pavex_session/
lib.rs

1/*!
2Session management for Pavex.
3
4Check out the [session guide in Pavex's documentation](https://pavex.dev/guide/sessions/) for a thorough introduction to sessions
5and how to use them in your application.
6*/
7pub mod config;
8mod id;
9mod incoming;
10mod middleware;
11mod session_;
12mod store_;
13pub(crate) mod wire;
14
15use std::collections::HashMap;
16
17pub use id::SessionId;
18pub use incoming::IncomingSession;
19pub use middleware::{FINALIZE_SESSION, finalize_session};
20use pavex::methods;
21pub use session_::Session;
22pub use store_::SessionStore;
23
24pub mod store {
25    //! Types and traits related to [`SessionStore`][super::SessionStore].
26    pub use crate::store_::errors;
27    pub use crate::store_::{SessionRecord, SessionRecordRef, SessionStorageBackend};
28}
29
30pub use crate::session_::errors;
31
32pub mod client {
33    //! Types to manipulate the client-side session state.
34    pub use crate::session_::{ClientSessionState, ClientSessionStateMut};
35}
36
37/// A convenient alias for the shape of the session state.
38pub(crate) type State = HashMap<std::borrow::Cow<'static, str>, serde_json::Value>;
39
40#[derive(Debug, Clone, Default, serde::Serialize, serde::Deserialize)]
41#[serde(rename_all = "snake_case")]
42#[non_exhaustive]
43/// Configure how sessions are managed.
44///
45/// The default configuration follows
46/// [OWASP's guidelines for secure session management](https://github.com/OWASP/ASVS/blob/67726f1976a759c58a82669d0dad3b16b9c04ecc/4.0/en/0x12-V3-Session-management.md).
47#[pavex::config(key = "session", default_if_missing)]
48pub struct SessionConfig {
49    #[serde(default)]
50    /// Configure the session cookie.
51    pub cookie: crate::config::SessionCookieConfig,
52    #[serde(default)]
53    /// Configure how the session state should behave.
54    pub state: crate::config::SessionStateConfig,
55}
56
57#[methods]
58impl SessionConfig {
59    /// Create a new session configuration with the default settings.
60    pub fn new() -> Self {
61        Self::default()
62    }
63
64    #[doc(hidden)]
65    #[transient]
66    pub fn cookie_config(&self) -> &crate::config::SessionCookieConfig {
67        &self.cookie
68    }
69
70    #[doc(hidden)]
71    #[transient]
72    pub fn state_config(&self) -> &crate::config::SessionStateConfig {
73        &self.state
74    }
75}