Session based authentication #2

Open
opened 2024-08-16 23:32:24 +02:00 by mtrx · 2 comments
Owner

Switch to CSRF session tokens with proper authentication instead of cookie auth

Switch to CSRF session tokens with proper authentication instead of cookie auth
mtrx added this to the crablog project 2024-08-16 23:32:24 +02:00
mtrx added the
enhancement
2024 Update
labels 2024-08-18 01:26:16 +02:00
Author
Owner

User sessions can be implemented using actix_session. By default it supports Cookie sessions, which stores session keys in an in-memory cookie store file. The other default implementation would be using the redis backend. To persist sessions, one could implement the SessionStore trait to persist to the crablog sqlite DB.

User sessions can be implemented using actix_session. By default it supports Cookie sessions, which stores session keys in an in-memory cookie store file. The other default implementation would be using the redis backend. To persist sessions, one could implement the [SessionStore](https://docs.rs/actix-session/latest/actix_session/storage/trait.SessionStore.html) trait to persist to the crablog sqlite DB.
Author
Owner

I've decided to use the default in-memory cookie session implementation. In the future i will possibly implement the persistent sessions via sqlite.

I've decided to use the default in-memory cookie session implementation. In the future i will possibly implement the persistent sessions via sqlite.
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: mtrx/crablog#2
No description provided.