https://github.com/matsadler/rack_session

A Rust implementation of Ruby's `Rack::Session::Cookie` encoding, compatible with Serde.
https://github.com/matsadler/rack_session

Last synced: 3 months ago
JSON representation

A Rust implementation of Ruby's `Rack::Session::Cookie` encoding, compatible with Serde.

• Host: GitHub
• URL: https://github.com/matsadler/rack_session
• Owner: matsadler
• License: mit
• Created: 2020-12-15T04:34:54.000Z (about 5 years ago)
• Default Branch: main
• Last Pushed: 2020-12-21T06:36:02.000Z (about 5 years ago)
• Last Synced: 2025-03-04T14:47:28.547Z (10 months ago)
• Language: Rust
• Size: 8.79 KB
• Stars: 0
• Watchers: 3
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Rack Session

A Rust implementation of Ruby's `Rack::Session::Cookie` encoding, compatible

with Serde.

This crate only handles the encoding/decoding and message authentication,

you'll have to manage setting the cookies and attributes with whichever http

server or web framework you're using.

## Configuration

Given `Rack::Session::Cookie` setup in Ruby as such:

```ruby

use Rack::Session::Cookie,

  coder: Rack::Session::Cookie::Base64::JSON,

  secret: "super secret",

  old_secret: "not so secret"

```

The Rust equivalent with this crate would be:

```rust

use rack_session::{Cookie, Base64, Json};

fn main() {

  let mut coder = Cookie::>::new("super secret");

  coder.add_read_key("not so secret");

  /// hand coder off to code handling cookies

}

```

This crate does not provide the option of omitting the `secret` parameter like

the Ruby version does. It's not safe to use this style of client side session

without the message authentication enabled when the secret is provided.

The Ruby `Rack::Session::Cookie` implements a number of 'coder' classes for

serialising and deserialising the cookie value, the counterparts in this crate

are as follows:

| Ruby coder class                         | Rust type                     |

| ---------------------------------------- | ----------------------------- |

| `Rack::Session::Cookie::Base64::Marshal` | unimplemented                 |

| `Rack::Session::Cookie::Base64::JSON`    | `Cookie::>`      |

| `Rack::Session::Cookie::Base64::ZipJSON` | `Cookie::>>` |

| `Rack::Session::Cookie::Base64`*         | unimplemented                 |

| `Rack::Session::Cookie::Identity`*       | unimplemented                 |

\* impractical to actually use

Unfortunately there is not yet a Rust parser for Ruby's marshal format, so the

default `Base64::Marshal` coder class can not be implemented.

## Example

```rust

use serde::{Deserialize, Serialize};

use rack_session::{Base64, Cookie, Id, Json};

#[derive(Debug, Deserialize, PartialEq, Serialize)]

struct Session {

    session_id: Id,

    user_id: Option,

    is_signed_in: bool,

}

fn main() {

    let cookie = Cookie::>::new("super secret");

    let session = Session {

        session_id: "ac762bf56f7360fc45701ff8373ed519c103762bf57bec09d5280659f59cb038".parse().unwrap(),

        user_id: Some(42),

        is_signed_in: true,

    };

    let encoded = cookie.to_string(&session).unwrap();

    let decoded = cookie.from_str::(&encoded).unwrap();

    assert_eq!(session, decoded);

}

```