Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Implement user sessions #317

Open
ocramz opened this issue Oct 1, 2023 · 5 comments
Open

Implement user sessions #317

ocramz opened this issue Oct 1, 2023 · 5 comments
Labels
feedback needed info needed More information is needed new feature test needed

Comments

@ocramz
Copy link
Collaborator

ocramz commented Oct 1, 2023
edited
Loading

(as already mentioned in the urlshortener example program)

With cookies #69 and a proper exception system in place #310 it should be possible (and fairly easy) to implement a "session" interface like Flask and similar have:

https://testdriven.io/blog/flask-sessions/

See also #59
@ocramz
Copy link
Collaborator Author

ocramz commented Dec 16, 2023

code from here could be recycled for this purpose : https://hackage.haskell.org/package/scotty-session-0.0.5/docs/Web-Scotty-Session.html#t:ScottySM

but using scotty internal cookie functions

@k0001
Copy link

k0001 commented Apr 27, 2024

I just published wai-cryptocookie, a small wai library that maybe could be used to implement this.

https://hackage.haskell.org/package/wai-cryptocookie/docs/Wai-CryptoCookie.html

The library doesn't depend on anything other than what scotty already depends on.

@ocramz ocramz mentioned this issue Apr 28, 2024
Open
@ocramz ocramz added info needed More information is needed feedback needed labels Jul 16, 2024
tusharad added a commit to tusharad/scotty that referenced this issue Dec 3, 2024
@tusharad
Implemented user sessions scotty-web#317
1e13008
@tusharad tusharad mentioned this issue Dec 3, 2024
Merged
5 tasks
ocramz pushed a commit that referenced this issue Jan 7, 2025
@tusharad
Implemented user sessions (#405)
f93e406 
* Implemented user sessions #317

* Updated changelog

* Added SessionStatus in readSession instead of Nothing

* Added ActionM versions of session functions

* Added session example in README
@ocramz ocramz mentioned this issue Feb 2, 2025
Open
@ocramz
Copy link
Collaborator Author

ocramz commented Feb 9, 2025

Hi @k0001 , I checked out cryptocookie, seems it would be sensible to introduce it as a good security default. I just have a hard time following the continuation-based API, how do you think it could be best integrated here in scotty? Thanks!

@k0001
Copy link

k0001 commented Feb 9, 2025

Hi @ocramz. Have you seen the example code in the tests? https://github.com/k0001/hs-wai-cryptocookie/blob/master/wai-cryptocookie/test/Main.hs — It's not the most didactic, I know, but you'll see there how to use Wai.CryptoCookie.middleware to transform a Wai.Application.

Working with Wai.Middleware and Wai.Application can be confusing 😅

@k0001
Copy link

k0001 commented Feb 9, 2025

As for how wai-cryptocookie and scotty could be integrated nicely: I'm pretty sure I had an example somewhere, since this was my motivator for writing wai-cryptocookie in the first place, but I can't find it now. I'll try to write a new example and share it here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feedback needed info needed More information is needed new feature test needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@k0001 @ocramz