Skip to main content

Session

modo::auth::session

Struct Session 

Source 
pub struct Session { /* private fields */ }
Expand description

Axum extractor providing access to the current session.

Session is inserted into the request extensions by super::middleware::SessionLayer. Extracting it in a handler does not require the user to be authenticated — call Session::is_authenticated or Session::user_id to check.

All read methods are synchronous (lock-free from the caller’s perspective). Write methods that only modify in-memory data (Session::set, Session::remove_key) are also synchronous. Methods that touch the database (Session::authenticate, Session::logout, etc.) are async.

§Panics

Panics if SessionLayer is not present in the middleware stack. Apply the layer with super::layer before using this extractor.

Implementations§

Source§

impl Session

Source

pub fn user_id(&self) -> Option<String>

Return the authenticated user’s ID, or None if no session is active.

Source

pub fn get<T: DeserializeOwned>(&self, key: &str) -> Result<Option<T>>

Deserialise a value stored in the session under key.

Returns Ok(None) when there is no active session or the key is absent.

§Errors

Returns an error if the stored value cannot be deserialised into T.

Source

pub fn is_authenticated(&self) -> bool

Return true when a valid, authenticated session exists for this request.

Source

pub fn current(&self) -> Option<SessionData>

Return a clone of the full session data, or None if unauthenticated.

Source

pub fn set<T: Serialize>(&self, key: &str, value: &T) -> Result<()>

Store a serialisable value under key in the session data.

The change is held in memory and flushed to the database by the middleware after the handler returns. No-op when there is no active session.

§Errors

Returns an error if the value cannot be serialised to JSON.

Source

pub fn remove_key(&self, key: &str)

Remove a key from the session data.

No-op when there is no active session or the key does not exist. The change is flushed to the database by the middleware after the handler returns.

Source

pub async fn authenticate(&self, user_id: &str) -> Result<()>

Create a new authenticated session for user_id with empty data.

If a session already exists, it is destroyed first (session fixation prevention). A new token is generated and set on the cookie. Equivalent to authenticate_with(user_id, serde_json::json!({})).

§Errors

Returns an error if the existing session cannot be destroyed or the new session cannot be created in the database.

Source

pub async fn authenticate_with(&self, user_id: &str, data: Value) -> Result<()>

Create a new authenticated session for user_id with initial data.

If a session already exists, it is destroyed first (session fixation prevention). A new token is generated and set on the cookie.

§Errors

Returns an error if the existing session cannot be destroyed or the new session cannot be created in the database.

Source

pub async fn rotate(&self) -> Result<()>

Issue a new session token and refresh the session expiry.

Returns 401 Unauthorized if there is no active session. Use this after privilege escalation to prevent session fixation.

§Errors

Returns 401 Unauthorized when no active session exists, or an internal error if the database update fails.

Source

pub async fn logout(&self) -> Result<()>

Destroy the current session and clear the session cookie.

No-op (succeeds silently) when there is no active session.

§Errors

Returns an error if the database delete fails.

Source

pub async fn logout_all(&self) -> Result<()>

Destroy all sessions for the current user and clear the session cookie.

Returns 401 Unauthorized if there is no active session.

§Errors

Returns an error if the database delete fails.

Source

pub async fn logout_other(&self) -> Result<()>

Destroy all sessions for the current user except the current one.

Returns 401 Unauthorized if there is no active session.

§Errors

Returns 401 Unauthorized when no active session exists, or an internal error if the database delete fails.

Source

pub async fn list_my_sessions(&self) -> Result<Vec<SessionData>>

Return all active sessions for the current user.

Returns 401 Unauthorized if there is no active session.

§Errors

Returns 401 Unauthorized when no active session exists, or an internal error if the database query fails.

Source

pub async fn revoke(&self, id: &str) -> Result<()>

Revoke a specific session belonging to the current user.

Returns 401 Unauthorized if there is no active session and 404 Not Found if id does not belong to the current user (deliberately indistinguishable to prevent enumeration).

§Errors

Returns 401 Unauthorized when no active session exists, 404 Not Found when the target session does not exist or belongs to another user, or an internal error if the database operation fails.

Trait Implementations§

Source§

impl<S: Send + Sync> FromRequestParts<S> for Session

Source§

type Rejection = Error

If the extractor fails it’ll use this “rejection” type. A rejection is a kind of error that can be converted into a response.
Source§

async fn from_request_parts( parts: &mut Parts, _state: &S, ) -> Result<Self, Self::Rejection>

Perform the extraction.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<S, T> FromRequest<S, ViaParts> for T
where S: Send + Sync, T: FromRequestParts<S>,

Source§

type Rejection = <T as FromRequestParts<S>>::Rejection

If the extractor fails it’ll use this “rejection” type. A rejection is a kind of error that can be converted into a response.
Source§

fn from_request( req: Request<Body>, state: &S, ) -> impl Future<Output = Result<T, <T as FromRequest<S, ViaParts>>::Rejection>>

Perform the extraction.
Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more