Safe Haskell	None
Language	Haskell2010

Web.Spock.SessionActions

Synopsis

type SessionId = Text
sessionRegenerateId :: SpockActionCtx ctx conn sess st ()
getSessionId :: SpockActionCtx ctx conn sess st SessionId
readSession :: SpockActionCtx ctx conn sess st sess
writeSession :: forall sess ctx conn st. sess -> SpockActionCtx ctx conn sess st ()
modifySession :: (sess -> sess) -> SpockActionCtx ctx conn sess st ()
modifySession' :: (sess -> (sess, a)) -> SpockActionCtx ctx conn sess st a
modifyReadSession :: (sess -> sess) -> SpockActionCtx ctx conn sess st sess
mapAllSessions :: (forall m. Monad m => sess -> m sess) -> SpockActionCtx ctx conn sess st ()
clearAllSessions :: SpockActionCtx ctx conn sess st ()

Documentation

Regenerate the users sessionId. This preserves all stored data. Call this prior to logging in a user to prevent session fixation attacks.

Get the current users sessionId. Note that this ID should only be shown to it's owner as otherwise sessions can be hijacked.

Read the stored session

writeSession :: forall sess ctx conn st. sess -> SpockActionCtx ctx conn sess st () Source #

Write to the current session. Note that all data is stored on the server. The user only reciedes a sessionId to be identified.

modifySession :: (sess -> sess) -> SpockActionCtx ctx conn sess st () Source #

Modify the stored session

modifySession' :: (sess -> (sess, a)) -> SpockActionCtx ctx conn sess st a Source #

Modify the stored session and return a value

modifyReadSession :: (sess -> sess) -> SpockActionCtx ctx conn sess st sess Source #

Modify the stored session and return the new value after modification

mapAllSessions :: (forall m. Monad m => sess -> m sess) -> SpockActionCtx ctx conn sess st () Source #

Apply a transformation to all sessions. Be careful with this, as this may cause many STM transaction retries.

Globally delete all existing sessions. This is useful for example if you want to require all users to relogin