SessionStorageMemory enables storing a session's content in memory. In this case, you can choose where to keep the payload on the server.
Ktor allows you to store session data on the server and pass only a session ID between the server and the client. For example, you can store session data in memory, in a specified folder, or you can implement your own custom storage. In such a case, you can choose where to store the payload on the server. Store session data on the server and pass only a session ID between the client and server. In this case, you need to sign and encrypt the session's payload to protect sensitive session data passed to the client. To redirect back to your application from a web browser, specify a unique URI to your app. If you pass only the session name to the cookie or header function, session data will be passed between the client and server. Firebase ID tokens are short lived and last for an hour the refresh token. Every time a user signs in, the user credentials are sent to the Firebase Authentication backend and exchanged for a Firebase ID token (a JWT) and refresh token. Pass session data between the client and server. Firebase Authentication sessions are long lived. Firebase Auth provides server-side session cookie management for traditional websites that rely on session cookies. In Ktor, you can manage the session data in two ways: For example, the UserSession class below will be used to store the session ID and the number of page views: Create a data classīefore configuring a session, you need to create a data class for storing session data. Protect session data: to protect sensitive session data passed to the client, you need to sign and encrypt the session's payload.Īfter configuring Sessions, you can get and set session data inside route handlers. You can also implement a custom storage for keeping session data. If you want to store the session payload on the server, you can choose how to store it: in the server memory or in a folder. You can pass the serialized session's data to the client using a cookie/header value or store the payload on the server and pass only a session identifier. Cookies suit better for plain HTML applications, while custom headers are intended for APIs.Ĭhoose where to store the session payload: on the client or server.
To configure the Sessions plugin, you need to perform the following steps:Ĭreate a data class: before configuring a session, you need to create a data class for storing session data.Ĭhoose how to pass data between the server and client: using cookies or a custom header.
0 kommentar(er)
