io.jooby

Interface SessionToken

All Known Implementing Classes:

MultipleSessionToken, SessionToken.CookieID, SessionToken.HeaderID, SessionToken.SignedCookie

public interface SessionToken

Find, save and delete a session token (cookie, header, parameter, etc) into/from the web Context.

Author:

edgar

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	SessionToken.CookieID Looks for a session ID from request cookie headers.
static class	SessionToken.HeaderID Looks for a session ID from request headers.
static class	SessionToken.SignedCookie Looks for a session token from request cookie.

Field Summary

Fields

Modifier and Type	Field and Description
static int	ID_SIZE Size of default token generator.
static SecureRandom	RND Secure random for default session token generator.
static Cookie	SID Default cookie for cookie based session stores.

Method Summary

Modifier and Type	Method and Description
static SessionToken	combine(SessionToken... tokens) Combine/compose two or more session tokens.
static SessionToken	cookieId(Cookie cookie) Create a cookie-based Session ID.
void	deleteToken(Context ctx, String token) Delete session ID in the web context.
String	findToken(Context ctx) Find session ID.
static SessionToken	header(String name) Create a header-based Session Token.
default String	newToken() Generate a new token.
void	saveToken(Context ctx, String token) Save session ID in the web context.
static SessionToken	signedCookie(Cookie cookie) Create a signed-cookie-based Session token.

Field Detail

SID

static final Cookie SID

Default cookie for cookie based session stores. Uses jooby.sid as name. It never expires, use the root, only for HTTP.

RND

static final SecureRandom RND

Secure random for default session token generator.

ID_SIZE

static final int ID_SIZE

Size of default token generator.

See Also:

Constant Field Values

Method Detail

newToken

@Nonnull
default String newToken()

Generate a new token. This implementation produces an url encoder ID using a secure random of ID_SIZE.

Returns:

A new token.

findToken

@Nullable
String findToken(@Nonnull
                           Context ctx)

Find session ID.

Parameters:

ctx - Web context.

Returns:

Session ID or null.

saveToken

void saveToken(@Nonnull
               Context ctx,
               @Nonnull
               String token)

Save session ID in the web context.

Parameters:

ctx - Web context.

token - Token/data to save.

deleteToken

void deleteToken(@Nonnull
                 Context ctx,
                 @Nonnull
                 String token)

Delete session ID in the web context.

Parameters:

ctx - Web context.

token - Token/data to delete.

cookieId

@Nonnull
static SessionToken cookieId(@Nonnull
                                      Cookie cookie)

Create a cookie-based Session ID. This strategy: - find a token from a request cookie. - on save, set a response cookie on new sessions or when cookie has a max-age value. - on destroy, expire the cookie.

Parameters:

cookie - Cookie to use.

Returns:

Session Token.

signedCookie

@Nonnull
static SessionToken signedCookie(@Nonnull
                                          Cookie cookie)

Create a signed-cookie-based Session token. This strategy: - find a token from a request cookie. - on save, set a response cookie. - on destroy, expire the cookie.

Parameters:

cookie - Cookie to use.

Returns:

Session Token.

header

@Nonnull
static SessionToken header(@Nonnull
                                    String name)

Create a header-based Session Token. This strategy: - find a token from a request header. - on save, send the header back as response header. - on session destroy. don't send response header back.

Parameters:

name - Header name.

Returns:

Session Token.

combine

@Nonnull
static SessionToken combine(@Nonnull
                                     SessionToken... tokens)

Combine/compose two or more session tokens. Example:

   SessionToken token = SessionToken.combine(
       SessionToken.header("TOKEN"),
       SessionToken.cookie(SID)
   );
 
 

On new session, creates a response header and cookie. On save token, generates a response header or cookie based on best matches. On delete token, generates a response header or cookie based on best matches.

Parameters:

tokens - Tokens to use.

Returns:

A composed session token.