Rebuild actix-identity on top of actix-session
#246
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…henever it fires a request to the server. We also make sure not to extend the session TTL if `refresh_ttl_when_active` is set to false. Previously, the TTL would be refreshed when the session state changed.
…g changes in the future. Each variant get its own type whose fields are not exposed. We allow configuration via the builder pattern which empowers us to add more configuration knobs in the future in a non-breaking fashion.
…gth -> session_ttl.
…odule to highlight the actually relevant types on the homepage of the documentation for the crate.
added 11 commits
May 15, 2022 14:45
LukeMathWalker
added
A-identity
|
This has a few breaking changes in |
|
Resolved all conflicts ✅ |
robjtede
approved these changes
Jul 9, 2022
|
@LukeMathWalker good to release -session and -identity ? |
|
Good to go for me! |
|
@LukeMathWalker released -session v0.7.0 (🎉) but realized that -identity didn't get anything added to the changelog. Do you mind writing something up and I'll get -identity out, too. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a rewrite of
actix-identity.Why?
actix-identityandactix-sessionhave historically created confusion in developers that are approachingactix-web's ecosystem for the first time: which one should I use if I want to add session-based authentication to my application?actix-sessionoffered a more general-purpose API (lower-level, if you want), whileactix-identityhad some pretty convenient extractors. Starting withactix-identitywas usually easier (a more opinionated API, geared for auth), but if you outgrew it (e.g. you now want to store more than identity into the session) you'd have to rewrite everything from scratch to useactix-session, including the auth part.From a maintenance perspective,
actix-identityandactix-sessionshared no code.Any change/fix/improvement to the logic related to the management of the session cookie, additional storage backend, etc. required duplication of effort. In reality, they often diverged or features were available in one of the two but not the other (e.g.
actix-identitynever supported remote storage backends).By rebuilding
actix-identityon top ofactix-sessionwe can solve both problems at once: we get, out of the box, lower maintenance overhead, feature parity and a clear onboarding path for developers who want to work with sessions (for auth or otherwise).How?
I ported over all existing features of
actix-identity: extractor, login deadline, visit deadline.This PR is built on top of the branch for #233, therefore #233 must be merged first into trunk.
This PR introduces a few more breaking changes to
actix-session, on top of the ones already in #233:Session::getandSession::insert. This will make it easier to evolve the API in the future and gives us a way to provide a more helpful error message (i.e. it includes details on the key you were trying to access/insert).