diff options
Diffstat (limited to 'libs/VNLib.Plugins.Sessions.VNCache')
-rw-r--r-- | libs/VNLib.Plugins.Sessions.VNCache/src/IWebSessionIdFactory.cs | 58 | ||||
-rw-r--r-- | libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionIdFactory.cs | 19 |
2 files changed, 15 insertions, 62 deletions
diff --git a/libs/VNLib.Plugins.Sessions.VNCache/src/IWebSessionIdFactory.cs b/libs/VNLib.Plugins.Sessions.VNCache/src/IWebSessionIdFactory.cs deleted file mode 100644 index 117b839..0000000 --- a/libs/VNLib.Plugins.Sessions.VNCache/src/IWebSessionIdFactory.cs +++ /dev/null @@ -1,58 +0,0 @@ -/* -* Copyright (c) 2022 Vaughn Nugent -* -* Library: VNLib -* Package: VNLib.Plugins.Essentials.Sessions.VNCache -* File: IWebSessionIdFactory.cs -* -* IWebSessionIdFactory.cs is part of VNLib.Plugins.Essentials.Sessions.VNCache which is part of the larger -* VNLib collection of libraries and utilities. -* -* VNLib.Plugins.Essentials.Sessions.VNCache is free software: you can redistribute it and/or modify -* it under the terms of the GNU Affero General Public License as -* published by the Free Software Foundation, either version 3 of the -* License, or (at your option) any later version. -* -* VNLib.Plugins.Essentials.Sessions.VNCache is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU Affero General Public License for more details. -* -* You should have received a copy of the GNU Affero General Public License -* along with this program. If not, see https://www.gnu.org/licenses/. -*/ - -using System; -using System.Diagnostics.CodeAnalysis; - -using VNLib.Net.Http; - -namespace VNLib.Plugins.Sessions.VNCache -{ - /// <summary> - /// Id factory for <see cref="WebSessionProvider"/> - /// </summary> - internal interface IWebSessionIdFactory - { - /// <summary> - /// The maxium amount of time a session is valid for. Sessions will be invalidated - /// after this time - /// </summary> - TimeSpan ValidFor { get; } - - /// <summary> - /// Gets a new session-id for the connection and manipulates the entity as necessary - /// </summary> - /// <param name="entity">The connection to generate the new session for</param> - /// <returns>The new session-id</returns> - string GenerateSessionId(IHttpEvent entity); - - /// <summary> - /// Attempts to recover a session id from - /// </summary> - /// <param name="entity">The entity to get the session-id for</param> - /// <param name="sessionId">The found ID for the session if accepted</param> - /// <returns>True if a session id was found or set for the session</returns> - bool TryGetSessionId(IHttpEvent entity, [NotNullWhen(true)] out string? sessionId); - } -} diff --git a/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionIdFactory.cs b/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionIdFactory.cs index 96e9938..03d8980 100644 --- a/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionIdFactory.cs +++ b/libs/VNLib.Plugins.Sessions.VNCache/src/WebSessionIdFactory.cs @@ -35,7 +35,7 @@ using VNLib.Plugins.Sessions.Cache.Client; namespace VNLib.Plugins.Sessions.VNCache { /// <summary> - /// <see cref="IWebSessionIdFactory"/> implementation, using + /// <see cref="ISessionIdFactory"/> implementation, using /// http cookies as session id storage /// </summary> [ConfigurationName(WebSessionProviderEntry.WEB_SESSION_CONFIG)] @@ -77,13 +77,24 @@ namespace VNLib.Plugins.Sessions.VNCache public string RegenerateId(IHttpEvent entity) { //Random hex hash - string cookie = RandomHash.GetRandomBase32(_cookieSize); + string sessionId = RandomHash.GetRandomBase32(_cookieSize); + + //Create new cookie + HttpCookie cookie = new(SessionCookieName, sessionId) + { + ValidFor = ValidFor, + Secure = true, + HttpOnly = true, + Domain = null, + Path = "/", + SameSite = CookieSameSite.Lax + }; //Set the session id cookie - entity.Server.SetCookie(SessionCookieName, cookie, ValidFor, secure: true, httpOnly: true); + entity.Server.SetCookie(cookie); //return session-id value from cookie value - return cookie; + return sessionId; } public string? TryGetSessionId(IHttpEvent entity) |