Session based authentication #2
Labels
No labels
2024 Update
bug
enhancement
epic
nice-to-have
question
testing
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: mtrx/crablog#2
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Switch to CSRF session tokens with proper authentication instead of cookie auth
User sessions can be implemented using actix_session. By default it supports Cookie sessions, which stores session keys in an in-memory cookie store file. The other default implementation would be using the redis backend. To persist sessions, one could implement the SessionStore trait to persist to the crablog sqlite DB.
I've decided to use the default in-memory cookie session implementation. In the future i will possibly implement the persistent sessions via sqlite.