abraithwaite / jeff Goto Github PK
View Code? Open in Web Editor NEW🍍Jeff provides the simplest way to manage web sessions in Go.
License: BSD 3-Clause "New" or "Revised" License
🍍Jeff provides the simplest way to manage web sessions in Go.
License: BSD 3-Clause "New" or "Revised" License
I'm not in love with the name of the repo.
A quick look at both libraries seems to show an important difference: github.com/alexedwards/scs buffers all response bytes. A bufferedResponseWriter{}
buffering all output to catch session changes before headers are sent (
Jeff seems to handle this better (but not easier) by making you call Set manually when headers should be set without wrapping your http.Handler.
Don't use alexedwards/scs if you send large payloads to clients, stream response bodies, use websockets(?), etc.
Can you use the cookie as a storer for the session instead of a backend like redis and others?
Clear function in sessions.go doesn't handle the return value of the clear function.
Line 225 in a6a878d
Hi, I saw your project in my GitHub feed because someone I follow starred it and when seeing the Storage interface I immediately thought that it would be a great fit for a project of mine: https://github.com/philippgille/gokv
I'll paste the code here so you don't have to follow the links:
jeff.Storage
:
type Storage interface {
Store(ctx context.Context, key, value []byte, exp time.Time)
Fetch(ctx context.Context, key []byte) (value []byte, err error)
Delete(ctx context.Context, key []byte) error
}
gokv.Store
:
type Store interface {
Set(k string, v interface{}) error
Get(k string, v interface{}) (found bool, err error)
Delete(k string) error
Close() error
}
Downsides:
gokv
doesn't work with contexts yetUpsides:
This is exactly the use case that I had in mind when creating it: As a package creator you want your package users to to be able to use as many storage implementations as possible, so you only use a common key-value interface and then point package users to existing implementations.
Maybe you can have a look at it and then I'd love to hear what you think :)
Currently, each session requires a unique key. Would be nicer if we stored a list of sessions for each key.
Provide ability to store generic session metadata with session (binary blob).
Currently, user's sessions are stored as a list of active sessions under a single key in redis, each with their own unique token.
When we moved to this model, we didn't update the Clear
and Delete
methods to be able to clear just an individual session. As it stands, calling either of these methods will terminate all active sessions instead of just one, as it was originally intended.
Excuse the question maybe very basic for you, but I'm learning day by day and I want to understand well.
I am using authboss for a hobby project.
But I do not need most of its features: I would just like to authenticate a user (email and password) if he has to use specific APIs.
Do you think I can replace authboss with your project?
For our application, we need our session cookies to have SameSite=None. SameSite=lax is hardcoded in the cookie setup, here:
Line 198 in ade959f
Can SameSite's setting become an Option on jeff.New()?
Hi @abraithwaite!
First of all, I want to say thanks a lot for this package, I found out that popular packages were lacking for my use-case where I want to search sessions by user-id.
However, after taking a look around, I couldn't find an exported function to get all active sessions for a user.
This is helpful, for example, if the user is logged in from many devices and we want to revoke them all at once.
Thoughts?
Add this for shared cache scenarios
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.