Plug v1.8.0 Plug.Session.COOKIE View Source
Stores the session in a cookie.
This cookie store is based on Plug.Crypto.MessageVerifier
and Plug.Crypto.MessageEncryptor
which encrypts and signs
each cookie to ensure they can't be read nor tampered with.
Since this store uses crypto features, it requires you to
set the :secret_key_base
field in your connection. This
can be easily achieved with a plug:
plug :put_secret_key_base
def put_secret_key_base(conn, _) do
put_in conn.secret_key_base, "-- LONG STRING WITH AT LEAST 64 BYTES --"
end
Options
:encryption_salt
- a salt used withconn.secret_key_base
to generate a key for encrypting/decrypting a cookie, can be either a binary or an MFA returning a binary;:signing_salt
- a salt used withconn.secret_key_base
to generate a key for signing/verifying a cookie, can be either a binary or an MFA returning a binary;:key_iterations
- option passed toPlug.Crypto.KeyGenerator
when generating the encryption and signing keys. Defaults to 1000;:key_length
- option passed toPlug.Crypto.KeyGenerator
when generating the encryption and signing keys. Defaults to 32;:key_digest
- option passed toPlug.Crypto.KeyGenerator
when generating the encryption and signing keys. Defaults to:sha256
;:serializer
- cookie serializer module that definesencode/1
anddecode/1
returning an{:ok, value}
tuple. Defaults to:external_term_format
.:log
- Log level to use when the cookie cannot be decoded. Defaults to:debug
, can be set to false to disable it.
Examples
# Use the session plug with the table name
plug Plug.Session, store: :cookie,
key: "_my_app_session",
encryption_salt: "cookie store encryption salt",
signing_salt: "cookie store signing salt",
key_length: 64,
log: :debug
Link to this section Summary
Functions
Removes the session associated with given session id from the store
Parses the given cookie
Initializes the store
Stores the session associated with given session id
Link to this section Functions
delete(conn, sid, opts) View Source
Removes the session associated with given session id from the store.
Callback implementation for Plug.Session.Store.delete/3
.
get(conn, cookie, opts) View Source
Parses the given cookie.
Returns a session id and the session contents. The session id is any value that can be used to identify the session by the store.
The session id may be nil in case the cookie does not identify any value in the store. The session contents must be a map.
Callback implementation for Plug.Session.Store.get/3
.
init(opts) View Source
Initializes the store.
The options returned from this function will be given
to get/3
, put/4
and delete/3
.
Callback implementation for Plug.Session.Store.init/1
.
put(conn, sid, term, opts) View Source
Stores the session associated with given session id.
If nil
is given as id, a new session id should be
generated and returned.
Callback implementation for Plug.Session.Store.put/4
.