Struct CookieSession 

pub struct CookieSession(/* private fields */);

Use cookies for session storage.

CookieSession creates sessions which are limited to storing fewer than 4000 bytes of data (as the payload must fit into a single cookie). An Internal Server Error is generated if the session contains more than 4000 bytes.

A cookie may have a security policy of signed or private. Each has a respective CookieSessionBackend constructor.

A signed cookie is stored on the client as plaintext alongside a signature such that the cookie may be viewed but not modified by the client.

A private cookie is stored on the client as encrypted text such that it may neither be viewed nor modified by the client.

The constructors take a key as an argument. This is the private key for cookie session - when this value is changed, all session data is lost. The constructors will panic if the key is less than 32 bytes in length.

The backend relies on cookie crate to create and read cookies. By default all cookies are percent encoded, but certain symbols may cause troubles when reading cookie, if they are not properly percent encoded.

Example

use ntex_session::CookieSession;
use ntex::web::{self, App, HttpResponse, HttpServer};

let app = App::new().wrap(
    CookieSession::signed(&[0; 32])
        .domain("www.rust-lang.org")
        .name("ntex-session")
        .path("/")
        .secure(true))
    .service(web::resource("/").to(|| async { HttpResponse::Ok() }));

Implementations

impl CookieSession

pub fn signed(key: &[u8]) -> Self

Construct new signed CookieSessionBackend instance.

Panics if key length is less than 32 bytes.

pub fn private(key: &[u8]) -> Self

Construct new private CookieSessionBackend instance.

Panics if key length is less than 32 bytes.

pub fn path<S: Into<String>>(self, value: S) -> Self

Sets the path field in the session cookie being built.

pub fn name<S: Into<String>>(self, value: S) -> Self

Sets the name field in the session cookie being built.

pub fn domain<S: Into<String>>(self, value: S) -> Self

Sets the domain field in the session cookie being built.

pub fn secure(self, value: bool) -> Self

Sets the secure field in the session cookie being built.

If the secure field is set, a cookie will only be transmitted when the connection is secure - i.e. https

pub fn http_only(self, value: bool) -> Self

Sets the http_only field in the session cookie being built.

pub fn same_site(self, value: SameSite) -> Self

Sets the same_site field in the session cookie being built.

pub fn max_age(self, seconds: i64) -> Self

Sets the max-age field in the session cookie being built.

pub fn max_age_time(self, value: Duration) -> Self

Sets the max-age field in the session cookie being built.

pub fn expires_in(self, seconds: i64) -> Self

Sets the expires field in the session cookie being built.

pub fn expires_in_time(self, value: Duration) -> Self

Sets the expires field in the session cookie being built.

Trait Implementations

impl<S, C> Middleware<S, C> for CookieSession

type Service = CookieSessionMiddleware<S>

The middleware Service value created by this factory

fn create(&self, service: S, _: C) -> Self::Service

Creates and returns a new middleware Service