RejectedSoftware Forums

Sign up

Cookie session storage

avatar
Marc Schütz
Posted Wed, 20 May 2015 18:57:40 +0200
Reply

Rails has a CookieStore class:
http://api.rubyonrails.org/classes/ActionDispatch/Session/CookieStore.html

It stores the session data inside a cookie, which is protected against
manipulation by the user because it is signed. The advantage is
obviously that this kind of session store doesn't require a persistent
server-side database.

Looking at vibe.d's SessionStore interface [1], it seems impossible to
implement the same thing in vibe.d, right?

[1] http://vibed.org/api/vibe.http.session/SessionStore

Re: Cookie session storage

avatar
Sönke Ludwig
Posted Thu, 21 May 2015 20:26:26 +0200 in reply to Marc Schütz
Reply

Am 20.05.2015 um 18:57 schrieb Marc Schütz:

Rails has a CookieStore class:
http://api.rubyonrails.org/classes/ActionDispatch/Session/CookieStore.html

It stores the session data inside a cookie, which is protected against
manipulation by the user because it is signed. The advantage is
obviously that this kind of session store doesn't require a persistent
server-side database.

Looking at vibe.d's SessionStore interface [1], it seems impossible to
implement the same thing in vibe.d, right?

[1] http://vibed.org/api/vibe.http.session/SessionStore

Yes, currently the session store doesn't have the necessary access to
the request/response (or some other way to get the data there). But it
should be possible to add support without changing the public API
(except for adding a method to the SessionStore interface).