pub trait SessionStore {
// Required methods
fn find_active_session(
&self,
candidates: &[LookupKey],
now: u64,
) -> impl Future<Output = Result<Option<ActiveSessionRecord>, StoreError>>;
fn insert_session(
&self,
record: SessionRecord,
) -> impl Future<Output = Result<(), StoreError>>;
fn revoke_session(
&self,
session_id: &SessionId,
now: u64,
) -> impl Future<Output = Result<(), StoreError>>;
}Expand description
Session storage (RFC-006).
Sessions are stored by their HMAC lookup key, never by the plaintext secret. The plaintext lives only in the cookie.
Required Methods§
Sourcefn find_active_session(
&self,
candidates: &[LookupKey],
now: u64,
) -> impl Future<Output = Result<Option<ActiveSessionRecord>, StoreError>>
fn find_active_session( &self, candidates: &[LookupKey], now: u64, ) -> impl Future<Output = Result<Option<ActiveSessionRecord>, StoreError>>
Look up an active session by HMAC lookup key candidates.
Returns the first record matching any candidate that is not expired and
not revoked at now. Returns Ok(None) if no such session exists.
Sourcefn insert_session(
&self,
record: SessionRecord,
) -> impl Future<Output = Result<(), StoreError>>
fn insert_session( &self, record: SessionRecord, ) -> impl Future<Output = Result<(), StoreError>>
Insert a new session record.
Sourcefn revoke_session(
&self,
session_id: &SessionId,
now: u64,
) -> impl Future<Output = Result<(), StoreError>>
fn revoke_session( &self, session_id: &SessionId, now: u64, ) -> impl Future<Output = Result<(), StoreError>>
Revoke a session by its record ID (logout / incident response). Revocation is monotonic: a revoked session cannot be unrevoked.
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".