Git Product home page Git Product logo

Comments (5)

alexedwards avatar alexedwards commented on May 27, 2024 1

In the v2.0.0 release loading and saving of the session data is decoupled from the process of communicating the session token to/from the client, so cookieless sessions are now much easier to implement.

For convenience, I've included a LoadAndSave() middleware in the package which reads/writes the token to a cookie. But you can use this as a template to implement your own middleware which reads/writes the token to an alternative location, like a HTTP header. Here's an example gist: https://gist.github.com/alexedwards/cc6190195acfa466bf27f05aa5023f50

from scs.

alexedwards avatar alexedwards commented on May 27, 2024

This is a good idea.

I've labelled it to include in v2.x because, like you say, it will probably need breaking changes to implement nicely.

There's another open issue for separating the modification and saving of session data (#36) and addressing that first should make implementing this much easier to do.

from scs.

alexedwards avatar alexedwards commented on May 27, 2024

@ChristophPech I'm working on a v2 release at the moment and would like to address this issue if possible. A couple of questions (if you can remember!)...

What was the motivation behind this? Was it because you wanted to communicate the session ID to/from the user in a different HTTP header field? Or were you wanting to use sessions completely outside of the context of a web application and HTTP request-response cycle?

from scs.

ChristophPech avatar ChristophPech commented on May 27, 2024

I am putting the session cookie into a field in a JSON as well as XML API. Yes, I use mostly HTTP for now but I'd like to stay protocol agnostic as I have different protocol clients for different game engines and different platforms. All data of the protocol is inside the payload so it will be easy to use different transmission channels other than HTTP. For example, a loadbalancing server could collect multiple client requests and send them in bulk to the application server. Additionally messing with cookies on several different client http libraries can be a bit difficult.

The only advantage to use http cookies is that a webbrowser will save, send and expire them automatically. But once the client is not a webbrowser there are only disadvantages left.

from scs.

ChristophPech avatar ChristophPech commented on May 27, 2024

Awesome. Thanks.

from scs.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.