Auth Session

Session provider for the travetto auth module.

Install: @travetto/auth-session
``bash npm install @travetto/auth-session

`or`

yarn add @travetto/auth-session`

This is a module that adds session support to the Authentication framework, via Data Modeling Support storage. The concept here, is that the Authentication module provides the solid foundation for ensuring authentication to the system, and transitively to the session data. The Principal provides a session identifier, which refers to a unique authentication session. Each login will produce a novel session id. This id provides the contract between Authentication andAuth Session.

This session identifier, is then used when retrieving data from Data Modeling Support storage. This storage mechanism is not tied to a request/response model, but the Web Auth Session does provide a natural integration with the Web API module.

Within the framework the sessions are stored against any Data Modeling Support implementation that provides ModelExpirySupport, as the data needs to be able to be expired appropriately. The list of supported model providers are: * Redis Model Support * MongoDB Model Support * S3 Model Support * DynamoDB Model Support * Elasticsearch Model Source * File Model Support * Memory Model Support

While the expiry is not necessarily a hard requirement, the implementation without it can be quite messy. To that end, the ability to add ModelExpirySupport to the model provider would be the natural extension point if more expiry support is needed.

Code: Sample usage of Session Service`typescript export class AuthSessionInterceptor implements WebInterceptor {

category: WebInterceptorCategory = 'application'; dependsOn = [AuthContextInterceptor];

@Inject() service: SessionService;

@Inject() context: SessionContext;

@Inject() webAsyncContext: WebAsyncContext;

postConstruct(): void { this.webAsyncContext.registerSource(toConcrete(), () => this.context.get(true)); this.webAsyncContext.registerSource(toConcrete(), () => this.context.get(true).data); }

async filter({ next }: WebChainedContext): Promise { try { await this.service.load(); return await next(); } finally { await this.service.persist(); } } }``

The SessionService provides the basic integration with the AuthContext to authenticate and isolate session data. The usage is fairly simple, but the import pattern to follow is:
* load
* read/modify
* persist

And note, persist is intelligent enough to only update the data store if the expiration date has changed or if the data in the session has been modified.

or

yarn add @travetto/auth-session

This is a module that adds session support to the Authentication framework, via Data Modeling Support storage.  The concept here, is that the Authentication module provides the solid foundation for ensuring authentication to the system, and transitively to the session data. The Principal provides a session identifier, which refers to a unique authentication session.  Each login will produce a novel session id.  This id provides the contract between Authentication andAuth Session.

This session identifier, is then used when retrieving data from Data Modeling Support storage. This storage mechanism is not tied to a request/response model, but the Web Auth Session does provide a natural integration with the Web API module.

While the expiry is not necessarily a hard requirement, the implementation without it can be quite messy.  To that end, the ability to add ModelExpirySupport to the model provider would be the natural extension point if more expiry support is needed.

Code: Sample usage of Session Service

typescript
export class AuthSessionInterceptor implements WebInterceptor {

  category: WebInterceptorCategory = 'application';
  dependsOn = [AuthContextInterceptor];

  @Inject()
  service: SessionService;

  @Inject()
  context: SessionContext;

  @Inject()
  webAsyncContext: WebAsyncContext;

  postConstruct(): void {
    this.webAsyncContext.registerSource(toConcrete(), () => this.context.get(true));
    this.webAsyncContext.registerSource(toConcrete(), () => this.context.get(true).data);
  }

  async filter({ next }: WebChainedContext): Promise {
    try {
      await this.service.load();
      return await next();
    } finally {
      await this.service.persist();
    }
  }
}

And note, persist is intelligent enough to only update the data store if the expiration date has changed or if the data in the session has been modified.

@travetto/auth-session

Auth Session

Session provider for the travetto auth module.

or

@travetto/auth-session

Auth Session

Session provider for the travetto auth module.

or

Dist Tags

`or`

`or`