snap-0.12.0: Top-level package for the Snap Web Framework

Safe HaskellNone

Snap.Snaplet.Session

Contents

Synopsis

Documentation

data SessionManager Source

Any Haskell record that is a member of the ISessionManager typeclass can be stuffed inside a SessionManager to enable all session-related functionality.

To use sessions in your application, just find a Backend that would produce one for you inside of your Initializer. See initCookieSessionManager in CookieSession for a built-in option that would get you started.

withSession :: SnapletLens b SessionManager -> Handler b v a -> Handler b v aSource

Wrap around a handler, committing any changes in the session at the end

commitSession :: Handler b SessionManager ()Source

Commit changes to session within the current request cycle

setInSession :: Text -> Text -> Handler b SessionManager ()Source

Set a key-value pair in the current session

getFromSession :: Text -> Handler b SessionManager (Maybe Text)Source

Get a key from the current session

deleteFromSession :: Text -> Handler b SessionManager ()Source

Remove a key from the current session

csrfToken :: Handler b SessionManager TextSource

Returns a CSRF Token unique to the current session

sessionToList :: Handler b SessionManager [(Text, Text)]Source

Return session contents as an association list

resetSession :: Handler b SessionManager ()Source

Deletes the session cookie, effectively resetting the session

touchSession :: Handler b SessionManager ()Source

Touch the session so the timeout gets refreshed

Utilities Exported For Convenience

type SecureCookie t = (UTCTime, t)Source

Serialize UTCTime instance Serialize UTCTime where put t = put (round (utcTimeToPOSIXSeconds t) :: Integer) get = posixSecondsToUTCTime . fromInteger $ get

Arbitrary payload with timestamp.

getSecureCookieSource

Arguments

:: (MonadSnap m, Serialize t) 
=> ByteString

Cookie name

-> Key

Encryption key

-> Maybe Int

Timeout in seconds

-> m (Maybe t) 

setSecureCookieSource

Arguments

:: (MonadSnap m, Serialize t) 
=> ByteString

Cookie name

-> Key

Encryption key

-> Maybe Int

Max age in seconds

-> t

Serializable payload

-> m () 

Inject the payload

checkTimeout :: MonadSnap m => Maybe Int -> UTCTime -> m BoolSource

Validate session against timeout policy.

  • If timeout is set to Nothing, never trigger a time-out.
  • Otherwise, do a regular time-out check based on current time and given timestamp.