436">436</span> <span id="437">437</span> <span id="438">438</span> <span id="439">439</span> <span id="440">440</span> <span id="441">441</span> <span id="442">442</span> <span id="443">443</span> <span id="444">444</span> <span id="445">445</span> <span id="446">446</span> <span id="447">447</span> <span id="448">448</span> <span id="449">449</span> <span id="450">450</span> <span id="451">451</span> <span id="452">452</span> <span id="453">453</span> <span id="454">454</span> <span id="455">455</span> <span id="456">456</span> <span id="457">457</span> <span id="458">458</span> <span id="459">459</span> <span id="460">460</span> <span id="461">461</span> <span id="462">462</span> <span id="463">463</span> <span id="464">464</span> <span id="465">465</span> <span id="466">466</span> <span id="467">467</span> <span id="468">468</span> <span id="469">469</span> <span id="470">470</span> <span id="471">471</span> <span id="472">472</span> <span id="473">473</span> <span id="474">474</span> <span id="475">475</span> <span id="476">476</span> <span id="477">477</span> <span id="478">478</span> <span id="479">479</span> <span id="480">480</span> <span id="481">481</span> <span id="482">482</span> <span id="483">483</span> <span id="484">484</span> <span id="485">485</span> <span id="486">486</span> <span id="487">487</span> <span id="488">488</span> <span id="489">489</span> <span id="490">490</span> <span id="491">491</span> <span id="492">492</span> <span id="493">493</span> <span id="494">494</span> <span id="495">495</span> <span id="496">496</span> <span id="497">497</span> <span id="498">498</span> <span id="499">499</span> <span id="500">500</span> <span id="501">501</span> <span id="502">502</span> <span id="503">503</span> <span id="504">504</span> <span id="505">505</span> <span id="506">506</span> <span id="507">507</span> <span id="508">508</span> <span id="509">509</span> <span id="510">510</span> <span id="511">511</span> <span id="512">512</span> <span id="513">513</span> <span id="514">514</span> <span id="515">515</span> <span id="516">516</span> <span id="517">517</span> <span id="518">518</span> <span id="519">519</span> <span id="520">520</span> <span id="521">521</span> <span id="522">522</span> <span id="523">523</span> <span id="524">524</span> <span id="525">525</span> <span id="526">526</span> <span id="527">527</span> <span id="528">528</span> <span id="529">529</span> <span id="530">530</span> <span id="531">531</span> <span id="532">532</span> <span id="533">533</span> <span id="534">534</span> <span id="535">535</span> <span id="536">536</span> <span id="537">537</span> <span id="538">538</span> <span id="539">539</span> <span id="540">540</span> <span id="541">541</span> <span id="542">542</span> <span id="543">543</span> <span id="544">544</span> <span id="545">545</span> <span id="546">546</span> <span id="547">547</span> <span id="548">548</span> <span id="549">549</span> <span id="550">550</span> <span id="551">551</span> <span id="552">552</span> <span id="553">553</span> <span id="554">554</span> <span id="555">555</span> <span id="556">556</span> <span id="557">557</span> <span id="558">558</span> <span id="559">559</span> <span id="560">560</span> <span id="561">561</span> <span id="562">562</span> <span id="563">563</span> <span id="564">564</span> <span id="565">565</span> <span id="566">566</span> <span id="567">567</span> <span id="568">568</span> <span id="569">569</span> <span id="570">570</span> <span id="571">571</span> <span id="572">572</span> <span id="573">573</span> <span id="574">574</span> <span id="575">575</span> <span id="576">576</span> <span id="577">577</span> <span id="578">578</span> <span id="579">579</span> <span id="580">580</span> <span id="581">581</span> <span id="582">582</span> <span id="583">583</span> <span id="584">584</span> <span id="585">585</span> <span id="586">586</span> <span id="587">587</span> <span id="588">588</span> <span id="589">589</span> <span id="590">590</span> <span id="591">591</span> <span id="592">592</span> <span id="593">593</span> <span id="594">594</span> <span id="595">595</span> <span id="596">596</span> <span id="597">597</span> <span id="598">598</span> <span id="599">599</span> <span id="600">600</span> <span id="601">601</span> <span id="602">602</span> <span id="603">603</span> <span id="604">604</span> <span id="605">605</span> <span id="606">606</span> <span id="607">607</span> <span id="608">608</span> <span id="609">609</span> <span id="610">610</span> <span id="611">611</span> <span id="612">612</span> <span id="613">613</span> <span id="614">614</span> <span id="615">615</span> <span id="616">616</span> <span id="617">617</span> <span id="618">618</span> <span id="619">619</span> <span id="620">620</span> <span id="621">621</span> <span id="622">622</span> <span id="623">623</span> <span id="624">624</span> <span id="625">625</span> <span id="626">626</span> <span id="627">627</span> <span id="628">628</span> <span id="629">629</span> <span id="630">630</span> <span id="631">631</span> <span id="632">632</span> <span id="633">633</span> <span id="634">634</span> <span id="635">635</span> <span id="636">636</span> <span id="637">637</span> <span id="638">638</span> <span id="639">639</span> <span id="640">640</span> <span id="641">641</span> <span id="642">642</span> <span id="643">643</span> <span id="644">644</span> <span id="645">645</span> <span id="646">646</span> <span id="647">647</span> <span id="648">648</span> <span id="649">649</span> <span id="650">650</span> <span id="651">651</span> <span id="652">652</span> <span id="653">653</span> <span id="654">654</span> <span id="655">655</span> <span id="656">656</span> <span id="657">657</span> <span id="658">658</span> <span id="659">659</span> <span id="660">660</span> <span id="661">661</span> <span id="662">662</span> <span id="663">663</span> <span id="664">664</span> <span id="665">665</span> <span id="666">666</span> <span id="667">667</span> <span id="668">668</span> <span id="669">669</span> <span id="670">670</span> <span id="671">671</span> <span id="672">672</span> <span id="673">673</span> <span id="674">674</span> <span id="675">675</span> <span id="676">676</span> <span id="677">677</span> <span id="678">678</span> <span id="679">679</span> <span id="680">680</span> <span id="681">681</span> <span id="682">682</span> <span id="683">683</span> <span id="684">684</span> <span id="685">685</span> <span id="686">686</span> <span id="687">687</span> <span id="688">688</span> <span id="689">689</span> <span id="690">690</span> <span id="691">691</span> <span id="692">692</span> <span id="693">693</span> <span id="694">694</span> <span id="695">695</span> <span id="696">696</span> <span id="697">697</span> <span id="698">698</span> <span id="699">699</span> <span id="700">700</span> <span id="701">701</span> <span id="702">702</span> <span id="703">703</span> <span id="704">704</span> <span id="705">705</span> <span id="706">706</span> <span id="707">707</span> <span id="708">708</span> <span id="709">709</span> <span id="710">710</span> <span id="711">711</span> <span id="712">712</span> <span id="713">713</span> <span id="714">714</span> <span id="715">715</span> <span id="716">716</span> <span id="717">717</span> <span id="718">718</span> <span id="719">719</span> <span id="720">720</span> <span id="721">721</span> <span id="722">722</span> <span id="723">723</span> <span id="724">724</span> <span id="725">725</span> <span id="726">726</span> <span id="727">727</span> <span id="728">728</span> <span id="729">729</span> <span id="730">730</span> <span id="731">731</span> <span id="732">732</span> <span id="733">733</span> <span id="734">734</span> <span id="735">735</span> <span id="736">736</span> </pre><pre class="rust"><code><span class="doccomment">//! Session management for Actix Web. //! //! The HTTP protocol, at a first glance, is stateless: the client sends a request, the server //! parses its content, performs some processing and returns a response. The outcome is only //! influenced by the provided inputs (i.e. the request content) and whatever state the server //! queries while performing its processing. //! //! Stateless systems are easier to reason about, but they are not quite as powerful as we need them //! to be - e.g. how do you authenticate a user? The user would be forced to authenticate **for //! every single request**. That is, for example, how 'Basic' Authentication works. While it may //! work for a machine user (i.e. an API client), it is impractical for a person—you do not want a //! login prompt on every single page you navigate to! //! //! There is a solution - **sessions**. Using sessions the server can attach state to a set of //! requests coming from the same client. They are built on top of cookies - the server sets a //! cookie in the HTTP response (`Set-Cookie` header), the client (e.g. the browser) will store the //! cookie and play it back to the server when sending new requests (using the `Cookie` header). //! //! We refer to the cookie used for sessions as a **session cookie**. Its content is called //! **session key** (or **session ID**), while the state attached to the session is referred to as //! **session state**. //! //! `actix-session` provides an easy-to-use framework to manage sessions in applications built on //! top of Actix Web. [`SessionMiddleware`] is the middleware underpinning the functionality //! provided by `actix-session`; it takes care of all the session cookie handling and instructs the //! **storage backend** to create/delete/update the session state based on the operations performed //! against the active [`Session`]. //! //! `actix-session` provides some built-in storage backends: ([`CookieSessionStore`], //! [`RedisSessionStore`], and [`RedisActorSessionStore`]) - you can create a custom storage backend //! by implementing the [`SessionStore`] trait. //! //! Further reading on sessions: //! - [RFC6265](https://datatracker.ietf.org/doc/html/rfc6265); //! - [OWASP's session management cheat-sheet](https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html). //! //! # Getting started //! To start using sessions in your Actix Web application you must register [`SessionMiddleware`] //! as a middleware on your `App`: //! //! ```no_run //! use actix_web::{web, App, HttpServer, HttpResponse, Error}; //! use actix_session::{Session, SessionMiddleware, storage::RedisActorSessionStore}; //! use actix_web::cookie::Key; //! //! #[actix_web::main] //! async fn main() -> std::io::Result<()> { //! // The secret key would usually be read from a configuration file/environment variables. //! let secret_key = Key::generate(); //! let redis_connection_string = "127.0.0.1:6379"; //! HttpServer::new(move || //! App::new() //! // Add session management to your application using Redis for session state storage //! .wrap( //! SessionMiddleware::new( //! RedisActorSessionStore::new(redis_connection_string), //! secret_key.clone() //! ) //! ) //! .default_service(web::to(|| HttpResponse::Ok()))) //! .bind(("127.0.0.1", 8080))? //! .run() //! .await //! } //! ``` //! //! The session state can be accessed and modified by your request handlers using the [`Session`] //! extractor. Note that this doesn't work in the stream of a streaming response. //! //! ```no_run //! use actix_web::Error; //! use actix_session::Session; //! //! fn index(session: Session) -> Result<&'static str, Error> { //! // access the session state //! if let Some(count) = session.get::<i32>("counter")? { //! println!("SESSION value: {}", count); //! // modify the session state //! session.insert("counter", count + 1)?; //! } else { //! session.insert("counter", 1)?; //! } //! //! Ok("Welcome!") //! } //! ``` //! //! # Choosing A Backend //! //! By default, `actix-session` does not provide any storage backend to retrieve and save the state //! attached to your sessions. You can enable: //! //! - a purely cookie-based "backend", [`CookieSessionStore`], using the `cookie-session` feature //! flag. //! //! ```toml //! [dependencies] //! # ... //! actix-session = { version = "...", features = ["cookie-session"] } //! ``` //! //! - a Redis-based backend via [`actix-redis`](https://docs.rs/acitx-redis), //! [`RedisActorSessionStore`], using the `redis-actor-session` feature flag. //! //! ```toml //! [dependencies] //! # ... //! actix-session = { version = "...", features = ["redis-actor-session"] } //! ``` //! //! - a Redis-based backend via [`redis-rs`](https://docs.rs/redis-rs), [`RedisSessionStore`], using //! the `redis-rs-session` feature flag. //! //! ```toml //! [dependencies] //! # ... //! actix-session = { version = "...", features = ["redis-rs-session"] } //! ``` //! //! Add the `redis-rs-tls-session` feature flag if you want to connect to Redis using a secured //! connection: //! //! ```toml //! [dependencies] //! # ... //! actix-session = { version = "...", features = ["redis-rs-session", "redis-rs-tls-session"] } //! ``` //! //! You can implement your own session storage backend using the [`SessionStore`] trait. //! //! [`SessionStore`]: storage::SessionStore //! [`CookieSessionStore`]: storage::CookieSessionStore //! [`RedisSessionStore`]: storage::RedisSessionStore //! [`RedisActorSessionStore`]: storage::RedisActorSessionStore </span><span class="attribute">#![forbid(unsafe_code)] #![deny(rust_2018_idioms, nonstandard_style)] #![warn(future_incompatible, missing_docs)] #![doc(html_logo_url = <span class="string">"https://actix.rs/img/logo.png"</span>)] #![doc(html_favicon_url = <span class="string">"https://actix.rs/favicon.ico"</span>)] #![cfg_attr(docsrs, feature(doc_cfg))] </span><span class="kw">pub mod </span>config; <span class="kw">mod </span>middleware; <span class="kw">mod </span>session; <span class="kw">mod </span>session_ext; <span class="kw">pub mod </span>storage; <span class="kw">pub use </span><span class="self">self</span>::{ middleware::SessionMiddleware, session::{Session, SessionGetError, SessionInsertError, SessionStatus}, session_ext::SessionExt, }; <span class="attribute">#[cfg(test)] </span><span class="kw">pub mod </span>test_helpers { <span class="kw">use </span>actix_web::cookie::Key; <span class="kw">use crate</span>::{config::CookieContentSecurity, storage::SessionStore}; <span class="doccomment">/// Generate a random cookie signing/encryption key. </span><span class="kw">pub fn </span>key() -> Key { Key::generate() } <span class="doccomment">/// A ready-to-go acceptance test suite to verify that sessions behave as expected /// regardless of the underlying session store. /// /// `is_invalidation_supported` must be set to `true` if the backend supports /// "remembering" that a session has been invalidated (e.g. by logging out). /// It should be to `false` if the backend allows multiple cookies to be active /// at the same time (e.g. cookie store backend). </span><span class="kw">pub async fn </span>acceptance_test_suite<F, Store>(store_builder: F, is_invalidation_supported: bool) <span class="kw">where </span>Store: SessionStore + <span class="lifetime">'static</span>, F: Fn() -> Store + Clone + Send + <span class="lifetime">'static</span>, { <span class="kw">for </span>policy <span class="kw">in </span><span class="kw-2">&</span>[ CookieContentSecurity::Signed, CookieContentSecurity::Private, ] { <span class="macro">println!</span>(<span class="string">"Using {:?} as cookie content security policy."</span>, policy); acceptance_tests::basic_workflow(store_builder.clone(), <span class="kw-2">*</span>policy).<span class="kw">await</span>; acceptance_tests::expiration_is_refreshed_on_changes(store_builder.clone(), <span class="kw-2">*</span>policy) .<span class="kw">await</span>; acceptance_tests::expiration_is_always_refreshed_if_configured_to_refresh_on_every_request( store_builder.clone(), <span class="kw-2">*</span>policy, ) .<span class="kw">await</span>; acceptance_tests::complex_workflow( store_builder.clone(), is_invalidation_supported, <span class="kw-2">*</span>policy, ) .<span class="kw">await</span>; acceptance_tests::guard(store_builder.clone(), <span class="kw-2">*</span>policy).<span class="kw">await</span>; } } <span class="kw">mod </span>acceptance_tests { <span class="kw">use </span>actix_web::{ cookie::time, dev::{Service, ServiceResponse}, guard, middleware, test, web::{<span class="self">self</span>, get, post, resource, Bytes}, App, HttpResponse, <span class="prelude-ty">Result</span>, }; <span class="kw">use </span>serde::{Deserialize, Serialize}; <span class="kw">use </span>serde_json::json; <span class="kw">use crate</span>::{ config::{CookieContentSecurity, PersistentSession, TtlExtensionPolicy}, storage::SessionStore, test_helpers::key, Session, SessionExt, SessionMiddleware, }; <span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>basic_workflow<F, Store>( store_builder: F, policy: CookieContentSecurity, ) <span class="kw">where </span>Store: SessionStore + <span class="lifetime">'static</span>, F: Fn() -> Store + Clone + Send + <span class="lifetime">'static</span>, { <span class="kw">let </span>app = test::init_service( App::new() .wrap( SessionMiddleware::builder(store_builder(), key()) .cookie_path(<span class="string">"/test/"</span>.into()) .cookie_name(<span class="string">"actix-test"</span>.into()) .cookie_domain(<span class="prelude-val">Some</span>(<span class="string">"localhost"</span>.into())) .cookie_content_security(policy) .session_lifecycle( PersistentSession::default() .session_ttl(time::Duration::seconds(<span class="number">100</span>)), ) .build(), ) .service(web::resource(<span class="string">"/"</span>).to(|ses: Session| <span class="kw">async move </span>{ <span class="kw">let _ </span>= ses.insert(<span class="string">"counter"</span>, <span class="number">100</span>); <span class="string">"test" </span>})) .service(web::resource(<span class="string">"/test/"</span>).to(|ses: Session| <span class="kw">async move </span>{ <span class="kw">let </span>val: usize = ses.get(<span class="string">"counter"</span>).unwrap().unwrap(); <span class="macro">format!</span>(<span class="string">"counter: {}"</span>, val) })), ) .<span class="kw">await</span>; <span class="kw">let </span>request = test::TestRequest::get().to_request(); <span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie = response.get_cookie(<span class="string">"actix-test"</span>).unwrap().clone(); <span class="macro">assert_eq!</span>(cookie.path().unwrap(), <span class="string">"/test/"</span>); <span class="kw">let </span>request = test::TestRequest::with_uri(<span class="string">"/test/"</span>) .cookie(cookie) .to_request(); <span class="kw">let </span>body = test::call_and_read_body(<span class="kw-2">&</span>app, request).<span class="kw">await</span>; <span class="macro">assert_eq!</span>(body, Bytes::from_static(<span class="string">b"counter: 100"</span>)); } <span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>expiration_is_always_refreshed_if_configured_to_refresh_on_every_request< F, Store, >( store_builder: F, policy: CookieContentSecurity, ) <span class="kw">where </span>Store: SessionStore + <span class="lifetime">'static</span>, F: Fn() -> Store + Clone + Send + <span class="lifetime">'static</span>, { <span class="kw">let </span>session_ttl = time::Duration::seconds(<span class="number">60</span>); <span class="kw">let </span>app = test::init_service( App::new() .wrap( SessionMiddleware::builder(store_builder(), key()) .cookie_content_security(policy) .session_lifecycle( PersistentSession::default() .session_ttl(session_ttl) .session_ttl_extension_policy( TtlExtensionPolicy::OnEveryRequest, ), ) .build(), ) .service(web::resource(<span class="string">"/"</span>).to(|ses: Session| <span class="kw">async move </span>{ <span class="kw">let _ </span>= ses.insert(<span class="string">"counter"</span>, <span class="number">100</span>); <span class="string">"test" </span>})) .service(web::resource(<span class="string">"/test/"</span>).to(|| <span class="kw">async move </span>{ <span class="string">"no-changes-in-session" </span>})), ) .<span class="kw">await</span>; <span class="comment">// Create session </span><span class="kw">let </span>request = test::TestRequest::get().to_request(); <span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_1 = response.get_cookie(<span class="string">"id"</span>).expect(<span class="string">"Cookie is set"</span>); <span class="macro">assert_eq!</span>(cookie_1.max_age(), <span class="prelude-val">Some</span>(session_ttl)); <span class="comment">// Fire a request that doesn't touch the session state, check // that the session cookie is present and its expiry is set to the maximum we configured. </span><span class="kw">let </span>request = test::TestRequest::with_uri(<span class="string">"/test/"</span>) .cookie(cookie_1) .to_request(); <span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_2 = response.get_cookie(<span class="string">"id"</span>).expect(<span class="string">"Cookie is set"</span>); <span class="macro">assert_eq!</span>(cookie_2.max_age(), <span class="prelude-val">Some</span>(session_ttl)); } <span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>expiration_is_refreshed_on_changes<F, Store>( store_builder: F, policy: CookieContentSecurity, ) <span class="kw">where </span>Store: SessionStore + <span class="lifetime">'static</span>, F: Fn() -> Store + Clone + Send + <span class="lifetime">'static</span>, { <span class="kw">let </span>session_ttl = time::Duration::seconds(<span class="number">60</span>); <span class="kw">let </span>app = test::init_service( App::new() .wrap( SessionMiddleware::builder(store_builder(), key()) .cookie_content_security(policy) .session_lifecycle( PersistentSession::default().session_ttl(session_ttl), ) .build(), ) .service(web::resource(<span class="string">"/"</span>).to(|ses: Session| <span class="kw">async move </span>{ <span class="kw">let _ </span>= ses.insert(<span class="string">"counter"</span>, <span class="number">100</span>); <span class="string">"test" </span>})) .service(web::resource(<span class="string">"/test/"</span>).to(|| <span class="kw">async move </span>{ <span class="string">"no-changes-in-session" </span>})), ) .<span class="kw">await</span>; <span class="kw">let </span>request = test::TestRequest::get().to_request(); <span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_1 = response.get_cookie(<span class="string">"id"</span>).expect(<span class="string">"Cookie is set"</span>); <span class="macro">assert_eq!</span>(cookie_1.max_age(), <span class="prelude-val">Some</span>(session_ttl)); <span class="kw">let </span>request = test::TestRequest::with_uri(<span class="string">"/test/"</span>) .cookie(cookie_1.clone()) .to_request(); <span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap(); <span class="macro">assert!</span>(response.response().cookies().next().is_none()); <span class="kw">let </span>request = test::TestRequest::get().cookie(cookie_1).to_request(); <span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_2 = response.get_cookie(<span class="string">"id"</span>).expect(<span class="string">"Cookie is set"</span>); <span class="macro">assert_eq!</span>(cookie_2.max_age(), <span class="prelude-val">Some</span>(session_ttl)); } <span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>guard<F, Store>(store_builder: F, policy: CookieContentSecurity) <span class="kw">where </span>Store: SessionStore + <span class="lifetime">'static</span>, F: Fn() -> Store + Clone + Send + <span class="lifetime">'static</span>, { <span class="kw">let </span>srv = actix_test::start(<span class="kw">move </span>|| { App::new() .wrap( SessionMiddleware::builder(store_builder(), key()) .cookie_name(<span class="string">"test-session"</span>.into()) .cookie_content_security(policy) .session_lifecycle( PersistentSession::default().session_ttl(time::Duration::days(<span class="number">7</span>)), ) .build(), ) .wrap(middleware::Logger::default()) .service(resource(<span class="string">"/"</span>).route(get().to(index))) .service(resource(<span class="string">"/do_something"</span>).route(post().to(do_something))) .service(resource(<span class="string">"/login"</span>).route(post().to(login))) .service(resource(<span class="string">"/logout"</span>).route(post().to(logout))) .service( web::scope(<span class="string">"/protected"</span>) .guard(guard::fn_guard(|g| { g.get_session().get::<String>(<span class="string">"user_id"</span>).unwrap().is_some() })) .service(resource(<span class="string">"/count"</span>).route(get().to(count))), ) }); <span class="comment">// Step 1: GET without session info // - response should be a unsuccessful status </span><span class="kw">let </span>req_1 = srv.get(<span class="string">"/protected/count"</span>).send(); <span class="kw">let </span>resp_1 = req_1.<span class="kw">await</span>.unwrap(); <span class="macro">assert!</span>(!resp_1.status().is_success()); <span class="comment">// Step 2: POST to login // - set-cookie actix-session will be in response (session cookie #1) // - updates session state: {"counter": 0, "user_id": "ferris"} </span><span class="kw">let </span>req_2 = srv.post(<span class="string">"/login"</span>).send_json(<span class="kw-2">&</span><span class="macro">json!</span>({<span class="string">"user_id"</span>: <span class="string">"ferris"</span>})); <span class="kw">let </span>resp_2 = req_2.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_1 = resp_2 .cookies() .unwrap() .clone() .into_iter() .find(|c| c.name() == <span class="string">"test-session"</span>) .unwrap(); <span class="comment">// Step 3: POST to do_something // - adds new session state: {"counter": 1, "user_id": "ferris" } // - set-cookie actix-session should be in response (session cookie #2) // - response should be: {"counter": 1, "user_id": None} </span><span class="kw">let </span>req_3 = srv.post(<span class="string">"/do_something"</span>).cookie(cookie_1.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_3 = req_3.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>result_3 = resp_3.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_3, IndexResponse { user_id: <span class="prelude-val">Some</span>(<span class="string">"ferris"</span>.into()), counter: <span class="number">1 </span>} ); <span class="kw">let </span>cookie_2 = resp_3 .cookies() .unwrap() .clone() .into_iter() .find(|c| c.name() == <span class="string">"test-session"</span>) .unwrap(); <span class="comment">// Step 4: GET using a existing user id // - response should be: {"counter": 3, "user_id": "ferris"} </span><span class="kw">let </span>req_4 = srv.get(<span class="string">"/protected/count"</span>).cookie(cookie_2.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_4 = req_4.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>result_4 = resp_4.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_4, IndexResponse { user_id: <span class="prelude-val">Some</span>(<span class="string">"ferris"</span>.into()), counter: <span class="number">1 </span>} ); } <span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>complex_workflow<F, Store>( store_builder: F, is_invalidation_supported: bool, policy: CookieContentSecurity, ) <span class="kw">where </span>Store: SessionStore + <span class="lifetime">'static</span>, F: Fn() -> Store + Clone + Send + <span class="lifetime">'static</span>, { <span class="kw">let </span>session_ttl = time::Duration::days(<span class="number">7</span>); <span class="kw">let </span>srv = actix_test::start(<span class="kw">move </span>|| { App::new() .wrap( SessionMiddleware::builder(store_builder(), key()) .cookie_name(<span class="string">"test-session"</span>.into()) .cookie_content_security(policy) .session_lifecycle( PersistentSession::default().session_ttl(session_ttl), ) .build(), ) .wrap(middleware::Logger::default()) .service(resource(<span class="string">"/"</span>).route(get().to(index))) .service(resource(<span class="string">"/do_something"</span>).route(post().to(do_something))) .service(resource(<span class="string">"/login"</span>).route(post().to(login))) .service(resource(<span class="string">"/logout"</span>).route(post().to(logout))) }); <span class="comment">// Step 1: GET index // - set-cookie actix-session should NOT be in response (session data is empty) // - response should be: {"counter": 0, "user_id": None} </span><span class="kw">let </span>req_1a = srv.get(<span class="string">"/"</span>).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_1 = req_1a.<span class="kw">await</span>.unwrap(); <span class="macro">assert!</span>(resp_1.cookies().unwrap().is_empty()); <span class="kw">let </span>result_1 = resp_1.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_1, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">0 </span>} ); <span class="comment">// Step 2: POST to do_something // - adds new session state in redis: {"counter": 1} // - set-cookie actix-session should be in response (session cookie #1) // - response should be: {"counter": 1, "user_id": None} </span><span class="kw">let </span>req_2 = srv.post(<span class="string">"/do_something"</span>).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_2 = req_2.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>result_2 = resp_2.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_2, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">1 </span>} ); <span class="kw">let </span>cookie_1 = resp_2 .cookies() .unwrap() .clone() .into_iter() .find(|c| c.name() == <span class="string">"test-session"</span>) .unwrap(); <span class="macro">assert_eq!</span>(cookie_1.max_age(), <span class="prelude-val">Some</span>(session_ttl)); <span class="comment">// Step 3: GET index, including session cookie #1 in request // - set-cookie will *not* be in response // - response should be: {"counter": 1, "user_id": None} </span><span class="kw">let </span>req_3 = srv.get(<span class="string">"/"</span>).cookie(cookie_1.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_3 = req_3.<span class="kw">await</span>.unwrap(); <span class="macro">assert!</span>(resp_3.cookies().unwrap().is_empty()); <span class="kw">let </span>result_3 = resp_3.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_3, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">1 </span>} ); <span class="comment">// Step 4: POST again to do_something, including session cookie #1 in request // - set-cookie will be in response (session cookie #2) // - updates session state: {"counter": 2} // - response should be: {"counter": 2, "user_id": None} </span><span class="kw">let </span>req_4 = srv.post(<span class="string">"/do_something"</span>).cookie(cookie_1.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_4 = req_4.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>result_4 = resp_4.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_4, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">2 </span>} ); <span class="kw">let </span>cookie_2 = resp_4 .cookies() .unwrap() .clone() .into_iter() .find(|c| c.name() == <span class="string">"test-session"</span>) .unwrap(); <span class="macro">assert_eq!</span>(cookie_2.max_age(), cookie_1.max_age()); <span class="comment">// Step 5: POST to login, including session cookie #2 in request // - set-cookie actix-session will be in response (session cookie #3) // - updates session state: {"counter": 2, "user_id": "ferris"} </span><span class="kw">let </span>req_5 = srv .post(<span class="string">"/login"</span>) .cookie(cookie_2.clone()) .send_json(<span class="kw-2">&</span><span class="macro">json!</span>({<span class="string">"user_id"</span>: <span class="string">"ferris"</span>})); <span class="kw">let </span><span class="kw-2">mut </span>resp_5 = req_5.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_3 = resp_5 .cookies() .unwrap() .clone() .into_iter() .find(|c| c.name() == <span class="string">"test-session"</span>) .unwrap(); <span class="macro">assert_ne!</span>(cookie_2.value(), cookie_3.value()); <span class="kw">let </span>result_5 = resp_5.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_5, IndexResponse { user_id: <span class="prelude-val">Some</span>(<span class="string">"ferris"</span>.into()), counter: <span class="number">2 </span>} ); <span class="comment">// Step 6: GET index, including session cookie #3 in request // - response should be: {"counter": 2, "user_id": "ferris"} </span><span class="kw">let </span>req_6 = srv.get(<span class="string">"/"</span>).cookie(cookie_3.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_6 = req_6.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>result_6 = resp_6.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_6, IndexResponse { user_id: <span class="prelude-val">Some</span>(<span class="string">"ferris"</span>.into()), counter: <span class="number">2 </span>} ); <span class="comment">// Step 7: POST again to do_something, including session cookie #3 in request // - updates session state: {"counter": 3, "user_id": "ferris"} // - response should be: {"counter": 3, "user_id": "ferris"} </span><span class="kw">let </span>req_7 = srv.post(<span class="string">"/do_something"</span>).cookie(cookie_3.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_7 = req_7.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>result_7 = resp_7.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_7, IndexResponse { user_id: <span class="prelude-val">Some</span>(<span class="string">"ferris"</span>.into()), counter: <span class="number">3 </span>} ); <span class="comment">// Step 8: GET index, including session cookie #2 in request // If invalidation is supported, no state will be found associated to this session. // If invalidation is not supported, the old state will still be retrieved. </span><span class="kw">let </span>req_8 = srv.get(<span class="string">"/"</span>).cookie(cookie_2.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_8 = req_8.<span class="kw">await</span>.unwrap(); <span class="kw">if </span>is_invalidation_supported { <span class="macro">assert!</span>(resp_8.cookies().unwrap().is_empty()); <span class="kw">let </span>result_8 = resp_8.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_8, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">0 </span>} ); } <span class="kw">else </span>{ <span class="kw">let </span>result_8 = resp_8.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_8, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">2 </span>} ); } <span class="comment">// Step 9: POST to logout, including session cookie #3 // - set-cookie actix-session will be in response with session cookie #3 // invalidation logic </span><span class="kw">let </span>req_9 = srv.post(<span class="string">"/logout"</span>).cookie(cookie_3.clone()).send(); <span class="kw">let </span>resp_9 = req_9.<span class="kw">await</span>.unwrap(); <span class="kw">let </span>cookie_3 = resp_9 .cookies() .unwrap() .clone() .into_iter() .find(|c| c.name() == <span class="string">"test-session"</span>) .unwrap(); <span class="macro">assert_eq!</span>(<span class="number">0</span>, cookie_3.max_age().map(|t| t.whole_seconds()).unwrap()); <span class="macro">assert_eq!</span>(<span class="string">"/"</span>, cookie_3.path().unwrap()); <span class="comment">// Step 10: GET index, including session cookie #3 in request // - set-cookie actix-session should NOT be in response if invalidation is supported // - response should be: {"counter": 0, "user_id": None} </span><span class="kw">let </span>req_10 = srv.get(<span class="string">"/"</span>).cookie(cookie_3.clone()).send(); <span class="kw">let </span><span class="kw-2">mut </span>resp_10 = req_10.<span class="kw">await</span>.unwrap(); <span class="kw">if </span>is_invalidation_supported { <span class="macro">assert!</span>(resp_10.cookies().unwrap().is_empty()); } <span class="kw">let </span>result_10 = resp_10.json::<IndexResponse>().<span class="kw">await</span>.unwrap(); <span class="macro">assert_eq!</span>( result_10, IndexResponse { user_id: <span class="prelude-val">None</span>, counter: <span class="number">0 </span>} ); } <span class="attribute">#[derive(Debug, PartialEq, Eq, Serialize, Deserialize)] </span><span class="kw">pub struct </span>IndexResponse { user_id: <span class="prelude-ty">Option</span><String>, counter: i32, } <span class="kw">async fn </span>index(session: Session) -> <span class="prelude-ty">Result</span><HttpResponse> { <span class="kw">let </span>user_id: <span class="prelude-ty">Option</span><String> = session.get::<String>(<span class="string">"user_id"</span>).unwrap(); <span class="kw">let </span>counter: i32 = session .get::<i32>(<span class="string">"counter"</span>) .unwrap_or(<span class="prelude-val">Some</span>(<span class="number">0</span>)) .unwrap_or(<span class="number">0</span>); <span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&</span>IndexResponse { user_id, counter })) } <span class="kw">async fn </span>do_something(session: Session) -> <span class="prelude-ty">Result</span><HttpResponse> { <span class="kw">let </span>user_id: <span class="prelude-ty">Option</span><String> = session.get::<String>(<span class="string">"user_id"</span>).unwrap(); <span class="kw">let </span>counter: i32 = session .get::<i32>(<span class="string">"counter"</span>) .unwrap_or(<span class="prelude-val">Some</span>(<span class="number">0</span>)) .map_or(<span class="number">1</span>, |inner| inner + <span class="number">1</span>); session.insert(<span class="string">"counter"</span>, <span class="kw-2">&</span>counter)<span class="question-mark">?</span>; <span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&</span>IndexResponse { user_id, counter })) } <span class="kw">async fn </span>count(session: Session) -> <span class="prelude-ty">Result</span><HttpResponse> { <span class="kw">let </span>user_id: <span class="prelude-ty">Option</span><String> = session.get::<String>(<span class="string">"user_id"</span>).unwrap(); <span class="kw">let </span>counter: i32 = session.get::<i32>(<span class="string">"counter"</span>).unwrap().unwrap(); <span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&</span>IndexResponse { user_id, counter })) } <span class="attribute">#[derive(Deserialize)] </span><span class="kw">struct </span>Identity { user_id: String, } <span class="kw">async fn </span>login(user_id: web::Json<Identity>, session: Session) -> <span class="prelude-ty">Result</span><HttpResponse> { <span class="kw">let </span>id = user_id.into_inner().user_id; session.insert(<span class="string">"user_id"</span>, <span class="kw-2">&</span>id)<span class="question-mark">?</span>; session.renew(); <span class="kw">let </span>counter: i32 = session .get::<i32>(<span class="string">"counter"</span>) .unwrap_or(<span class="prelude-val">Some</span>(<span class="number">0</span>)) .unwrap_or(<span class="number">0</span>); <span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&</span>IndexResponse { user_id: <span class="prelude-val">Some</span>(id), counter, })) } <span class="kw">async fn </span>logout(session: Session) -> <span class="prelude-ty">Result</span><HttpResponse> { <span class="kw">let </span>id: <span class="prelude-ty">Option</span><String> = session.get(<span class="string">"user_id"</span>)<span class="question-mark">?</span>; <span class="kw">let </span>body = <span class="kw">if let </span><span class="prelude-val">Some</span>(x) = id { session.purge(); <span class="macro">format!</span>(<span class="string">"Logged out: {}"</span>, x) } <span class="kw">else </span>{ <span class="string">"Could not log out anonymous user"</span>.to_owned() }; <span class="prelude-val">Ok</span>(HttpResponse::Ok().body(body)) } <span class="kw">trait </span>ServiceResponseExt { <span class="kw">fn </span>get_cookie(<span class="kw-2">&</span><span class="self">self</span>, cookie_name: <span class="kw-2">&</span>str) -> <span class="prelude-ty">Option</span><actix_web::cookie::Cookie<<span class="lifetime">'_</span>>>; } <span class="kw">impl </span>ServiceResponseExt <span class="kw">for </span>ServiceResponse { <span class="kw">fn </span>get_cookie(<span class="kw-2">&</span><span class="self">self</span>, cookie_name: <span class="kw-2">&</span>str) -> <span class="prelude-ty">Option</span><actix_web::cookie::Cookie<<span class="lifetime">'_</span>>> { <span class="self">self</span>.response() .cookies() .into_iter() .find(|c| c.name() == cookie_name) } } } } </code></pre></div> </section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="actix_session" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.66.0-nightly (9062b780b 2022-09-21)" ></div></body></html>