mirror of
https://github.com/actix/examples
synced 2024-12-03 18:22:14 +01:00
Fix bug in cookie-auth example where secret is too short (#583)
This commit is contained in:
parent
1e1767135d
commit
6fe45afe69
@ -33,16 +33,16 @@ async fn main() -> std::io::Result<()> {
|
||||
std::env::set_var("RUST_LOG", "actix_web=info");
|
||||
env_logger::init();
|
||||
|
||||
// Generate a random 32 byte key. Note that it is important to use a unique
|
||||
// private key for every project. Anyone with access to the key can generate
|
||||
// Generate a random secret key. Note that it is important to use a unique
|
||||
// secret key for every project. Anyone with access to the key can generate
|
||||
// authentication cookies for any user!
|
||||
let private_key = rand::thread_rng().gen::<[u8; 32]>();
|
||||
let secret_key = Key::generate();
|
||||
|
||||
HttpServer::new(move || {
|
||||
App::new()
|
||||
.wrap(IdentityMiddleware::default())
|
||||
.wrap(
|
||||
SessionMiddleware::builder(CookieSessionStore::default(), Key::from(&private_key))
|
||||
SessionMiddleware::builder(CookieSessionStore::default(), secret_key)
|
||||
.cookie_name("auth-example".to_owned())
|
||||
.cookie_secure(false)
|
||||
.build(),
|
||||
|
Loading…
Reference in New Issue
Block a user