| Copyright | (C) 2016 Li Meng Jun |
|---|---|
| License | BSD3 |
| Maintainer | Li Meng Jun <lmjubuntu@gmail.com> |
| Stability | experimental |
| Portability | portable |
| Safe Haskell | None |
| Language | Haskell2010 |
Network.Wai.Session.MySQL
Description
Simple MySQL backed wai-session backend. This module allows you to store session data of wai-sessions in a MySQL database. Two tables are kept, one to store the session's metadata and one to store key,value pairs for each session. All keys and values are stored as bytea values in the mysql database using haskell's cereal module to serialize and deserialize them.
Please note that the module does not let you configure the names of the database tables. It is recommended to use this module with its own database schema.
- dbStore :: (WithMySQLConn a, Serialize k, Eq k, Serialize v, MonadIO m) => a -> StoreSettings -> IO (SessionStore m k v)
- clearSession :: WithMySQLConn a => a -> ByteString -> Request -> IO ()
- defaultSettings :: StoreSettings
- fromSimpleConnection :: Connection -> IO SimpleConnection
- purgeOldSessions :: WithMySQLConn a => a -> StoreSettings -> IO Int64
- purger :: WithMySQLConn a => a -> StoreSettings -> IO ThreadId
- ratherSecureGen :: Int -> IO ByteString
- data SimpleConnection
- data StoreSettings = StoreSettings {}
- class WithMySQLConn a where
Documentation
dbStore :: (WithMySQLConn a, Serialize k, Eq k, Serialize v, MonadIO m) => a -> StoreSettings -> IO (SessionStore m k v) Source #
Create a new mysql backed wai session store.
clearSession :: WithMySQLConn a => a -> ByteString -> Request -> IO () Source #
This function can be called to invalidate a session and enforce creating a new one with a new session ID. It should be called *before* any calls to sessionStore are made. It needs to be passed a request and the cookie name explicitly due to the limited nature of the Network.Wai.Session interface. Sessions should be cleared when a login is performed, to prevent certain kinds of session hijacking attacks.
defaultSettings :: StoreSettings Source #
Create default settings using a session timeout of one hour, a cryptographically secure session id generator using 24 bytes of entropy and putStrLn to log events to stdout.
fromSimpleConnection :: Connection -> IO SimpleConnection Source #
Prepare a simple mysql connection for use by the mysql session store. This basically wraps the connection along with a mutex to ensure transactions work correctly. Connections used this way must not be used anywhere else for the duration of the session store! It is recommended to use a connection pool instead. To use a connection pool, you simply need to implement the WithMySQLConn type class.
purgeOldSessions :: WithMySQLConn a => a -> StoreSettings -> IO Int64 Source #
Delete expired sessions from the database.
purger :: WithMySQLConn a => a -> StoreSettings -> IO ThreadId Source #
Run a thread using forkIO that runs periodically to purge old sessions.
ratherSecureGen :: Int -> IO ByteString Source #
Generate a session ID with n bytes of entropy
data SimpleConnection Source #
A simple MySQL connection stored together with a mutex that prevents from running more than one mysql transaction at the same time. It is recommended to use a connection pool instead for larger sites.
Instances
data StoreSettings Source #
These settings control how the session store is behaving
Constructors
| StoreSettings | |
Fields
| |
Instances
class WithMySQLConn a where Source #
By default, you pass a mysql connection to the session store when creating it. The passed connection will have to stay open for the (possibly very long) existence of the session and it should not be used for any other purpose during that time. You can implement an instance of this class for a connection pool instead, so that the session manager will not require a permanent open MySQL connection.
Minimal complete definition
Methods
withMySQLConn :: a -> (Connection -> IO b) -> IO b Source #
Call the function (Connection -> IO b) with a valid and open MySQL connection.
Instances