Session managers

SessionManager is responsible for parsing, loading and saving the session data into the session store. An instance of Jaguar server has exactly one global instance of SessionManager. This instance is responsible for:

1. Parsing the session from the request
2. Loading the session from back-end (if there exists one)
3. Writing back the updated session data at the end of the request chain

Configuration

Jaguar constructor takes SessionManager using sessionManager named parameter. By default, JaguarSessionManager is used.

import 'package:jaguar_session_jwt/jaguar_session_jwt.dart';

main() async {
  final jaguar = Jaguar(sessionManager: JwtSession(jwtConfig));
  jaguar.add(reflect(LibraryApi()));
  await jaguar.serve();
}

Extendable session infrastructure

This enables adding custom session back-ends by implementing SessionManager interface. A few such interfaces already exists to make developer's life easier:

1. Cookie sessions
2. JWT sessions
3. MongoDB as session store

In this article, we will explore only JaguarSessionManager. The remaining SessionManagers shall be discussed in upcoming articles.

JaguarSessionManager

JaguarSessionManager is the default session manager used by Jaguar. It is a stateless session manager since it stores all the data on a cookie or header.

expiry named argument configures duration after which the session expires.

Security

It provides option to sign and verify session data for security against tampering of session data by the client. This can be configured using signerKey named argument during construction.

  final String secretKey = "dfgdgerotewrk6ertrew4567656785678ghdfghdf56745674567";
  final jaguar = Jaguar(sessionManager: CookieSessionManager(signerKey: secretKey));
  jaguar.add(reflect(LibraryApi()));
  await jaguar.serve();

What's next?

In the next article, we will learn what a JWT tokens is.