Comments (8)
I've merged in some unreleased changes that provide set_expiration_time
and set_expiration_time_from_max_age
.
This will allow applications to set the expiration time to some arbitrary time::OffsetDateTime
or specify a time::Duration
from OffsetDateTime::now_utc
at which the session will be considered expired.
Using either of these methods will persist the session back to the store and set a cookie on the client with the updated max-age attribute.
Let me know if you think this would fit your use case.
from alexandrie.
Thank you for acting so quick on this.
This is indeed all I needed in Alexandrie's case.
I've tested the changes in #175 by taking a git dependency and it works perfectly.
I'll make sure to merge it whenever these changes are released in crates.io.
from alexandrie.
That's great to hear!
I'm planning to cut a new release this weekend, once I resolve a couple of outstanding changes.
from alexandrie.
Hi, thank you very much for notifying this project of this initiative !
I've went ahead and started the work for this migration in PR #175, as its seemed to be quite straightforward to make these changes.
One question I have, which I don't know yet how to handle, is that axum-sessions
had an WritableSession::expire_in
, which allowed to change/extend the expiration date/time of an existing session.
It is a feature that Alexandrie used to implement the Remember Me
checkbox on the login page of the frontend, like so:
alexandrie/crates/alexandrie/src/frontend/account/login.rs
Lines 153 to 161 in 4813442
I wasn't able to find a similar method in tower-sessions
.
There is a Session::with_max_age
method, but it seems like a method meant for use in a SessionStore
impl rather than in endpoint handlers and, looking at the code of SessionManager
, it doesn't seem like it has any effect on the max_age
of the response cookie.
So I guess, my question is:
Is there currently a way to achieve something similar (maybe my previous implemented is misguided) ?
Or would tower-sessions
be interested in implementing a similar feature in the future ?
from alexandrie.
Hi, thanks for having a look and exploring this direction!
Just to make sure I'm understanding correctly, the use case is to extend the session TTL while it's being used?
If so, you're correct that's missing from the current release.
That said, that is a feature I would like to incorporate, especially if folks who use axum-sessions are using it.
from alexandrie.
Extending the session's TTL is indeed the use case.
The default duration of a session in Alexandrie currently (using axum-sessions
) is 24 hours, and I was using this method to not only reset it (make the session valid for 24 hours after the login succeeded), but also potentially extend it to 30 days if the user asked to be remembered.
I'm glad to hear that this is considered, as I think it could be useful to others to, for example, automatically regenerate sessions to prevent the user from being suddenly logged out while navigating.
from alexandrie.
This makes sense to me. I've opened an issue to track on the tower-sessions
repo. It shouldn't be too difficult: I imagine we can add a method, set_expiration_time(expiration_time: OffsetDateTime)
or similar to support this.
from alexandrie.
Hi again, I've just released v0.2.0
, which includes the above changes. Please do let me know if you run into any other problems or missing feature overlap with axum-sessions
. ๐
from alexandrie.
Related Issues (20)
- Some potential data racing issues
- Self-modifying login form password field interferes with the Firefox remember password feature
- ERROR: insert or update on table "sessions" violates foreign key constraint "sessions_author_id_fkey" HOT 1
- After updating to Merge pull request #116 ,i can't publish new version of crates
- Question about database and build process
- Best method to remove/delete a crate HOT 1
- Enable git HTTPS authentication via username/password
- TLS support HOT 3
- Cargo checksum verification fails HOT 14
- Running error๏ผ๏ผ๏ผ[frontend] missing field `origin` HOT 4
- cargo owner --add error HOT 4
- Consider switching to tokio/axum/hyper stack HOT 9
- Add `WebIdentityProvider` to AWS credentials chain
- IO error: No such file or directory (os error 2) HOT 1
- feat: verdaccio equivalent
- Option to enable authentication for all cargo API routes HOT 2
- Hide login and register buttons if they are disabled HOT 1
- Adding Categories and Keywords pages to help browsing and discovering of new crates
- Github OAuth breaks on second OAuth attempt, after first prompt was denied by user.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from alexandrie.