Comments (5)
In the v2.0.0 release loading and saving of the session data is decoupled from the process of communicating the session token to/from the client, so cookieless sessions are now much easier to implement.
For convenience, I've included a LoadAndSave()
middleware in the package which reads/writes the token to a cookie. But you can use this as a template to implement your own middleware which reads/writes the token to an alternative location, like a HTTP header. Here's an example gist: https://gist.github.com/alexedwards/cc6190195acfa466bf27f05aa5023f50
from scs.
This is a good idea.
I've labelled it to include in v2.x because, like you say, it will probably need breaking changes to implement nicely.
There's another open issue for separating the modification and saving of session data (#36) and addressing that first should make implementing this much easier to do.
from scs.
@ChristophPech I'm working on a v2 release at the moment and would like to address this issue if possible. A couple of questions (if you can remember!)...
What was the motivation behind this? Was it because you wanted to communicate the session ID to/from the user in a different HTTP header field? Or were you wanting to use sessions completely outside of the context of a web application and HTTP request-response cycle?
from scs.
I am putting the session cookie into a field in a JSON as well as XML API. Yes, I use mostly HTTP for now but I'd like to stay protocol agnostic as I have different protocol clients for different game engines and different platforms. All data of the protocol is inside the payload so it will be easy to use different transmission channels other than HTTP. For example, a loadbalancing server could collect multiple client requests and send them in bulk to the application server. Additionally messing with cookies on several different client http libraries can be a bit difficult.
The only advantage to use http cookies is that a webbrowser will save, send and expire them automatically. But once the client is not a webbrowser there are only disadvantages left.
from scs.
Awesome. Thanks.
from scs.
Related Issues (20)
- Possible to tag a new version? HOT 2
- Manually Set Token / Session ID? HOT 4
- Add example using gin
- Expose CtxStore interface to allow custom implementation HOT 1
- How to recover from corrupt session data? (or how to Destroy without loading the session) HOT 2
- Fails using ListenAndServeTLS HOT 1
- Sqlite3store error constraint failed: NOT NULL constraint failed: sessions.expiry (1299) HOT 4
- manage all session HOT 1
- Redis example is using a different Redis library HOT 8
- Custom names for sessions tables HOT 3
- support partitioned CHIPS cookies HOT 2
- pgxstore expects a *pgxpool.Pool instead of a *sql.DB HOT 5
- Flush / streaming HOT 2
- *scs.sessionResponseWriter does not implement http.Hijacker HOT 3
- Support Turso and libsql HOT 2
- Session getting added to DB, but not to cookie, when set to SameSiteNone, but works in SameSiteLax HOT 2
- Sign session ids/tokens HOT 5
- 2.7.0 breaks websocket compatibility HOT 2
- NATS Jetstream and session replication might be of interest HOT 3
- Submodules not being released with tags HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scs.