Safe Haskell | Safe-Inferred |
---|---|
Language | GHC2021 |
Synopsis
- data Options (tx :: Type -> Type) (m :: Type -> Type) = Options {}
- defaultOptions :: Options IO IO
- hoistOptions :: Functor m2 => (forall a. tx1 a -> tx2 a) -> (forall a. m1 a -> m2 a) -> Options tx1 m1 -> Options tx2 m2
- data TimingOptions a = TimingOptions {
- timeout :: Timeout a
- resolution :: Maybe a
- defaultTimingOptions :: TimingOptions NominalDiffTime
- data Timeout a = Timeout {}
- defaultTimeout :: Timeout NominalDiffTime
- data TransportSecurity
- data Session = Session {
- key :: SessionKey
- map :: SessionMap
- time :: Time UTCTime
- newtype SessionKey = SessionKey {}
- data Time a = Time {}
- sessionKeyToCookieValue :: SessionKey -> ByteString
- newtype Randomization (m :: Type -> Type) = Randomization {
- getRandomBytes :: Natural -> m ByteString
- defaultRandomization :: IO (Randomization IO)
- deterministicallyRandom :: DeterministicRandomization -> IO (Randomization IO)
- newtype DeterministicRandomization = DeterministicRandomization {}
- data StorageException
- rotateSessionKey :: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) => m ()
- assignSessionKeyRotation :: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) => Maybe KeyRotation -> m ()
- data KeyRotation = RotateSessionKey
- disableSessionManagement :: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) => m ()
- assignSessionFreeze :: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) => Maybe SessionFreeze -> m ()
- data SessionFreeze = FreezeSessionForCurrentRequest
- data SessionEmbeddings = SessionEmbeddings {}
- class HasSessionEmbeddings a where
- data Embedding (con :: (Type -> Type) -> Constraint) e a = Embedding {}
- type SessionMapEmbedding a = Embedding (MapOperations Text ByteString) () a
- class (Monad m, Ord k) => MapOperations k v (m :: Type -> Type) | m -> k v where
- bsKeyEmbedding :: k -> Embedding (MapOperations k a) e a
- dimapEmbedding :: forall a e b (con :: (Type -> Type) -> Constraint). (a -> Either e b) -> (b -> a) -> Embedding con e a -> Embedding con e b
- showReadKeyEmbedding :: (Read a, Show a) => k -> Embedding (MapOperations k ByteString) () a
- data Comparison a = Comparison {}
- differsOn :: Eq b => (a -> b) -> Comparison a -> Bool
Options
data Options (tx :: Type -> Type) (m :: Type -> Type) #
Settings that have defaults
See defaultOptions
.
Options | |
|
defaultOptions :: Options IO IO #
Default options
- cookieName =
"session-key"
- timing =
defaultTimingOptions
- transportSecurity =
AllowPlaintextTranport
(change this in production) - embedding.keyRotation =
showReadKeyEmbedding
"session-key-rotation" - embedding.freeze =
showReadKeyEmbedding
"session-freeze" - clock =
getCurrentTime
- randomization =
defaultRandomization
- keyRotationTrigger =
const
Nothing
hoistOptions :: Functor m2 => (forall a. tx1 a -> tx2 a) -> (forall a. m1 a -> m2 a) -> Options tx1 m1 -> Options tx2 m2 #
Timing
data TimingOptions a #
Time duration settings
See defaultTimingOptions
.
TimingOptions | |
|
Instances
Show a => Show (TimingOptions a) | |
Defined in Session.Timing.Options showsPrec :: Int -> TimingOptions a -> ShowS # show :: TimingOptions a -> String # showList :: [TimingOptions a] -> ShowS # | |
Eq a => Eq (TimingOptions a) | |
Defined in Session.Timing.Options (==) :: TimingOptions a -> TimingOptions a -> Bool # (/=) :: TimingOptions a -> TimingOptions a -> Bool # |
defaultTimingOptions :: TimingOptions NominalDiffTime #
Default timing options
- timeout =
defaultTimeout
- resolution = 10 minutes
Timeout
How long sessions are allowed to live
See defaultTimeout
.
Timeout | |
|
Instances
Functor Timeout | |
Arbitrary a => Arbitrary (Timeout a) | |
Generic (Timeout a) | |
Show a => Show (Timeout a) | |
Eq a => Eq (Timeout a) | |
type Rep (Timeout a) | |
Defined in Session.Timing.Timeout type Rep (Timeout a) = D1 ('MetaData "Timeout" "Session.Timing.Timeout" "yesod-session-persist-0.0.0.2-4wroKzVSNpLxsAaD7x2SU-internal" 'False) (C1 ('MetaCons "Timeout" 'PrefixI 'True) (S1 ('MetaSel ('Just "idle") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 (Maybe a)) :*: S1 ('MetaSel ('Just "absolute") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedLazy) (Rec0 (Maybe a)))) |
defaultTimeout :: Timeout NominalDiffTime #
Default timeouts
- idle = 8 hours
- absolute = 30 days
Transport security
data TransportSecurity #
RequireSecureTransport | Only allow cookies on HTTPS connections Set this in production. |
AllowPlaintextTranport | Allow cookies over either HTTP or HTTPS This is okay for development. |
Session data model
What a saved session looks like in the database
Session | |
|
newtype SessionKey #
Secret value that is sent to and subsequently furnished by the client to identify the session
Instances
Show SessionKey | |
Defined in Session.Key showsPrec :: Int -> SessionKey -> ShowS # show :: SessionKey -> String # showList :: [SessionKey] -> ShowS # | |
Eq SessionKey | |
Defined in Session.Key (==) :: SessionKey -> SessionKey -> Bool # (/=) :: SessionKey -> SessionKey -> Bool # | |
Ord SessionKey | |
Defined in Session.Key compare :: SessionKey -> SessionKey -> Ordering # (<) :: SessionKey -> SessionKey -> Bool # (<=) :: SessionKey -> SessionKey -> Bool # (>) :: SessionKey -> SessionKey -> Bool # (>=) :: SessionKey -> SessionKey -> Bool # max :: SessionKey -> SessionKey -> SessionKey # min :: SessionKey -> SessionKey -> SessionKey # |
Creation and access times, used to determine session expiration
Randomization
newtype Randomization (m :: Type -> Type) #
General means of obtaining randomness
Randomization | |
|
defaultRandomization :: IO (Randomization IO) #
Cryptographically secure deterministic randomization seeded from
system entropy using ChaChaDRG
from the crypton
package
deterministicallyRandom :: DeterministicRandomization -> IO (Randomization IO) #
Convert from a deterministic generator to an effectful one
newtype DeterministicRandomization #
A deterministic random generator
DeterministicRandomization | |
|
Storage
data StorageException #
Common exceptions that may be thrown by any storage.
SessionAlreadyExists | Thrown when attempting to insert a new session and another session with the same key already exists |
SessionDoesNotExist | Thrown when attempting to replace an existing session but no session with the same key exists |
Instances
Exception StorageException | |
Defined in Yesod.Session.Storage.Exceptions | |
Show StorageException | |
Defined in Yesod.Session.Storage.Exceptions showsPrec :: Int -> StorageException -> ShowS # show :: StorageException -> String # showList :: [StorageException] -> ShowS # | |
Eq StorageException | |
Defined in Yesod.Session.Storage.Exceptions (==) :: StorageException -> StorageException -> Bool # (/=) :: StorageException -> StorageException -> Bool # |
Key rotation
rotateSessionKey :: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) => m () #
:: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) | |
=> Maybe KeyRotation |
|
-> m () |
Indicate whether the current session key should be rotated
The key rotation does not occur immediately; this action only places a value into the session map.
Later calls to assignSessionKeyRotation
on the same handler will
override earlier calls.
At the end of the request handler, if the value is Just
,
the session key will be rotated.
The session variable set by this function is then discarded and is not persisted across requests.
data KeyRotation #
Key rotation means we delete the session on the server and copy the stored data into a new session with a different key.
RotateSessionKey | Generate a new session key and invalidate the old one |
Instances
Freezing
disableSessionManagement :: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) => m () #
:: (MonadHandler m, HasSessionEmbeddings (HandlerSite m)) | |
=> Maybe SessionFreeze |
|
-> m () |
Indicate whether the session should be frozen for the handling of the current request
At the end of the request handler, if the value is Just
, no
database actions will be performed and no cookies will be set.
data SessionFreeze #
Instances
Session map embedding
data SessionEmbeddings #
SessionEmbeddings | |
|
Instances
data Embedding (con :: (Type -> Type) -> Constraint) e a #
Targets a value that is optionally present in some stateful monadic context
type SessionMapEmbedding a = Embedding (MapOperations Text ByteString) () a #
Specifies how we represent some value within a SessionMap
We use this to sort of abuse the session; key rotation and freezing are done by embedding special values among the session data. These special values are extracted from the map before persisting to storage and are never actually saved.
class (Monad m, Ord k) => MapOperations k v (m :: Type -> Type) | m -> k v where #
A monadic context with operations over some Map
-like state
This allows us to generalize between pure operations over Map
and
the more limited session manipulation utilities afforded by Yesod.
(See the instance list for this class.)
Instances
MapOperations Text ByteString (HandlerFor site) | |
Defined in Yesod.Session.Embedding.Map lookup :: Text -> HandlerFor site (Maybe ByteString) # assign :: Text -> Maybe ByteString -> HandlerFor site () # | |
(Monad m, Ord k) => MapOperations k v (StateT (Map k v) m) | |
bsKeyEmbedding :: k -> Embedding (MapOperations k a) e a #
An embedding which stores a value at some particular key in a map-like structure
dimapEmbedding :: forall a e b (con :: (Type -> Type) -> Constraint). (a -> Either e b) -> (b -> a) -> Embedding con e a -> Embedding con e b #
showReadKeyEmbedding :: (Read a, Show a) => k -> Embedding (MapOperations k ByteString) () a #
Represents a value in a SessionMap
by storing the
UTF-8 encoding of its show
representation at the given key
Comparison
data Comparison a #
differsOn :: Eq b => (a -> b) -> Comparison a -> Bool #