pub struct SessionMiddlewareBuilder { /* private fields */ }
session
only.Expand description
A fluent, customized SessionMiddleware
builder.
Implementations§
Source§impl SessionMiddlewareBuilder
impl SessionMiddlewareBuilder
pub fn cache_keygen<F>(self, keygen: F) -> Self
Set the name of the cookie used to store the session ID.
Defaults to id
.
Set the Secure
attribute for the cookie used to store the session ID.
If the cookie is set as secure, it will only be transmitted when the connection is secure
(using https
).
Default is true
.
Sourcepub fn session_lifecycle(self, session_lifecycle: PersistentSession) -> Self
pub fn session_lifecycle(self, session_lifecycle: PersistentSession) -> Self
Determines how session lifecycle should be managed.
Set the SameSite
attribute for the cookie used to store the session ID.
By default, the attribute is set to Lax
.
Set the Path
attribute for the cookie used to store the session ID.
By default, the attribute is set to /
.
Set the Domain
attribute for the cookie used to store the session ID.
Use None
to leave the attribute unspecified. If unspecified, the attribute defaults
to the same host that set the cookie, excluding subdomains.
By default, the attribute is left unspecified.
Choose how the session cookie content should be secured.
CookieContentSecurity::Private
selects encrypted cookie content.CookieContentSecurity::Signed
selects signed cookie content.
§Default
By default, the cookie content is encrypted. Encrypted was chosen instead of signed as default because it reduces the chances of sensitive information being exposed in the session key by accident, regardless of SessionStore implementation you chose to use.
For example, if you are using cookie-based storage, you definitely want the cookie content to be encrypted—the whole session state is embedded in the cookie! If you are using Redis-based storage, signed is more than enough - the cookie content is just a unique tamper-proof session key.
Set the HttpOnly
attribute for the cookie used to store the session ID.
If the cookie is set as HttpOnly
, it will not be visible to any JavaScript snippets
running in the browser.
Default is true
.
Sourcepub fn build(self) -> SessionMiddleware
pub fn build(self) -> SessionMiddleware
Finalise the builder and return a SessionMiddleware
instance.