actix/actix-extras
1
0
Fork 0
mirror of https://github.com/actix/actix-extras.git synced 2025-04-22 18:04:52 +02:00
Code Issues Releases Wiki Activity
actix-extras/src/actix_session/lib.rs.html

1476 lines
65 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta name="generator" content="rustdoc"><meta name="description" content="Source of the Rust file `actix-session/src/lib.rs`."><meta name="keywords" content="rust, rustlang, rust-lang"><title>lib.rs - source</title><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Regular.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../FiraSans-Medium.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Regular.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceSerif4-Bold.ttf.woff2"><link rel="preload" as="font" type="font/woff2" crossorigin href="../../SourceCodePro-Semibold.ttf.woff2"><link rel="stylesheet" href="../../normalize.css"><link rel="stylesheet" href="../../rustdoc.css" id="mainThemeStyle"><link rel="stylesheet" href="../../ayu.css" disabled><link rel="stylesheet" href="../../dark.css" disabled><link rel="stylesheet" href="../../light.css" id="themeStyle"><script id="default-settings" ></script><script src="../../storage.js"></script><script defer src="../../source-script.js"></script><script defer src="../../source-files.js"></script><script defer src="../../main.js"></script><noscript><link rel="stylesheet" href="../../noscript.css"></noscript><link rel="icon" href="https://actix.rs/favicon.ico"></head><body class="rustdoc source"><!--[if lte IE 11]><div class="warning">This old browser is unsupported and will most likely display funky things.</div><![endif]--><nav class="mobile-topbar"><button class="sidebar-menu-toggle">&#9776;</button><a class="sidebar-logo" href="../../actix_session/index.html"><div class="logo-container"><img src="https://actix.rs/img/logo.png" alt="logo"></div></a><h2 class="location"></h2></nav><nav class="sidebar"><a class="sidebar-logo" href="../../actix_session/index.html"><div class="logo-container">
<img src="https://actix.rs/img/logo.png" alt="logo"></div></a></nav><main><div class="width-limiter"><div class="sub-container"><a class="sub-logo-container" href="../../actix_session/index.html">
<img src="https://actix.rs/img/logo.png" alt="logo"></a><nav class="sub"><form class="search-form"><div class="search-container"><span></span><input class="search-input" name="search" autocomplete="off" spellcheck="false" placeholder="Click or press S to search, ? for more options…" type="search"><div id="help-button" title="help" tabindex="-1"><button type="button">?</button></div><div id="settings-menu" tabindex="-1"><a href="../../settings.html" title="settings"><img width="22" height="22" alt="Change settings" src="../../wheel.svg"></a></div></div></form></nav></div><section id="main-content" class="content"><div class="example-wrap"><pre class="line-numbers"><span id="1">1</span>
<span id="2">2</span>
<span id="3">3</span>
<span id="4">4</span>
<span id="5">5</span>
<span id="6">6</span>
<span id="7">7</span>
<span id="8">8</span>
<span id="9">9</span>
<span id="10">10</span>
<span id="11">11</span>
<span id="12">12</span>
<span id="13">13</span>
<span id="14">14</span>
<span id="15">15</span>
<span id="16">16</span>
<span id="17">17</span>
<span id="18">18</span>
<span id="19">19</span>
<span id="20">20</span>
<span id="21">21</span>
<span id="22">22</span>
<span id="23">23</span>
<span id="24">24</span>
<span id="25">25</span>
<span id="26">26</span>
<span id="27">27</span>
<span id="28">28</span>
<span id="29">29</span>
<span id="30">30</span>
<span id="31">31</span>
<span id="32">32</span>
<span id="33">33</span>
<span id="34">34</span>
<span id="35">35</span>
<span id="36">36</span>
<span id="37">37</span>
<span id="38">38</span>
<span id="39">39</span>
<span id="40">40</span>
<span id="41">41</span>
<span id="42">42</span>
<span id="43">43</span>
<span id="44">44</span>
<span id="45">45</span>
<span id="46">46</span>
<span id="47">47</span>
<span id="48">48</span>
<span id="49">49</span>
<span id="50">50</span>
<span id="51">51</span>
<span id="52">52</span>
<span id="53">53</span>
<span id="54">54</span>
<span id="55">55</span>
<span id="56">56</span>
<span id="57">57</span>
<span id="58">58</span>
<span id="59">59</span>
<span id="60">60</span>
<span id="61">61</span>
<span id="62">62</span>
<span id="63">63</span>
<span id="64">64</span>
<span id="65">65</span>
<span id="66">66</span>
<span id="67">67</span>
<span id="68">68</span>
<span id="69">69</span>
<span id="70">70</span>
<span id="71">71</span>
<span id="72">72</span>
<span id="73">73</span>
<span id="74">74</span>
<span id="75">75</span>
<span id="76">76</span>
<span id="77">77</span>
<span id="78">78</span>
<span id="79">79</span>
<span id="80">80</span>
<span id="81">81</span>
<span id="82">82</span>
<span id="83">83</span>
<span id="84">84</span>
<span id="85">85</span>
<span id="86">86</span>
<span id="87">87</span>
<span id="88">88</span>
<span id="89">89</span>
<span id="90">90</span>
<span id="91">91</span>
<span id="92">92</span>
<span id="93">93</span>
<span id="94">94</span>
<span id="95">95</span>
<span id="96">96</span>
<span id="97">97</span>
<span id="98">98</span>
<span id="99">99</span>
<span id="100">100</span>
<span id="101">101</span>
<span id="102">102</span>
<span id="103">103</span>
<span id="104">104</span>
<span id="105">105</span>
<span id="106">106</span>
<span id="107">107</span>
<span id="108">108</span>
<span id="109">109</span>
<span id="110">110</span>
<span id="111">111</span>
<span id="112">112</span>
<span id="113">113</span>
<span id="114">114</span>
<span id="115">115</span>
<span id="116">116</span>
<span id="117">117</span>
<span id="118">118</span>
<span id="119">119</span>
<span id="120">120</span>
<span id="121">121</span>
<span id="122">122</span>
<span id="123">123</span>
<span id="124">124</span>
<span id="125">125</span>
<span id="126">126</span>
<span id="127">127</span>
<span id="128">128</span>
<span id="129">129</span>
<span id="130">130</span>
<span id="131">131</span>
<span id="132">132</span>
<span id="133">133</span>
<span id="134">134</span>
<span id="135">135</span>
<span id="136">136</span>
<span id="137">137</span>
<span id="138">138</span>
<span id="139">139</span>
<span id="140">140</span>
<span id="141">141</span>
<span id="142">142</span>
<span id="143">143</span>
<span id="144">144</span>
<span id="145">145</span>
<span id="146">146</span>
<span id="147">147</span>
<span id="148">148</span>
<span id="149">149</span>
<span id="150">150</span>
<span id="151">151</span>
<span id="152">152</span>
<span id="153">153</span>
<span id="154">154</span>
<span id="155">155</span>
<span id="156">156</span>
<span id="157">157</span>
<span id="158">158</span>
<span id="159">159</span>
<span id="160">160</span>
<span id="161">161</span>
<span id="162">162</span>
<span id="163">163</span>
<span id="164">164</span>
<span id="165">165</span>
<span id="166">166</span>
<span id="167">167</span>
<span id="168">168</span>
<span id="169">169</span>
<span id="170">170</span>
<span id="171">171</span>
<span id="172">172</span>
<span id="173">173</span>
<span id="174">174</span>
<span id="175">175</span>
<span id="176">176</span>
<span id="177">177</span>
<span id="178">178</span>
<span id="179">179</span>
<span id="180">180</span>
<span id="181">181</span>
<span id="182">182</span>
<span id="183">183</span>
<span id="184">184</span>
<span id="185">185</span>
<span id="186">186</span>
<span id="187">187</span>
<span id="188">188</span>
<span id="189">189</span>
<span id="190">190</span>
<span id="191">191</span>
<span id="192">192</span>
<span id="193">193</span>
<span id="194">194</span>
<span id="195">195</span>
<span id="196">196</span>
<span id="197">197</span>
<span id="198">198</span>
<span id="199">199</span>
<span id="200">200</span>
<span id="201">201</span>
<span id="202">202</span>
<span id="203">203</span>
<span id="204">204</span>
<span id="205">205</span>
<span id="206">206</span>
<span id="207">207</span>
<span id="208">208</span>
<span id="209">209</span>
<span id="210">210</span>
<span id="211">211</span>
<span id="212">212</span>
<span id="213">213</span>
<span id="214">214</span>
<span id="215">215</span>
<span id="216">216</span>
<span id="217">217</span>
<span id="218">218</span>
<span id="219">219</span>
<span id="220">220</span>
<span id="221">221</span>
<span id="222">222</span>
<span id="223">223</span>
<span id="224">224</span>
<span id="225">225</span>
<span id="226">226</span>
<span id="227">227</span>
<span id="228">228</span>
<span id="229">229</span>
<span id="230">230</span>
<span id="231">231</span>
<span id="232">232</span>
<span id="233">233</span>
<span id="234">234</span>
<span id="235">235</span>
<span id="236">236</span>
<span id="237">237</span>
<span id="238">238</span>
<span id="239">239</span>
<span id="240">240</span>
<span id="241">241</span>
<span id="242">242</span>
<span id="243">243</span>
<span id="244">244</span>
<span id="245">245</span>
<span id="246">246</span>
<span id="247">247</span>
<span id="248">248</span>
<span id="249">249</span>
<span id="250">250</span>
<span id="251">251</span>
<span id="252">252</span>
<span id="253">253</span>
<span id="254">254</span>
<span id="255">255</span>
<span id="256">256</span>
<span id="257">257</span>
<span id="258">258</span>
<span id="259">259</span>
<span id="260">260</span>
<span id="261">261</span>
<span id="262">262</span>
<span id="263">263</span>
<span id="264">264</span>
<span id="265">265</span>
<span id="266">266</span>
<span id="267">267</span>
<span id="268">268</span>
<span id="269">269</span>
<span id="270">270</span>
<span id="271">271</span>
<span id="272">272</span>
<span id="273">273</span>
<span id="274">274</span>
<span id="275">275</span>
<span id="276">276</span>
<span id="277">277</span>
<span id="278">278</span>
<span id="279">279</span>
<span id="280">280</span>
<span id="281">281</span>
<span id="282">282</span>
<span id="283">283</span>
<span id="284">284</span>
<span id="285">285</span>
<span id="286">286</span>
<span id="287">287</span>
<span id="288">288</span>
<span id="289">289</span>
<span id="290">290</span>
<span id="291">291</span>
<span id="292">292</span>
<span id="293">293</span>
<span id="294">294</span>
<span id="295">295</span>
<span id="296">296</span>
<span id="297">297</span>
<span id="298">298</span>
<span id="299">299</span>
<span id="300">300</span>
<span id="301">301</span>
<span id="302">302</span>
<span id="303">303</span>
<span id="304">304</span>
<span id="305">305</span>
<span id="306">306</span>
<span id="307">307</span>
<span id="308">308</span>
<span id="309">309</span>
<span id="310">310</span>
<span id="311">311</span>
<span id="312">312</span>
<span id="313">313</span>
<span id="314">314</span>
<span id="315">315</span>
<span id="316">316</span>
<span id="317">317</span>
<span id="318">318</span>
<span id="319">319</span>
<span id="320">320</span>
<span id="321">321</span>
<span id="322">322</span>
<span id="323">323</span>
<span id="324">324</span>
<span id="325">325</span>
<span id="326">326</span>
<span id="327">327</span>
<span id="328">328</span>
<span id="329">329</span>
<span id="330">330</span>
<span id="331">331</span>
<span id="332">332</span>
<span id="333">333</span>
<span id="334">334</span>
<span id="335">335</span>
<span id="336">336</span>
<span id="337">337</span>
<span id="338">338</span>
<span id="339">339</span>
<span id="340">340</span>
<span id="341">341</span>
<span id="342">342</span>
<span id="343">343</span>
<span id="344">344</span>
<span id="345">345</span>
<span id="346">346</span>
<span id="347">347</span>
<span id="348">348</span>
<span id="349">349</span>
<span id="350">350</span>
<span id="351">351</span>
<span id="352">352</span>
<span id="353">353</span>
<span id="354">354</span>
<span id="355">355</span>
<span id="356">356</span>
<span id="357">357</span>
<span id="358">358</span>
<span id="359">359</span>
<span id="360">360</span>
<span id="361">361</span>
<span id="362">362</span>
<span id="363">363</span>
<span id="364">364</span>
<span id="365">365</span>
<span id="366">366</span>
<span id="367">367</span>
<span id="368">368</span>
<span id="369">369</span>
<span id="370">370</span>
<span id="371">371</span>
<span id="372">372</span>
<span id="373">373</span>
<span id="374">374</span>
<span id="375">375</span>
<span id="376">376</span>
<span id="377">377</span>
<span id="378">378</span>
<span id="379">379</span>
<span id="380">380</span>
<span id="381">381</span>
<span id="382">382</span>
<span id="383">383</span>
<span id="384">384</span>
<span id="385">385</span>
<span id="386">386</span>
<span id="387">387</span>
<span id="388">388</span>
<span id="389">389</span>
<span id="390">390</span>
<span id="391">391</span>
<span id="392">392</span>
<span id="393">393</span>
<span id="394">394</span>
<span id="395">395</span>
<span id="396">396</span>
<span id="397">397</span>
<span id="398">398</span>
<span id="399">399</span>
<span id="400">400</span>
<span id="401">401</span>
<span id="402">402</span>
<span id="403">403</span>
<span id="404">404</span>
<span id="405">405</span>
<span id="406">406</span>
<span id="407">407</span>
<span id="408">408</span>
<span id="409">409</span>
<span id="410">410</span>
<span id="411">411</span>
<span id="412">412</span>
<span id="413">413</span>
<span id="414">414</span>
<span id="415">415</span>
<span id="416">416</span>
<span id="417">417</span>
<span id="418">418</span>
<span id="419">419</span>
<span id="420">420</span>
<span id="421">421</span>
<span id="422">422</span>
<span id="423">423</span>
<span id="424">424</span>
<span id="425">425</span>
<span id="426">426</span>
<span id="427">427</span>
<span id="428">428</span>
<span id="429">429</span>
<span id="430">430</span>
<span id="431">431</span>
<span id="432">432</span>
<span id="433">433</span>
<span id="434">434</span>
<span id="435">435</span>
<span id="436">436</span>
<span id="437">437</span>
<span id="438">438</span>
<span id="439">439</span>
<span id="440">440</span>
<span id="441">441</span>
<span id="442">442</span>
<span id="443">443</span>
<span id="444">444</span>
<span id="445">445</span>
<span id="446">446</span>
<span id="447">447</span>
<span id="448">448</span>
<span id="449">449</span>
<span id="450">450</span>
<span id="451">451</span>
<span id="452">452</span>
<span id="453">453</span>
<span id="454">454</span>
<span id="455">455</span>
<span id="456">456</span>
<span id="457">457</span>
<span id="458">458</span>
<span id="459">459</span>
<span id="460">460</span>
<span id="461">461</span>
<span id="462">462</span>
<span id="463">463</span>
<span id="464">464</span>
<span id="465">465</span>
<span id="466">466</span>
<span id="467">467</span>
<span id="468">468</span>
<span id="469">469</span>
<span id="470">470</span>
<span id="471">471</span>
<span id="472">472</span>
<span id="473">473</span>
<span id="474">474</span>
<span id="475">475</span>
<span id="476">476</span>
<span id="477">477</span>
<span id="478">478</span>
<span id="479">479</span>
<span id="480">480</span>
<span id="481">481</span>
<span id="482">482</span>
<span id="483">483</span>
<span id="484">484</span>
<span id="485">485</span>
<span id="486">486</span>
<span id="487">487</span>
<span id="488">488</span>
<span id="489">489</span>
<span id="490">490</span>
<span id="491">491</span>
<span id="492">492</span>
<span id="493">493</span>
<span id="494">494</span>
<span id="495">495</span>
<span id="496">496</span>
<span id="497">497</span>
<span id="498">498</span>
<span id="499">499</span>
<span id="500">500</span>
<span id="501">501</span>
<span id="502">502</span>
<span id="503">503</span>
<span id="504">504</span>
<span id="505">505</span>
<span id="506">506</span>
<span id="507">507</span>
<span id="508">508</span>
<span id="509">509</span>
<span id="510">510</span>
<span id="511">511</span>
<span id="512">512</span>
<span id="513">513</span>
<span id="514">514</span>
<span id="515">515</span>
<span id="516">516</span>
<span id="517">517</span>
<span id="518">518</span>
<span id="519">519</span>
<span id="520">520</span>
<span id="521">521</span>
<span id="522">522</span>
<span id="523">523</span>
<span id="524">524</span>
<span id="525">525</span>
<span id="526">526</span>
<span id="527">527</span>
<span id="528">528</span>
<span id="529">529</span>
<span id="530">530</span>
<span id="531">531</span>
<span id="532">532</span>
<span id="533">533</span>
<span id="534">534</span>
<span id="535">535</span>
<span id="536">536</span>
<span id="537">537</span>
<span id="538">538</span>
<span id="539">539</span>
<span id="540">540</span>
<span id="541">541</span>
<span id="542">542</span>
<span id="543">543</span>
<span id="544">544</span>
<span id="545">545</span>
<span id="546">546</span>
<span id="547">547</span>
<span id="548">548</span>
<span id="549">549</span>
<span id="550">550</span>
<span id="551">551</span>
<span id="552">552</span>
<span id="553">553</span>
<span id="554">554</span>
<span id="555">555</span>
<span id="556">556</span>
<span id="557">557</span>
<span id="558">558</span>
<span id="559">559</span>
<span id="560">560</span>
<span id="561">561</span>
<span id="562">562</span>
<span id="563">563</span>
<span id="564">564</span>
<span id="565">565</span>
<span id="566">566</span>
<span id="567">567</span>
<span id="568">568</span>
<span id="569">569</span>
<span id="570">570</span>
<span id="571">571</span>
<span id="572">572</span>
<span id="573">573</span>
<span id="574">574</span>
<span id="575">575</span>
<span id="576">576</span>
<span id="577">577</span>
<span id="578">578</span>
<span id="579">579</span>
<span id="580">580</span>
<span id="581">581</span>
<span id="582">582</span>
<span id="583">583</span>
<span id="584">584</span>
<span id="585">585</span>
<span id="586">586</span>
<span id="587">587</span>
<span id="588">588</span>
<span id="589">589</span>
<span id="590">590</span>
<span id="591">591</span>
<span id="592">592</span>
<span id="593">593</span>
<span id="594">594</span>
<span id="595">595</span>
<span id="596">596</span>
<span id="597">597</span>
<span id="598">598</span>
<span id="599">599</span>
<span id="600">600</span>
<span id="601">601</span>
<span id="602">602</span>
<span id="603">603</span>
<span id="604">604</span>
<span id="605">605</span>
<span id="606">606</span>
<span id="607">607</span>
<span id="608">608</span>
<span id="609">609</span>
<span id="610">610</span>
<span id="611">611</span>
<span id="612">612</span>
<span id="613">613</span>
<span id="614">614</span>
<span id="615">615</span>
<span id="616">616</span>
<span id="617">617</span>
<span id="618">618</span>
<span id="619">619</span>
<span id="620">620</span>
<span id="621">621</span>
<span id="622">622</span>
<span id="623">623</span>
<span id="624">624</span>
<span id="625">625</span>
<span id="626">626</span>
<span id="627">627</span>
<span id="628">628</span>
<span id="629">629</span>
<span id="630">630</span>
<span id="631">631</span>
<span id="632">632</span>
<span id="633">633</span>
<span id="634">634</span>
<span id="635">635</span>
<span id="636">636</span>
<span id="637">637</span>
<span id="638">638</span>
<span id="639">639</span>
<span id="640">640</span>
<span id="641">641</span>
<span id="642">642</span>
<span id="643">643</span>
<span id="644">644</span>
<span id="645">645</span>
<span id="646">646</span>
<span id="647">647</span>
<span id="648">648</span>
<span id="649">649</span>
<span id="650">650</span>
<span id="651">651</span>
<span id="652">652</span>
<span id="653">653</span>
<span id="654">654</span>
<span id="655">655</span>
<span id="656">656</span>
<span id="657">657</span>
<span id="658">658</span>
<span id="659">659</span>
<span id="660">660</span>
<span id="661">661</span>
<span id="662">662</span>
<span id="663">663</span>
<span id="664">664</span>
<span id="665">665</span>
<span id="666">666</span>
<span id="667">667</span>
<span id="668">668</span>
<span id="669">669</span>
<span id="670">670</span>
<span id="671">671</span>
<span id="672">672</span>
<span id="673">673</span>
<span id="674">674</span>
<span id="675">675</span>
<span id="676">676</span>
<span id="677">677</span>
<span id="678">678</span>
<span id="679">679</span>
<span id="680">680</span>
<span id="681">681</span>
<span id="682">682</span>
<span id="683">683</span>
<span id="684">684</span>
<span id="685">685</span>
<span id="686">686</span>
<span id="687">687</span>
<span id="688">688</span>
<span id="689">689</span>
<span id="690">690</span>
<span id="691">691</span>
<span id="692">692</span>
<span id="693">693</span>
<span id="694">694</span>
<span id="695">695</span>
<span id="696">696</span>
<span id="697">697</span>
<span id="698">698</span>
<span id="699">699</span>
<span id="700">700</span>
<span id="701">701</span>
<span id="702">702</span>
<span id="703">703</span>
<span id="704">704</span>
<span id="705">705</span>
<span id="706">706</span>
<span id="707">707</span>
<span id="708">708</span>
<span id="709">709</span>
<span id="710">710</span>
<span id="711">711</span>
<span id="712">712</span>
<span id="713">713</span>
<span id="714">714</span>
<span id="715">715</span>
<span id="716">716</span>
<span id="717">717</span>
<span id="718">718</span>
<span id="719">719</span>
<span id="720">720</span>
<span id="721">721</span>
<span id="722">722</span>
<span id="723">723</span>
<span id="724">724</span>
<span id="725">725</span>
<span id="726">726</span>
<span id="727">727</span>
<span id="728">728</span>
<span id="729">729</span>
<span id="730">730</span>
<span id="731">731</span>
<span id="732">732</span>
<span id="733">733</span>
<span id="734">734</span>
<span id="735">735</span>
<span id="736">736</span>
</pre><pre class="rust"><code><span class="doccomment">//! Session management for Actix Web.
//!
//! The HTTP protocol, at a first glance, is stateless: the client sends a request, the server
//! parses its content, performs some processing and returns a response. The outcome is only
//! influenced by the provided inputs (i.e. the request content) and whatever state the server
//! queries while performing its processing.
//!
//! Stateless systems are easier to reason about, but they are not quite as powerful as we need them
//! to be - e.g. how do you authenticate a user? The user would be forced to authenticate **for
//! every single request**. That is, for example, how &#39;Basic&#39; Authentication works. While it may
//! work for a machine user (i.e. an API client), it is impractical for a person—you do not want a
//! login prompt on every single page you navigate to!
//!
//! There is a solution - **sessions**. Using sessions the server can attach state to a set of
//! requests coming from the same client. They are built on top of cookies - the server sets a
//! cookie in the HTTP response (`Set-Cookie` header), the client (e.g. the browser) will store the
//! cookie and play it back to the server when sending new requests (using the `Cookie` header).
//!
//! We refer to the cookie used for sessions as a **session cookie**. Its content is called
//! **session key** (or **session ID**), while the state attached to the session is referred to as
//! **session state**.
//!
//! `actix-session` provides an easy-to-use framework to manage sessions in applications built on
//! top of Actix Web. [`SessionMiddleware`] is the middleware underpinning the functionality
//! provided by `actix-session`; it takes care of all the session cookie handling and instructs the
//! **storage backend** to create/delete/update the session state based on the operations performed
//! against the active [`Session`].
//!
//! `actix-session` provides some built-in storage backends: ([`CookieSessionStore`],
//! [`RedisSessionStore`], and [`RedisActorSessionStore`]) - you can create a custom storage backend
//! by implementing the [`SessionStore`] trait.
//!
//! Further reading on sessions:
//! - [RFC6265](https://datatracker.ietf.org/doc/html/rfc6265);
//! - [OWASP&#39;s session management cheat-sheet](https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html).
//!
//! # Getting started
//! To start using sessions in your Actix Web application you must register [`SessionMiddleware`]
//! as a middleware on your `App`:
//!
//! ```no_run
//! use actix_web::{web, App, HttpServer, HttpResponse, Error};
//! use actix_session::{Session, SessionMiddleware, storage::RedisActorSessionStore};
//! use actix_web::cookie::Key;
//!
//! #[actix_web::main]
//! async fn main() -&gt; std::io::Result&lt;()&gt; {
//! // The secret key would usually be read from a configuration file/environment variables.
//! let secret_key = Key::generate();
//! let redis_connection_string = &quot;127.0.0.1:6379&quot;;
//! HttpServer::new(move ||
//! App::new()
//! // Add session management to your application using Redis for session state storage
//! .wrap(
//! SessionMiddleware::new(
//! RedisActorSessionStore::new(redis_connection_string),
//! secret_key.clone()
//! )
//! )
//! .default_service(web::to(|| HttpResponse::Ok())))
//! .bind((&quot;127.0.0.1&quot;, 8080))?
//! .run()
//! .await
//! }
//! ```
//!
//! The session state can be accessed and modified by your request handlers using the [`Session`]
//! extractor.
//!
//! ```no_run
//! use actix_web::Error;
//! use actix_session::Session;
//!
//! fn index(session: Session) -&gt; Result&lt;&amp;&#39;static str, Error&gt; {
//! // access the session state
//! if let Some(count) = session.get::&lt;i32&gt;(&quot;counter&quot;)? {
//! println!(&quot;SESSION value: {}&quot;, count);
//! // modify the session state
//! session.insert(&quot;counter&quot;, count + 1)?;
//! } else {
//! session.insert(&quot;counter&quot;, 1)?;
//! }
//!
//! Ok(&quot;Welcome!&quot;)
//! }
//! ```
//!
//! # Choosing A Backend
//!
//! By default, `actix-session` does not provide any storage backend to retrieve and save the state
//! attached to your sessions. You can enable:
//!
//! - a purely cookie-based &quot;backend&quot;, [`CookieSessionStore`], using the `cookie-session` feature
//! flag.
//!
//! ```toml
//! [dependencies]
//! # ...
//! actix-session = { version = &quot;...&quot;, features = [&quot;cookie-session&quot;] }
//! ```
//!
//! - a Redis-based backend via [`actix-redis`](https://docs.rs/acitx-redis),
//! [`RedisActorSessionStore`], using the `redis-actor-session` feature flag.
//!
//! ```toml
//! [dependencies]
//! # ...
//! actix-session = { version = &quot;...&quot;, features = [&quot;redis-actor-session&quot;] }
//! ```
//!
//! - a Redis-based backend via [`redis-rs`](https://docs.rs/redis-rs), [`RedisSessionStore`], using
//! the `redis-rs-session` feature flag.
//!
//! ```toml
//! [dependencies]
//! # ...
//! actix-session = { version = &quot;...&quot;, features = [&quot;redis-rs-session&quot;] }
//! ```
//!
//! Add the `redis-rs-tls-session` feature flag if you want to connect to Redis using a secured
//! connection:
//!
//! ```toml
//! [dependencies]
//! # ...
//! actix-session = { version = &quot;...&quot;, features = [&quot;redis-rs-session&quot;, &quot;redis-rs-tls-session&quot;] }
//! ```
//!
//! You can implement your own session storage backend using the [`SessionStore`] trait.
//!
//! [`SessionStore`]: storage::SessionStore
//! [`CookieSessionStore`]: storage::CookieSessionStore
//! [`RedisSessionStore`]: storage::RedisSessionStore
//! [`RedisActorSessionStore`]: storage::RedisActorSessionStore
</span><span class="attribute">#![forbid(unsafe_code)]
#![deny(rust_2018_idioms, nonstandard_style)]
#![warn(future_incompatible, missing_docs)]
#![doc(html_logo_url = <span class="string">&quot;https://actix.rs/img/logo.png&quot;</span>)]
#![doc(html_favicon_url = <span class="string">&quot;https://actix.rs/favicon.ico&quot;</span>)]
#![cfg_attr(docsrs, feature(doc_cfg))]
</span><span class="kw">pub mod </span>config;
<span class="kw">mod </span>middleware;
<span class="kw">mod </span>session;
<span class="kw">mod </span>session_ext;
<span class="kw">pub mod </span>storage;
<span class="kw">pub use </span><span class="self">self</span>::{
middleware::SessionMiddleware,
session::{Session, SessionGetError, SessionInsertError, SessionStatus},
session_ext::SessionExt,
};
<span class="attribute">#[cfg(test)]
</span><span class="kw">pub mod </span>test_helpers {
<span class="kw">use </span>actix_web::cookie::Key;
<span class="kw">use crate</span>::{config::CookieContentSecurity, storage::SessionStore};
<span class="doccomment">/// Generate a random cookie signing/encryption key.
</span><span class="kw">pub fn </span>key() -&gt; Key {
Key::generate()
}
<span class="doccomment">/// A ready-to-go acceptance test suite to verify that sessions behave as expected
/// regardless of the underlying session store.
///
/// `is_invalidation_supported` must be set to `true` if the backend supports
/// &quot;remembering&quot; that a session has been invalidated (e.g. by logging out).
/// It should be to `false` if the backend allows multiple cookies to be active
/// at the same time (e.g. cookie store backend).
</span><span class="kw">pub async fn </span>acceptance_test_suite&lt;F, Store&gt;(store_builder: F, is_invalidation_supported: bool)
<span class="kw">where
</span>Store: SessionStore + <span class="lifetime">&#39;static</span>,
F: Fn() -&gt; Store + Clone + Send + <span class="lifetime">&#39;static</span>,
{
<span class="kw">for </span>policy <span class="kw">in </span><span class="kw-2">&amp;</span>[
CookieContentSecurity::Signed,
CookieContentSecurity::Private,
] {
<span class="macro">println!</span>(<span class="string">&quot;Using {:?} as cookie content security policy.&quot;</span>, policy);
acceptance_tests::basic_workflow(store_builder.clone(), <span class="kw-2">*</span>policy).<span class="kw">await</span>;
acceptance_tests::expiration_is_refreshed_on_changes(store_builder.clone(), <span class="kw-2">*</span>policy)
.<span class="kw">await</span>;
acceptance_tests::expiration_is_always_refreshed_if_configured_to_refresh_on_every_request(
store_builder.clone(),
<span class="kw-2">*</span>policy,
)
.<span class="kw">await</span>;
acceptance_tests::complex_workflow(
store_builder.clone(),
is_invalidation_supported,
<span class="kw-2">*</span>policy,
)
.<span class="kw">await</span>;
acceptance_tests::guard(store_builder.clone(), <span class="kw-2">*</span>policy).<span class="kw">await</span>;
}
}
<span class="kw">mod </span>acceptance_tests {
<span class="kw">use </span>actix_web::{
cookie::time,
dev::{Service, ServiceResponse},
guard, middleware, test,
web::{<span class="self">self</span>, get, post, resource, Bytes},
App, HttpResponse, <span class="prelude-ty">Result</span>,
};
<span class="kw">use </span>serde::{Deserialize, Serialize};
<span class="kw">use </span>serde_json::json;
<span class="kw">use crate</span>::{
config::{CookieContentSecurity, PersistentSession, TtlExtensionPolicy},
storage::SessionStore,
test_helpers::key,
Session, SessionExt, SessionMiddleware,
};
<span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>basic_workflow&lt;F, Store&gt;(
store_builder: F,
policy: CookieContentSecurity,
) <span class="kw">where
</span>Store: SessionStore + <span class="lifetime">&#39;static</span>,
F: Fn() -&gt; Store + Clone + Send + <span class="lifetime">&#39;static</span>,
{
<span class="kw">let </span>app = test::init_service(
App::new()
.wrap(
SessionMiddleware::builder(store_builder(), key())
.cookie_path(<span class="string">&quot;/test/&quot;</span>.into())
.cookie_name(<span class="string">&quot;actix-test&quot;</span>.into())
.cookie_domain(<span class="prelude-val">Some</span>(<span class="string">&quot;localhost&quot;</span>.into()))
.cookie_content_security(policy)
.session_lifecycle(
PersistentSession::default()
.session_ttl(time::Duration::seconds(<span class="number">100</span>)),
)
.build(),
)
.service(web::resource(<span class="string">&quot;/&quot;</span>).to(|ses: Session| <span class="kw">async move </span>{
<span class="kw">let _ </span>= ses.insert(<span class="string">&quot;counter&quot;</span>, <span class="number">100</span>);
<span class="string">&quot;test&quot;
</span>}))
.service(web::resource(<span class="string">&quot;/test/&quot;</span>).to(|ses: Session| <span class="kw">async move </span>{
<span class="kw">let </span>val: usize = ses.get(<span class="string">&quot;counter&quot;</span>).unwrap().unwrap();
<span class="macro">format!</span>(<span class="string">&quot;counter: {}&quot;</span>, val)
})),
)
.<span class="kw">await</span>;
<span class="kw">let </span>request = test::TestRequest::get().to_request();
<span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie = response.get_cookie(<span class="string">&quot;actix-test&quot;</span>).unwrap().clone();
<span class="macro">assert_eq!</span>(cookie.path().unwrap(), <span class="string">&quot;/test/&quot;</span>);
<span class="kw">let </span>request = test::TestRequest::with_uri(<span class="string">&quot;/test/&quot;</span>)
.cookie(cookie)
.to_request();
<span class="kw">let </span>body = test::call_and_read_body(<span class="kw-2">&amp;</span>app, request).<span class="kw">await</span>;
<span class="macro">assert_eq!</span>(body, Bytes::from_static(<span class="string">b&quot;counter: 100&quot;</span>));
}
<span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>expiration_is_always_refreshed_if_configured_to_refresh_on_every_request&lt;
F,
Store,
&gt;(
store_builder: F,
policy: CookieContentSecurity,
) <span class="kw">where
</span>Store: SessionStore + <span class="lifetime">&#39;static</span>,
F: Fn() -&gt; Store + Clone + Send + <span class="lifetime">&#39;static</span>,
{
<span class="kw">let </span>session_ttl = time::Duration::seconds(<span class="number">60</span>);
<span class="kw">let </span>app = test::init_service(
App::new()
.wrap(
SessionMiddleware::builder(store_builder(), key())
.cookie_content_security(policy)
.session_lifecycle(
PersistentSession::default()
.session_ttl(session_ttl)
.session_ttl_extension_policy(
TtlExtensionPolicy::OnEveryRequest,
),
)
.build(),
)
.service(web::resource(<span class="string">&quot;/&quot;</span>).to(|ses: Session| <span class="kw">async move </span>{
<span class="kw">let _ </span>= ses.insert(<span class="string">&quot;counter&quot;</span>, <span class="number">100</span>);
<span class="string">&quot;test&quot;
</span>}))
.service(web::resource(<span class="string">&quot;/test/&quot;</span>).to(|| <span class="kw">async move </span>{ <span class="string">&quot;no-changes-in-session&quot; </span>})),
)
.<span class="kw">await</span>;
<span class="comment">// Create session
</span><span class="kw">let </span>request = test::TestRequest::get().to_request();
<span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_1 = response.get_cookie(<span class="string">&quot;id&quot;</span>).expect(<span class="string">&quot;Cookie is set&quot;</span>);
<span class="macro">assert_eq!</span>(cookie_1.max_age(), <span class="prelude-val">Some</span>(session_ttl));
<span class="comment">// Fire a request that doesn&#39;t touch the session state, check
// that the session cookie is present and its expiry is set to the maximum we configured.
</span><span class="kw">let </span>request = test::TestRequest::with_uri(<span class="string">&quot;/test/&quot;</span>)
.cookie(cookie_1)
.to_request();
<span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_2 = response.get_cookie(<span class="string">&quot;id&quot;</span>).expect(<span class="string">&quot;Cookie is set&quot;</span>);
<span class="macro">assert_eq!</span>(cookie_2.max_age(), <span class="prelude-val">Some</span>(session_ttl));
}
<span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>expiration_is_refreshed_on_changes&lt;F, Store&gt;(
store_builder: F,
policy: CookieContentSecurity,
) <span class="kw">where
</span>Store: SessionStore + <span class="lifetime">&#39;static</span>,
F: Fn() -&gt; Store + Clone + Send + <span class="lifetime">&#39;static</span>,
{
<span class="kw">let </span>session_ttl = time::Duration::seconds(<span class="number">60</span>);
<span class="kw">let </span>app = test::init_service(
App::new()
.wrap(
SessionMiddleware::builder(store_builder(), key())
.cookie_content_security(policy)
.session_lifecycle(
PersistentSession::default().session_ttl(session_ttl),
)
.build(),
)
.service(web::resource(<span class="string">&quot;/&quot;</span>).to(|ses: Session| <span class="kw">async move </span>{
<span class="kw">let _ </span>= ses.insert(<span class="string">&quot;counter&quot;</span>, <span class="number">100</span>);
<span class="string">&quot;test&quot;
</span>}))
.service(web::resource(<span class="string">&quot;/test/&quot;</span>).to(|| <span class="kw">async move </span>{ <span class="string">&quot;no-changes-in-session&quot; </span>})),
)
.<span class="kw">await</span>;
<span class="kw">let </span>request = test::TestRequest::get().to_request();
<span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_1 = response.get_cookie(<span class="string">&quot;id&quot;</span>).expect(<span class="string">&quot;Cookie is set&quot;</span>);
<span class="macro">assert_eq!</span>(cookie_1.max_age(), <span class="prelude-val">Some</span>(session_ttl));
<span class="kw">let </span>request = test::TestRequest::with_uri(<span class="string">&quot;/test/&quot;</span>)
.cookie(cookie_1.clone())
.to_request();
<span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap();
<span class="macro">assert!</span>(response.response().cookies().next().is_none());
<span class="kw">let </span>request = test::TestRequest::get().cookie(cookie_1).to_request();
<span class="kw">let </span>response = app.call(request).<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_2 = response.get_cookie(<span class="string">&quot;id&quot;</span>).expect(<span class="string">&quot;Cookie is set&quot;</span>);
<span class="macro">assert_eq!</span>(cookie_2.max_age(), <span class="prelude-val">Some</span>(session_ttl));
}
<span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>guard&lt;F, Store&gt;(store_builder: F, policy: CookieContentSecurity)
<span class="kw">where
</span>Store: SessionStore + <span class="lifetime">&#39;static</span>,
F: Fn() -&gt; Store + Clone + Send + <span class="lifetime">&#39;static</span>,
{
<span class="kw">let </span>srv = actix_test::start(<span class="kw">move </span>|| {
App::new()
.wrap(
SessionMiddleware::builder(store_builder(), key())
.cookie_name(<span class="string">&quot;test-session&quot;</span>.into())
.cookie_content_security(policy)
.session_lifecycle(
PersistentSession::default().session_ttl(time::Duration::days(<span class="number">7</span>)),
)
.build(),
)
.wrap(middleware::Logger::default())
.service(resource(<span class="string">&quot;/&quot;</span>).route(get().to(index)))
.service(resource(<span class="string">&quot;/do_something&quot;</span>).route(post().to(do_something)))
.service(resource(<span class="string">&quot;/login&quot;</span>).route(post().to(login)))
.service(resource(<span class="string">&quot;/logout&quot;</span>).route(post().to(logout)))
.service(
web::scope(<span class="string">&quot;/protected&quot;</span>)
.guard(guard::fn_guard(|g| {
g.get_session().get::&lt;String&gt;(<span class="string">&quot;user_id&quot;</span>).unwrap().is_some()
}))
.service(resource(<span class="string">&quot;/count&quot;</span>).route(get().to(count))),
)
});
<span class="comment">// Step 1: GET without session info
// - response should be a unsuccessful status
</span><span class="kw">let </span>req_1 = srv.get(<span class="string">&quot;/protected/count&quot;</span>).send();
<span class="kw">let </span>resp_1 = req_1.<span class="kw">await</span>.unwrap();
<span class="macro">assert!</span>(!resp_1.status().is_success());
<span class="comment">// Step 2: POST to login
// - set-cookie actix-session will be in response (session cookie #1)
// - updates session state: {&quot;counter&quot;: 0, &quot;user_id&quot;: &quot;ferris&quot;}
</span><span class="kw">let </span>req_2 = srv.post(<span class="string">&quot;/login&quot;</span>).send_json(<span class="kw-2">&amp;</span><span class="macro">json!</span>({<span class="string">&quot;user_id&quot;</span>: <span class="string">&quot;ferris&quot;</span>}));
<span class="kw">let </span>resp_2 = req_2.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_1 = resp_2
.cookies()
.unwrap()
.clone()
.into_iter()
.find(|c| c.name() == <span class="string">&quot;test-session&quot;</span>)
.unwrap();
<span class="comment">// Step 3: POST to do_something
// - adds new session state: {&quot;counter&quot;: 1, &quot;user_id&quot;: &quot;ferris&quot; }
// - set-cookie actix-session should be in response (session cookie #2)
// - response should be: {&quot;counter&quot;: 1, &quot;user_id&quot;: None}
</span><span class="kw">let </span>req_3 = srv.post(<span class="string">&quot;/do_something&quot;</span>).cookie(cookie_1.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_3 = req_3.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>result_3 = resp_3.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_3,
IndexResponse {
user_id: <span class="prelude-val">Some</span>(<span class="string">&quot;ferris&quot;</span>.into()),
counter: <span class="number">1
</span>}
);
<span class="kw">let </span>cookie_2 = resp_3
.cookies()
.unwrap()
.clone()
.into_iter()
.find(|c| c.name() == <span class="string">&quot;test-session&quot;</span>)
.unwrap();
<span class="comment">// Step 4: GET using a existing user id
// - response should be: {&quot;counter&quot;: 3, &quot;user_id&quot;: &quot;ferris&quot;}
</span><span class="kw">let </span>req_4 = srv.get(<span class="string">&quot;/protected/count&quot;</span>).cookie(cookie_2.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_4 = req_4.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>result_4 = resp_4.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_4,
IndexResponse {
user_id: <span class="prelude-val">Some</span>(<span class="string">&quot;ferris&quot;</span>.into()),
counter: <span class="number">1
</span>}
);
}
<span class="kw">pub</span>(<span class="kw">super</span>) <span class="kw">async fn </span>complex_workflow&lt;F, Store&gt;(
store_builder: F,
is_invalidation_supported: bool,
policy: CookieContentSecurity,
) <span class="kw">where
</span>Store: SessionStore + <span class="lifetime">&#39;static</span>,
F: Fn() -&gt; Store + Clone + Send + <span class="lifetime">&#39;static</span>,
{
<span class="kw">let </span>session_ttl = time::Duration::days(<span class="number">7</span>);
<span class="kw">let </span>srv = actix_test::start(<span class="kw">move </span>|| {
App::new()
.wrap(
SessionMiddleware::builder(store_builder(), key())
.cookie_name(<span class="string">&quot;test-session&quot;</span>.into())
.cookie_content_security(policy)
.session_lifecycle(
PersistentSession::default().session_ttl(session_ttl),
)
.build(),
)
.wrap(middleware::Logger::default())
.service(resource(<span class="string">&quot;/&quot;</span>).route(get().to(index)))
.service(resource(<span class="string">&quot;/do_something&quot;</span>).route(post().to(do_something)))
.service(resource(<span class="string">&quot;/login&quot;</span>).route(post().to(login)))
.service(resource(<span class="string">&quot;/logout&quot;</span>).route(post().to(logout)))
});
<span class="comment">// Step 1: GET index
// - set-cookie actix-session should NOT be in response (session data is empty)
// - response should be: {&quot;counter&quot;: 0, &quot;user_id&quot;: None}
</span><span class="kw">let </span>req_1a = srv.get(<span class="string">&quot;/&quot;</span>).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_1 = req_1a.<span class="kw">await</span>.unwrap();
<span class="macro">assert!</span>(resp_1.cookies().unwrap().is_empty());
<span class="kw">let </span>result_1 = resp_1.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_1,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">0
</span>}
);
<span class="comment">// Step 2: POST to do_something
// - adds new session state in redis: {&quot;counter&quot;: 1}
// - set-cookie actix-session should be in response (session cookie #1)
// - response should be: {&quot;counter&quot;: 1, &quot;user_id&quot;: None}
</span><span class="kw">let </span>req_2 = srv.post(<span class="string">&quot;/do_something&quot;</span>).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_2 = req_2.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>result_2 = resp_2.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_2,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">1
</span>}
);
<span class="kw">let </span>cookie_1 = resp_2
.cookies()
.unwrap()
.clone()
.into_iter()
.find(|c| c.name() == <span class="string">&quot;test-session&quot;</span>)
.unwrap();
<span class="macro">assert_eq!</span>(cookie_1.max_age(), <span class="prelude-val">Some</span>(session_ttl));
<span class="comment">// Step 3: GET index, including session cookie #1 in request
// - set-cookie will *not* be in response
// - response should be: {&quot;counter&quot;: 1, &quot;user_id&quot;: None}
</span><span class="kw">let </span>req_3 = srv.get(<span class="string">&quot;/&quot;</span>).cookie(cookie_1.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_3 = req_3.<span class="kw">await</span>.unwrap();
<span class="macro">assert!</span>(resp_3.cookies().unwrap().is_empty());
<span class="kw">let </span>result_3 = resp_3.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_3,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">1
</span>}
);
<span class="comment">// Step 4: POST again to do_something, including session cookie #1 in request
// - set-cookie will be in response (session cookie #2)
// - updates session state: {&quot;counter&quot;: 2}
// - response should be: {&quot;counter&quot;: 2, &quot;user_id&quot;: None}
</span><span class="kw">let </span>req_4 = srv.post(<span class="string">&quot;/do_something&quot;</span>).cookie(cookie_1.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_4 = req_4.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>result_4 = resp_4.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_4,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">2
</span>}
);
<span class="kw">let </span>cookie_2 = resp_4
.cookies()
.unwrap()
.clone()
.into_iter()
.find(|c| c.name() == <span class="string">&quot;test-session&quot;</span>)
.unwrap();
<span class="macro">assert_eq!</span>(cookie_2.max_age(), cookie_1.max_age());
<span class="comment">// Step 5: POST to login, including session cookie #2 in request
// - set-cookie actix-session will be in response (session cookie #3)
// - updates session state: {&quot;counter&quot;: 2, &quot;user_id&quot;: &quot;ferris&quot;}
</span><span class="kw">let </span>req_5 = srv
.post(<span class="string">&quot;/login&quot;</span>)
.cookie(cookie_2.clone())
.send_json(<span class="kw-2">&amp;</span><span class="macro">json!</span>({<span class="string">&quot;user_id&quot;</span>: <span class="string">&quot;ferris&quot;</span>}));
<span class="kw">let </span><span class="kw-2">mut </span>resp_5 = req_5.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_3 = resp_5
.cookies()
.unwrap()
.clone()
.into_iter()
.find(|c| c.name() == <span class="string">&quot;test-session&quot;</span>)
.unwrap();
<span class="macro">assert_ne!</span>(cookie_2.value(), cookie_3.value());
<span class="kw">let </span>result_5 = resp_5.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_5,
IndexResponse {
user_id: <span class="prelude-val">Some</span>(<span class="string">&quot;ferris&quot;</span>.into()),
counter: <span class="number">2
</span>}
);
<span class="comment">// Step 6: GET index, including session cookie #3 in request
// - response should be: {&quot;counter&quot;: 2, &quot;user_id&quot;: &quot;ferris&quot;}
</span><span class="kw">let </span>req_6 = srv.get(<span class="string">&quot;/&quot;</span>).cookie(cookie_3.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_6 = req_6.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>result_6 = resp_6.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_6,
IndexResponse {
user_id: <span class="prelude-val">Some</span>(<span class="string">&quot;ferris&quot;</span>.into()),
counter: <span class="number">2
</span>}
);
<span class="comment">// Step 7: POST again to do_something, including session cookie #3 in request
// - updates session state: {&quot;counter&quot;: 3, &quot;user_id&quot;: &quot;ferris&quot;}
// - response should be: {&quot;counter&quot;: 3, &quot;user_id&quot;: &quot;ferris&quot;}
</span><span class="kw">let </span>req_7 = srv.post(<span class="string">&quot;/do_something&quot;</span>).cookie(cookie_3.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_7 = req_7.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>result_7 = resp_7.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_7,
IndexResponse {
user_id: <span class="prelude-val">Some</span>(<span class="string">&quot;ferris&quot;</span>.into()),
counter: <span class="number">3
</span>}
);
<span class="comment">// Step 8: GET index, including session cookie #2 in request
// If invalidation is supported, no state will be found associated to this session.
// If invalidation is not supported, the old state will still be retrieved.
</span><span class="kw">let </span>req_8 = srv.get(<span class="string">&quot;/&quot;</span>).cookie(cookie_2.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_8 = req_8.<span class="kw">await</span>.unwrap();
<span class="kw">if </span>is_invalidation_supported {
<span class="macro">assert!</span>(resp_8.cookies().unwrap().is_empty());
<span class="kw">let </span>result_8 = resp_8.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_8,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">0
</span>}
);
} <span class="kw">else </span>{
<span class="kw">let </span>result_8 = resp_8.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_8,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">2
</span>}
);
}
<span class="comment">// Step 9: POST to logout, including session cookie #3
// - set-cookie actix-session will be in response with session cookie #3
// invalidation logic
</span><span class="kw">let </span>req_9 = srv.post(<span class="string">&quot;/logout&quot;</span>).cookie(cookie_3.clone()).send();
<span class="kw">let </span>resp_9 = req_9.<span class="kw">await</span>.unwrap();
<span class="kw">let </span>cookie_3 = resp_9
.cookies()
.unwrap()
.clone()
.into_iter()
.find(|c| c.name() == <span class="string">&quot;test-session&quot;</span>)
.unwrap();
<span class="macro">assert_eq!</span>(<span class="number">0</span>, cookie_3.max_age().map(|t| t.whole_seconds()).unwrap());
<span class="macro">assert_eq!</span>(<span class="string">&quot;/&quot;</span>, cookie_3.path().unwrap());
<span class="comment">// Step 10: GET index, including session cookie #3 in request
// - set-cookie actix-session should NOT be in response if invalidation is supported
// - response should be: {&quot;counter&quot;: 0, &quot;user_id&quot;: None}
</span><span class="kw">let </span>req_10 = srv.get(<span class="string">&quot;/&quot;</span>).cookie(cookie_3.clone()).send();
<span class="kw">let </span><span class="kw-2">mut </span>resp_10 = req_10.<span class="kw">await</span>.unwrap();
<span class="kw">if </span>is_invalidation_supported {
<span class="macro">assert!</span>(resp_10.cookies().unwrap().is_empty());
}
<span class="kw">let </span>result_10 = resp_10.json::&lt;IndexResponse&gt;().<span class="kw">await</span>.unwrap();
<span class="macro">assert_eq!</span>(
result_10,
IndexResponse {
user_id: <span class="prelude-val">None</span>,
counter: <span class="number">0
</span>}
);
}
<span class="attribute">#[derive(Debug, PartialEq, Eq, Serialize, Deserialize)]
</span><span class="kw">pub struct </span>IndexResponse {
user_id: <span class="prelude-ty">Option</span>&lt;String&gt;,
counter: i32,
}
<span class="kw">async fn </span>index(session: Session) -&gt; <span class="prelude-ty">Result</span>&lt;HttpResponse&gt; {
<span class="kw">let </span>user_id: <span class="prelude-ty">Option</span>&lt;String&gt; = session.get::&lt;String&gt;(<span class="string">&quot;user_id&quot;</span>).unwrap();
<span class="kw">let </span>counter: i32 = session
.get::&lt;i32&gt;(<span class="string">&quot;counter&quot;</span>)
.unwrap_or(<span class="prelude-val">Some</span>(<span class="number">0</span>))
.unwrap_or(<span class="number">0</span>);
<span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&amp;</span>IndexResponse { user_id, counter }))
}
<span class="kw">async fn </span>do_something(session: Session) -&gt; <span class="prelude-ty">Result</span>&lt;HttpResponse&gt; {
<span class="kw">let </span>user_id: <span class="prelude-ty">Option</span>&lt;String&gt; = session.get::&lt;String&gt;(<span class="string">&quot;user_id&quot;</span>).unwrap();
<span class="kw">let </span>counter: i32 = session
.get::&lt;i32&gt;(<span class="string">&quot;counter&quot;</span>)
.unwrap_or(<span class="prelude-val">Some</span>(<span class="number">0</span>))
.map_or(<span class="number">1</span>, |inner| inner + <span class="number">1</span>);
session.insert(<span class="string">&quot;counter&quot;</span>, <span class="kw-2">&amp;</span>counter)<span class="question-mark">?</span>;
<span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&amp;</span>IndexResponse { user_id, counter }))
}
<span class="kw">async fn </span>count(session: Session) -&gt; <span class="prelude-ty">Result</span>&lt;HttpResponse&gt; {
<span class="kw">let </span>user_id: <span class="prelude-ty">Option</span>&lt;String&gt; = session.get::&lt;String&gt;(<span class="string">&quot;user_id&quot;</span>).unwrap();
<span class="kw">let </span>counter: i32 = session.get::&lt;i32&gt;(<span class="string">&quot;counter&quot;</span>).unwrap().unwrap();
<span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&amp;</span>IndexResponse { user_id, counter }))
}
<span class="attribute">#[derive(Deserialize)]
</span><span class="kw">struct </span>Identity {
user_id: String,
}
<span class="kw">async fn </span>login(user_id: web::Json&lt;Identity&gt;, session: Session) -&gt; <span class="prelude-ty">Result</span>&lt;HttpResponse&gt; {
<span class="kw">let </span>id = user_id.into_inner().user_id;
session.insert(<span class="string">&quot;user_id&quot;</span>, <span class="kw-2">&amp;</span>id)<span class="question-mark">?</span>;
session.renew();
<span class="kw">let </span>counter: i32 = session
.get::&lt;i32&gt;(<span class="string">&quot;counter&quot;</span>)
.unwrap_or(<span class="prelude-val">Some</span>(<span class="number">0</span>))
.unwrap_or(<span class="number">0</span>);
<span class="prelude-val">Ok</span>(HttpResponse::Ok().json(<span class="kw-2">&amp;</span>IndexResponse {
user_id: <span class="prelude-val">Some</span>(id),
counter,
}))
}
<span class="kw">async fn </span>logout(session: Session) -&gt; <span class="prelude-ty">Result</span>&lt;HttpResponse&gt; {
<span class="kw">let </span>id: <span class="prelude-ty">Option</span>&lt;String&gt; = session.get(<span class="string">&quot;user_id&quot;</span>)<span class="question-mark">?</span>;
<span class="kw">let </span>body = <span class="kw">if let </span><span class="prelude-val">Some</span>(x) = id {
session.purge();
<span class="macro">format!</span>(<span class="string">&quot;Logged out: {}&quot;</span>, x)
} <span class="kw">else </span>{
<span class="string">&quot;Could not log out anonymous user&quot;</span>.to_owned()
};
<span class="prelude-val">Ok</span>(HttpResponse::Ok().body(body))
}
<span class="kw">trait </span>ServiceResponseExt {
<span class="kw">fn </span>get_cookie(<span class="kw-2">&amp;</span><span class="self">self</span>, cookie_name: <span class="kw-2">&amp;</span>str) -&gt; <span class="prelude-ty">Option</span>&lt;actix_web::cookie::Cookie&lt;<span class="lifetime">&#39;_</span>&gt;&gt;;
}
<span class="kw">impl </span>ServiceResponseExt <span class="kw">for </span>ServiceResponse {
<span class="kw">fn </span>get_cookie(<span class="kw-2">&amp;</span><span class="self">self</span>, cookie_name: <span class="kw-2">&amp;</span>str) -&gt; <span class="prelude-ty">Option</span>&lt;actix_web::cookie::Cookie&lt;<span class="lifetime">&#39;_</span>&gt;&gt; {
<span class="self">self</span>.response()
.cookies()
.into_iter()
.find(|c| c.name() == cookie_name)
}
}
}
}
</code></pre></div>
</section></div></main><div id="rustdoc-vars" data-root-path="../../" data-current-crate="actix_session" data-themes="ayu,dark,light" data-resource-suffix="" data-rustdoc-version="1.66.0-nightly (432abd86f 2022-09-20)" ></div></body></html>
Reference in New Issue View Git Blame Copy Permalink