Red.CookieSessions 1.2.1

.NET Core 2.0 This package targets .NET Core 2.0. The package is compatible with this framework or higher.
There is a newer version of this package available.
See the version list below for details. 
dotnet add package Red.CookieSessions --version 1.2.1
                    


                    

                
NuGet\Install-Package Red.CookieSessions -Version 1.2.1
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package. 
<PackageReference Include="Red.CookieSessions" Version="1.2.1" />
For projects that support PackageReference, copy this XML node into the project file to reference the package. 
<PackageVersion Include="Red.CookieSessions" Version="1.2.1" />
                    


                            Directory.Packages.props
                        

                    

                
<PackageReference Include="Red.CookieSessions" />
                    


                            Project file
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package. 
paket add Red.CookieSessions --version 1.2.1
                    


                    

                
#r "nuget: Red.CookieSessions, 1.2.1"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package. 
#:package Red.CookieSessions@1.2.1
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package. 
#addin nuget:?package=Red.CookieSessions&version=1.2.1
                    


                            Install as a Cake Addin
                        

                    

                
#tool nuget:?package=Red.CookieSessions&version=1.2.1
                    


                            Install as a Cake Tool

Simple session management middleware for Red.

Usage

After installing and referencing this library, the Red.Request has the extension methods OpenSession(sessionData) and GetSession().

OpenSession(sessionData) will open a new session and add a header to the response associated with the request.

GetSession<TSession>() will return the CookieSession object wrapping the TSession-data, which has two methods: Renew() and Close(), and the field Data, which holds the session-data object

Example

class MySession 
{
    public string Username;
}
...

server.Use(new CookieSessions<MySession>(new CookieSessionSettings(TimeSpan.FromDays(1))
{   // We allow unauthenticated users to send requests to /login, so we can authenticate them
    ShouldAuthenticate = path => path != "/login" // We allow people to send requests without a valid Authorization to /login, where we can authenticate them
}));
server.Post("/login", async (req, res) =>
{
    var form = await res.GetFormDataAsync();
    if (ValidForm(form) && Authenticate(form["username"], form["password"]))
    {
        req.OpenSession(new MySession {Username = form["username"]}); // Here we just have the username as session-data
        await res.SendStatus(HttpStatusCode.OK);
    }
    else 
        await res.SendStatus(HttpStatusCode.BadRequest);
});
// Only authenticated users are allowed to /friends
server.Get("/friends", async (req, res) => 
{
    var session = req.GetSession<MySession>();
    var friends = database.GetFriendsOfUser(session.Username);
    await res.SendJson(friends);
});
server.Post("/logout", async (req, res) => 
{
    req.GetSession<MySession>().Close();
    await res.SendStatus(HttpStatusCode.OK);
});
Implementation

OpenSession will open a new session and attach a Set-Cookie header to the associated response. This header's value contains the token used for authentication. The token is generated using the RandomNumberGenerator from System.Security.Cryptography, so it shouldn't be too easy to "guess" other tokens, even with knowledge of some tokens.

Product Compatible and additional computed target framework versions.
.NET net5.0 was computed.  net5.0-windows was computed.  net6.0 was computed.  net6.0-android was computed.  net6.0-ios was computed.  net6.0-maccatalyst was computed.  net6.0-macos was computed.  net6.0-tvos was computed.  net6.0-windows was computed.  net7.0 was computed.  net7.0-android was computed.  net7.0-ios was computed.  net7.0-maccatalyst was computed.  net7.0-macos was computed.  net7.0-tvos was computed.  net7.0-windows was computed.  net8.0 was computed.  net8.0-android was computed.  net8.0-browser was computed.  net8.0-ios was computed.  net8.0-maccatalyst was computed.  net8.0-macos was computed.  net8.0-tvos was computed.  net8.0-windows was computed.  net9.0 was computed.  net9.0-android was computed.  net9.0-browser was computed.  net9.0-ios was computed.  net9.0-maccatalyst was computed.  net9.0-macos was computed.  net9.0-tvos was computed.  net9.0-windows was computed.  net10.0 was computed.  net10.0-android was computed.  net10.0-browser was computed.  net10.0-ios was computed.  net10.0-maccatalyst was computed.  net10.0-macos was computed.  net10.0-tvos was computed.  net10.0-windows was computed. 
.NET Core netcoreapp2.0 is compatible.  netcoreapp2.1 was computed.  netcoreapp2.2 was computed.  netcoreapp3.0 was computed.  netcoreapp3.1 was computed. 
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.

NuGet packages (4)

Showing the top 4 NuGet packages that depend on Red.CookieSessions:

Package Downloads
Red.CookieSessions.EFCore

A EntityFrameworkCore session store for Red.CookieSessions
Red.CookieSessions.LiteDBStore

A LiteDB session store for Red.CookieSessions
Red.CookieSessions.SQLiteStore

A SQLite session store for Red.CookieSessions, to persists sessions
Red.CookieSessions.RedisStore

A Redis session store for Red.CookieSessions

GitHub repositories

This package is not used by any popular GitHub repositories.

changed the way to determine whether a path requires authentication. Now using Func<string,bool>