Compojure / Ring:为什么没有服务器重新启动的cookie存储会话? [英] Compojure/Ring: Why doesn't a session with cookie-store survive a server restart?
问题描述
我有一个compojure应用程序,使用环会话包装存储与当前用户相关联的OAuth令牌。我希望此令牌在服务器重新启动时保持可用,这样我就不必每次都通过auth进程。
我假设使用cookie存储,而不是默认的内存存储将有所帮助,但它不。
这是代码的相关部分:
(defn auth-callback-handler
[session {code:code}]
(let [token(retrieve-token code)]
( - > )(assoc:session(assoc session:token token)))))
(defroutes app-routes
(GET/{session:session}
(GET / auth-callback{session:session params:params}(auth-callback-handler session params))
(route / not- foundNot Found))
(def app
( - >(处理程序/网站应用程序路由)
(wrap-session {:store(cookie-store {:key16-byte secret}) })))
函数 root-handler
使用令牌来决定某人是否登录,但不返回任何会话信息的方式。
问题是您的应用程序中有 2 个换行会话中间件,因为处理程序/网站附带了一个。这导致加密/解密运行两次。要配置compojure会话句柄,请使用:
(def app
(site app-routes {:session {:store (cookie-store {:keya 16-byte secret})}}))
,也许你会对这些项目感兴趣,这些项目实现了SessionStore协议:
https://github.com/sritchie/couch-session
https://github.com/wuzhe/clj-redis-session
https://github.com/rmarianski/servlet-session-store p>
要使最后一个持久化,您需要检查您选择的servlet容器的文档。
I have a compojure app that uses the ring session wrapper to store the OAuth token associated with the current user. I would like for this token to remain available when the server restarts, so that I don't have to go through the auth process each time.
I assumed that using the cookie-store instead of the default memory-store would help, but it does not. What am I missing?
This is the relevant part of the code:
(defn auth-callback-handler
[session {code :code}]
(let [token (retrieve-token code)]
(-> (redirect "/") (assoc :session (assoc session :token token)))))
(defroutes app-routes
(GET "/" {session :session} (root-handler session))
(GET "/auth-callback" {session :session params :params} (auth-callback-handler session params))
(route/not-found "Not Found"))
(def app
(-> (handler/site app-routes)
(wrap-session {:store (cookie-store {:key "a 16-byte secret"})})))
The function root-handler
uses the token to decide if someone is logged in or not, but does not return anything in the way of session info.
The issue is that you have 2 wrap-session middlewares in your app, as the handler/site comes with one. This is causing the encrypt/decrypt to be run twice. To configure the compojure session handle use:
(def app
(site app-routes {:session {:store (cookie-store {:key "a 16-byte secret"})}}))
Also, perhaps you would be interested on some of these projects, which implement the ring SessionStore protocol:
https://github.com/sritchie/couch-session
https://github.com/wuzhe/clj-redis-session
https://github.com/rmarianski/servlet-session-store
To make the last one persistent you will need to check the documentation of your servlet container of choice.
这篇关于Compojure / Ring:为什么没有服务器重新启动的cookie存储会话?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!