- All Known Implementing Classes:
SessionToken.CookieID
,SessionToken.HeaderID
,SessionToken.SignedCookie
public interface SessionToken
Find, save and delete a session token (cookie, header, parameter, etc) into/from the web
Context
.- Author:
- edgar
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic class
Looks for a session ID from request cookie headers.static class
Looks for a session ID from request headers.static class
Looks for a session token from request cookie. -
Field Summary
Modifier and TypeFieldDescriptionstatic final int
Size of default token generator.static final SecureRandom
Secure random for default session token generator.static final Cookie
Default cookie for cookie based session stores. -
Method Summary
Modifier and TypeMethodDescriptionstatic SessionToken
combine
(SessionToken... tokens) Combine/compose two or more session tokens.static SessionToken
Create a cookie-based Session ID.void
deleteToken
(Context ctx, String token) Delete session ID in the web context.Find session ID.static SessionToken
Create a header-based Session Token.default String
newToken()
Generate a new token.void
Save session ID in the web context.static SessionToken
signedCookie
(Cookie cookie) Create a signed-cookie-based Session token.
-
Field Details
-
SID
Default cookie for cookie based session stores. Usesjooby.sid
as name. It never expires, use the root, only for HTTP. -
RND
Secure random for default session token generator. -
ID_SIZE
static final int ID_SIZESize of default token generator.- See Also:
-
-
Method Details
-
newToken
Generate a new token. This implementation produces an url encoder ID using a secure random ofID_SIZE
.- Returns:
- A new token.
-
findToken
Find session ID.- Parameters:
ctx
- Web context.- Returns:
- Session ID or
null
.
-
saveToken
Save session ID in the web context.- Parameters:
ctx
- Web context.token
- Token/data to save.
-
deleteToken
Delete session ID in the web context.- Parameters:
ctx
- Web context.token
- Token/data to delete.
-
cookieId
Create a cookie-based Session ID. This strategy:- find a token from a request cookie. - on save, set a response cookie on new sessions or when cookie has a max-age value. - on destroy, expire the cookie.
- Parameters:
cookie
- Cookie to use.- Returns:
- Session Token.
-
signedCookie
Create a signed-cookie-based Session token. This strategy:- find a token from a request cookie. - on save, set a response cookie. - on destroy, expire the cookie.
- Parameters:
cookie
- Cookie to use.- Returns:
- Session Token.
-
header
Create a header-based Session Token. This strategy:- find a token from a request header. - on save, send the header back as response header. - on session destroy. don't send response header back.
- Parameters:
name
- Header name.- Returns:
- Session Token.
-
combine
Combine/compose two or more session tokens. Example:
On new session, creates a response header and cookie. On save token, generates a response header or cookie based on best matches. On delete token, generates a response header or cookie based on best matches.SessionToken token = SessionToken.combine( SessionToken.header("TOKEN"), SessionToken.cookie(SID) );
- Parameters:
tokens
- Tokens to use.- Returns:
- A composed session token.
-