@travetto/rest-session

5.0.18 • Public • Published

REST Session

Session provider for the travetto rest module.

Install: @travetto/rest-session

npm install @travetto/rest-session

# or

yarn add @travetto/rest-session

This is a module that adds session support to the RESTful API framework. Sessions allow for persistent data across multiple requests. Within the framework the sessions are stored against any Data Modeling Support implementation that provides ModelExpirySupport, as the data needs to be able to be expired appropriately. The list of supported model providers are:

Code: Sample Session Usage

import { InjectableFactory } from '@travetto/di';
import { ModelExpirySupport } from '@travetto/model';
import { Controller, Put, Get } from '@travetto/rest';
import { SessionData, Session, SessionModelⲐ } from '@travetto/rest-session';
import { MemoryModelService } from '@travetto/model-memory';

// Applies to entire execution, not just this file
class SessionConfig {
  /**
   * Session provider must be specified. The memory service is sufficient for simple
   *   workloads, buts falls down when dealing with multiple servers
   */
  @InjectableFactory(SessionModelⲐ)
  static getSessionModel(memory: MemoryModelService): ModelExpirySupport {
    return memory;
  }
}

@Controller('/session')
export class SessionRoutes {

  @Put('/info')
  async storeInfo(data: SessionData) {
    data.age = 20;
    data.name = 'Roger'; // Setting data
  }

  @Get('/logout')
  async logout(session: Session) {
    await session.destroy();
  }

  @Get('/info/age')
  async getInfo(data: SessionData) {
    return data.age;
  }
}

This usage should be comparable to express, koa and mostly every other framework.

Session Configuration

The module supports a general set of configuration that should cover the majority of session behaviors:

Code: Session Config

import { AppError, Runtime, TimeUtil } from '@travetto/runtime';
import { Config } from '@travetto/config';
import { Secret } from '@travetto/schema';

/**
 * Rest session config
 */
@Config('rest.session')
export class SessionConfig {
  /**
   * Should the session auto write
   */
  autoCommit = true;
  /**
   * Max age for a given session
   */
  maxAge = TimeUtil.asMillis(30, 'm'); // Half hour
  /**
   * Can the session be renewed
   */
  renew = true;
  /**
   * Should the session support rolling renewals
   */
  rolling = false;
  /**
   * Should the session be signed
   */
  sign = true;
  /**
   * Secret for signing the session
   */
  @Secret()
  secret?: string;
  /**
   * Signature key name
   */
  keyName = 'trv_sid';
  /**
   * Location for auth
   */
  transport: 'cookie' | 'header' = 'cookie';

  postConstruct(): void {
    if (!this.secret && Runtime.production) {
      throw new AppError('Default session secret is only valid for development use, please specify a config value at rest.session.secret');
    }
  }
}

These are all configurable via the rest.session.* config values. And as a note, in production, a secret is required to be specified.

/@travetto/rest-session/

    Package Sidebar

    Install

    npm i @travetto/rest-session

    Homepage

    travetto.io

    Weekly Downloads

    49

    Version

    5.0.18

    License

    MIT

    Unpacked Size

    27.4 kB

    Total Files

    11

    Last publish

    Collaborators

    • arcsine