Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tower-sessions-core crate rework #218

Closed
wants to merge 36 commits into from
Closed

tower-sessions-core crate rework #218

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
5df956b
progress
carloskiki Sep 20, 2024
b51d557
mvp
carloskiki Sep 20, 2024
1a2e893
purge unused deps
carloskiki Sep 20, 2024
afd2de2
strongly typed Session API
carloskiki Sep 23, 2024
97aed45
work on middleware
carloskiki Sep 26, 2024
a8aa9bb
progress on middleware
carloskiki Sep 27, 2024
80e89d2
more progress
carloskiki Sep 27, 2024
e92fcf6
more progress
carloskiki Sep 27, 2024
bc9f013
list todos in readme
carloskiki Sep 27, 2024
f8ef37e
Finished middleware
carloskiki Sep 29, 2024
a41b933
complete memory-store impl
carloskiki Sep 29, 2024
8623a3d
working memory store impl
carloskiki Sep 29, 2024
2f39520
cargo.toml update
carloskiki Sep 29, 2024
0d40791
add support for randomly generating Ids
carloskiki Oct 1, 2024
c335490
minimal docs
carloskiki Oct 1, 2024
08ec50e
remove comment
carloskiki Oct 3, 2024
401b83b
very nice API
carloskiki Oct 3, 2024
c64ea98
purge unused deps
carloskiki Oct 3, 2024
1a873e1
Full documentation of core
carloskiki Oct 4, 2024
11b8092
doc fixes
carloskiki Oct 4, 2024
e1346eb
changes
carloskiki Oct 5, 2024
494dd51
add note on expiration handling in store
carloskiki Oct 5, 2024
72e4ab9
fix
carloskiki Oct 5, 2024
941d63c
remove useless examples, and unused deps
carloskiki Oct 5, 2024
de5e013
stop the flex in the readme
carloskiki Oct 7, 2024
b23fb18
misc
carloskiki Oct 9, 2024
b4514c8
remove useless constructor
carloskiki Oct 9, 2024
3b6f028
add documentation
carloskiki Oct 9, 2024
66de666
fix tests
carloskiki Oct 9, 2024
7b776aa
add tracing
carloskiki Oct 9, 2024
d7649c4
remove extra bounds on Service
carloskiki Oct 10, 2024
f82d9ce
better tracing
carloskiki Oct 10, 2024
421f0cc
pre sed
carloskiki Nov 18, 2024
401042a
ran sed
carloskiki Nov 18, 2024
bcfe63e
renamed files
carloskiki Nov 18, 2024
5994a66
thing compiles
carloskiki Nov 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
303 changes: 0 additions & 303 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,303 +0,0 @@
# Unreleased

# 0.13.0

- Add option to always save session. #216

# 0.12.3

- Ensure `continuously_delete_expired` waits for initial run. #208

# 0.12.2

- Ensure `set_expiry` mutates `Max-Age`. #191

This addresses a bug where using `set_expiry` on a session with no initial expiry time would not add the Max-age attribute to the cookie leading to an inconsitency between the cookie and the database.

# 0.12.1

**Important Security Update**

- Ensure ID cycling invokes `create`. #188

Because cycling the session ID involves creating a new ID, this must follow the same semantics as normal session creation. Therefore prior to this fix session ID collision could occur through this vector.

# 0.12.0

**Important Security Update**

- Id collision mitigation. #181

This release introduces a new method, `create`, to the `SessionStore` trait to distinguish between creating a new session and updating an existing one. **This distinction is crucial for mitigating the potential for session ID collisions.**

Although the probability of session ID collisions is statistically low, given that IDs are composed of securely-random `i128` values, such collisions pose a significant security risk. A store that does not differentiate between session creation and updates could inadvertently allow an existing session to be accessed, leading to potential session takeovers.

Session store authors are strongly encouraged to update and implement `create` such that potential ID collisions are handled, either by generating a new ID or returning an error.

As a transitional measure, we have provided a default implementation of `create` that wraps the existing `save` method. However, this default is not immune to the original issue. Therefore, it is imperative that stores override the `create` method with an implementation that adheres to the required uniqueness semantics, thereby effectively mitigating the risk of session ID collisions.

# 0.11.1

- Ensure `session.set_expiry` updates record. #175
- Provide `signed` and `private` features, enabling signing and encryption respectively. #157

# 0.11.0

- Uses slices when encoding and decoding `Id`. #159

**Breaking Changes**

- Removes `IdError` type in favor of using `base64::DecodeSliceError`. #159
- Provides the same changes as 0.10.4, without breaking SemVer.
- Updates `base64` to `0.22.0`.

# ~0.10.4~ **Yanked:** SemVer breaking

- Revert introduction of lifetime parameter; use static lifetime directly

This ensures that the changes introduced in `0.10.3` do not break SemVer.

Please note that `0.10.3` has been yanked in accordance with cargo guidelines.

# ~0.10.3~ **Yanked:** SemVer breaking

- Improve session config allocation footprint #158

# 0.10.2

- Ensure "Path" and "Domain" are set on removal cookie #154

# 0.10.1

- Ensure `Expires: Session` #149

# 0.10.0

**Breaking Changes**

- Improve session ID #141
- Relocate previously bundled stores #145
- Move service out of core #146

Session IDs are now represetned as base64-encoded `i128`s, boast 128 bits of entropy, and are shorter, saving network bandwidth and improving the secure nature of sessions.

We no longer bundle session stores via feature flags and as such applications must be updated to require the stores directly. For example, applications that use the `tower-sessions-sqlx-store` should update their `Cargo.toml` like so:

```toml
tower-sessions = "0.10.0"
tower-sessions-sqlx-store = { version = "0.10.0", features = ["sqlite"] }
```

Assuming a SQLite store, as an example.

Furthermore, imports will also need to be updated accordingly. For example:

```rust
use std::net::SocketAddr;

use axum::{response::IntoResponse, routing::get, Router};
use serde::{Deserialize, Serialize};
use time::Duration;
use tower_sessions::{session_store::ExpiredDeletion, Expiry, Session, SessionManagerLayer};
use tower_sessions_sqlx_store::{sqlx::SqlitePool, SqliteStore};

const COUNTER_KEY: &str = "counter";

#[derive(Serialize, Deserialize, Default)]
struct Counter(usize);

#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let pool = SqlitePool::connect("sqlite::memory:").await?;
let session_store = SqliteStore::new(pool);
session_store.migrate().await?;

let deletion_task = tokio::task::spawn(
session_store
.clone()
.continuously_delete_expired(tokio::time::Duration::from_secs(60)),
);

let session_layer = SessionManagerLayer::new(session_store)
.with_secure(false)
.with_expiry(Expiry::OnInactivity(Duration::seconds(10)));

let app = Router::new().route("/", get(handler)).layer(session_layer);

let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
let listener = tokio::net::TcpListener::bind(&addr).await?;
axum::serve(listener, app.into_make_service()).await?;

deletion_task.await??;

Ok(())
}

async fn handler(session: Session) -> impl IntoResponse {
let counter: Counter = session.get(COUNTER_KEY).await.unwrap().unwrap_or_default();
session.insert(COUNTER_KEY, counter.0 + 1).await.unwrap();
format!("Current count: {}", counter.0)
}
```

Finally, the service itself has been moved out of the core crate, which makes this crate smaller as well as establishes better boundaries between code.

Thank you for bearing with us: we are approaching longer term stability and aim to minimize churn going forward as we begin to move toward a 1.0 release.

# 0.9.1

- Ensure `clear` works before record loading. #134

# 0.9.0

**Breakiung Changes**

- Make service infallible. #132

This updates the service such that it always returns a response directly. In practice this means that e.g. `axum` applications no longer need the `HandleErrorLayer` and instead can use the layer directly. Note that if you use other fallible `tower` middleware, you will still need to use `HandleErrorLayer`.

As such we've also remove the `MissingCookies` and `MissingId` variants from the session error enum.

# 0.8.2

- Derive `PartialEq` for `Record`. #125

# 0.8.1

- Allow constructing `RedisStore` from `RedisPool`. #122

# 0.8.0

**Breaking Changes**

- Lazy sessions. #112

Among other things, session methods are now entirely async, meaning applications must be updated to await these methods in order to migrate.

Separately, `SessionStore` has been updated to use a `Record` intermediary. As such, `SessionStore` implementations must be updated accordingly.

Session stores now use a concrete error type that must be used in implementations of `SessionStore`.

The `secure` cookie attribute now defaults to `true`.

# 0.7.0

**Breaking Changes**

- Bump `axum-core` to 0.4.0, `http` to 1.0, `tower-cookies` to 0.10.0. #107

This brings `tower-cookies` up-to-date which includes an update to the `cookies` crate.

# 0.6.0

**Breaking Changes**

- Remove concurrent shared memory access support; this may also address some performance degradations. #91
- Related to shared memory support, we also remove `replace_if_equal`, as it is no longer relevant. #91

**Other Changes**

- Allow setting up table and schema name for Postgres. #93

# 0.5.1

- Only delete from session store if we have a session cookie. #90

# 0.5.0

**Breaking Changes**

- Use a default session name of "id" to avoid fingerprinting, as per https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#session-id-name-fingerprinting.

Note that applications using the old default, "tower.sid", may continue to do so without disruption by specifying [`with_name("tower.sid")`](https://docs.rs/tower-sessions/latest/tower_sessions/service/struct.SessionManagerLayer.html#method.with_name).

# 0.4.3

## **Important Security Fix**

If your application uses `MokaStore` or `MemoryStore`, please update immediately to ensure proper server-side handling of expired sessions.

**Other Changes**

- Make `HttpOnly` configurable. #81

# 0.4.2

- Provide tracing instrumentation.
- Ensure non-negative max-age. #79

# 0.4.1

- Fix lifecycle state persisting in stores when it should not. #71

# 0.4.0

**Breaking Changes**

- Sessions are serialized and deserialized from stores directly and `SessionRecord` is removed.
- Expiration time has been replaced with an expiry type.
- Drop session-prefix from session types.
- The session `modified` methid is renamed to `is_modified`.
- Session active semantic is now defined by stores and the `active` method removed.
- Service now contains session configuration and `CookieConfig` is removed.
- Deletion task is now provided via the `deletion-task` feature flag.

# 0.3.3

- Ensure loaded sessions are removed whenever they can be; do not couple removal with session saving.

# 0.3.2

- Implement reference-counted garbage collection for loaded sessions. #52
- Make `SessionId`'s UUID public. #53

# 0.3.1

- Use `DashMap` entry API to address data race introduced by dashmap. #41

# 0.3.0

**Breaking Changes**

- `tokio` feature flag is now `tokio-rt`.
- Session IDs are returned as references now.

**Other Changes**

- Update `fred` to 7.0.0.
- Track loaded sessions to enable concurrent access. #37

# 0.2.4

- Fix session saving and loading potential data race. #36

# 0.2.3

- Fix setting of modified in `replace_if_equal`.

# 0.2.2

- Lift `Debug` constraint on `CachingSessionStore`.
- Run caching store save and load ops concurrently. #25

# 0.2.1

- Fix clearing session's data is not persisted. #22

# 0.2.0

**Breaking Changes**

- Renamed store error variants for consistency (SqlxStoreError, RedisStoreError). #18
- Moved MySQL `expiration_time` column to `timestamp(6), for microsecond resolution. #14
- Replaced `Session.with_max_age` with `set_expiration_time` and `set_expiration_time_from_max_age`, allowing applications to control session durations dynamically. #7

**Other Changes**

- Provide layered caching via `CachingSessionStore` #8
- Provide a Moka store #6 (Thank you @and-reas-se!)
- Provide a MongoDB store #5 (Thank you @JustMangoT!)

# 0.1.0

- Initial release :tada:
Loading