Session Management
aah Session library provides HTTP state management for web application and Stateless session for API application.
Features:
- Extensible
session.Storer
interface - HMAC Signed session data
- AES Encrypted session data
Out-of-the-box aah framework provides Cookie
and File
as a Session Store to persist encrypted session data. Also it provides extensible interface session.Storer
for adapting other storage types; like Key-Value Database, NoSQL Database, and RDBMS. For your own store implementation, please refer session.FileStore
; its very easy.
Non-cookie store session data is maintained via store interface. Only Session ID
is transmitted over the wire via Cookie.
If you would like to add values of your custom types in the session. You have to register your custom types using gob.Register(...)
.
Reference to Session Configuration.
Table of Contents
- How to access current Session?
session.Storer
Interface- Adding User-Defined Store into aah
- Configuring User-Defined Store into aah
How to access current Session?
You can access current in two ways from aah.Context
.
ctx.Session()
- it internally uses the below call.ctx.Subject().Session
session.Storer
Interface
// Storer is interface for implementing pluggable session storage.
Storer interface {
Init(appCfg *config.Config) error
Read(id string) string
Save(id, value string) error
Delete(id string) error
IsExists(id string) bool
Cleanup(m *Manager)
}
Adding User-Defined Session Store into aah
Add the user-defined custom session store into aah framework.
// Refer `session.FileStore` for implementation sample
func init() {
aah.AddSessionStore("redis", &RedisSessionStore{})
}
Configuring User-Defined Session Store into aah
Configuring user-defined custom store for session data storage in the security.conf
.
security {
session {
# ....
store {
type = "redis"
}
# ....
}
}