Struct gotham::middleware::session::NewSessionMiddleware [−][src]
pub struct NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static, { /* fields omitted */ }
Expand description
Added to a Pipeline
, this spawns the per-request SessionMiddleware
There are two ways to construct the NewSessionMiddleware
, but with_session_type
must be
called before the middleware is useful:
-
Using the
Default
implementation, which sets up an in-memory session store. When constructed this way, sessions are unable to be shared between multiple application servers, and are lost on restart:NewSessionMiddleware::default()
-
Using the
NewSessionMiddleware::new
function, and providing a backend. TheDefault
implementation usesMemoryBackend
, but this can be changed by providing your own:NewSessionMiddleware::new(MemoryBackend::default())
Before the middleware can be used, it must be associated with a session type provided by the application. This gives type-safe storage for all session data:
#[derive(Default, Serialize, Deserialize)]
struct MySessionType {
items: Vec<String>,
}
NewSessionMiddleware::default().with_session_type::<MySessionType>()
For plaintext HTTP servers, the insecure
method must also be called to instruct the
middleware not to set the secure
flag on the cookie.
Implementations
Create a NewSessionMiddleware
value for the provided backend and with a blank session
type. with_session_type
must be called before the result is useful.
impl<B, T> NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
impl<B, T> NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
Configures the session cookie to be set at a more restrictive path.
NewSessionMiddleware::default()
.with_session_type::<MySessionType>()
.with_cookie_path("/app".to_string())
Configures the NewSessionMiddleware
not to send the secure
flag along with the cookie.
This is required for plaintext HTTP connections.
NewSessionMiddleware::default()
.with_session_type::<MySessionType>()
.insecure()
Configures the NewSessionMiddleware
to use an alternate cookie name. The default cookie
name is _gotham_session
.
When a cookie name with a cookie prefix is used, the other options are forced to be correct (ignoring overridden settings from the application). i.e.:
- For a cookie prefix of
__Secure-
, the cookie attributes will includeSecure
- For a cookie prefix of
__Host-
, the cookie attributes will includeSecure; Path=/
and not includeDomain=
If the session cookie configuration set by the application does not match the prefix, a warning will be logged upon startup and the cookie prefix options will override what was provided by the application.
NewSessionMiddleware::default()
.with_session_type::<MySessionType>()
.with_cookie_name("_myapp_session")
Configures the NewSessionMiddleware
to use a Domain
attribute with the provided value.
NewSessionMiddleware::default()
.with_session_type::<MySessionType>()
.with_cookie_domain("example.com")
Removes the SameSite
cookie attribute, allowing cross-site requests to include the cookie.
By default, the session cookie will be set with SameSite=lax
, which ensures cross-site
requests will include the cookie if and only if they are top-level navigations which use a
“safe” (in the RFC7231 sense) HTTP
method.
See: https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-4.1
NewSessionMiddleware::default()
.with_session_type::<MySessionType>()
.allow_cross_site_usage()
Sets the “SameSite” cookie attribute value to “strict”.
This will ensure that the cookie is never sent for cross-site requests (including top-level navigations).
By default, the session cookie will be set with “SameSite=lax”, which ensures cross-site requests will include the cookie if and only if they are top-level navigations which use a “safe” (in the RFC7231 sense) HTTP method.
NewSessionMiddleware::default()
.with_session_type::<MySessionType>()
.with_strict_same_site_enforcement()
pub fn with_session_type<U>(self) -> NewSessionMiddleware<B, U> where
U: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
pub fn with_session_type<U>(self) -> NewSessionMiddleware<B, U> where
U: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
Changes the session type to the provided type parameter. This is required to override the
default (unusable) session type of ()
.
#[derive(Default, Serialize, Deserialize)]
struct MySessionType {
items: Vec<String>,
}
NewSessionMiddleware::default().with_session_type::<MySessionType>()
Trait Implementations
impl<B, T> Clone for NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
impl<B, T> Clone for NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
Returns the “default value” for a type. Read more
impl<B, T> NewMiddleware for NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
impl<B, T> NewMiddleware for NewSessionMiddleware<B, T> where
B: NewBackend,
T: Default + Serialize + for<'de> Deserialize<'de> + Send + 'static,
type Instance = SessionMiddleware<B::Instance, T>
type Instance = SessionMiddleware<B::Instance, T>
The type of Middleware
created by the NewMiddleware
.
Create and return a new Middleware
value.
Auto Trait Implementations
impl<B, T> RefUnwindSafe for NewSessionMiddleware<B, T>
impl<B, T> Send for NewSessionMiddleware<B, T> where
B: Send,
impl<B, T> Sync for NewSessionMiddleware<B, T>
impl<B, T> !Unpin for NewSessionMiddleware<B, T>
impl<B, T> !UnwindSafe for NewSessionMiddleware<B, T>
Blanket Implementations
Mutably borrows from an owned value. Read more
pub fn vzip(self) -> V
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more