Swiftpack.co - Package - IBM-Swift/Kitura-Session

Kitura

Docs Build Status - Master macOS Linux Apache 2 Slack Status

Kitura-Session

A pluggable framework for managing user sessions in a Swift server using Kitura

Summary

A pluggable framework for managing user sessions in a Swift server using Kitura

Table of Contents

Swift version

The latest version of Kitura-Session requires Swift 4.0 or later. You can download this version of the Swift binaries by following this link. Compatibility with other Swift versions is not guaranteed.

API

In order to use the Session middleware, an instance of Session has to be created:

public init(secret: String, cookie: [CookieParameter]?=nil, store: Store?=nil)

Where:

  • secret is a String to be used for session encoding. It should be a large unguessable string, say minimum 14 characters long.
  • cookie is a list of options for session's cookies. The options are (specified in CookieParameter enumeration): name - cookie's name, defaults to "kitura-session-id", path - cookie's Path attribute defaults to "/", secure - cookie's Secure attribute, false by default, and maxAge - an NSTimeInterval with cookie's expiration time in seconds, defaults to -1.0, i.e., no expiration.
  • store is an instance of a plugin for session backing store that implements Store protocol. If not set, InMemoryStore is used.

The last two parameters are optional.


The *secret* parameter is used to secure the session ID and ensure that the session ID cannot be guessed. *Secret* is used to derive a pair of encryption and signature keys via PBKDF2 and a fixed IV to make the session ID cookie be authenticated encrypted. *Secret* isn't used directly to encrypt or compute the MAC of the cookie.

Example

This is an example of Session middleware with KituraSessionRedis plugin:

import KituraSession
import KituraSessionRedis

let redisStore = RedisStore(redisHost: host, redisPort: port)
let session = Session(secret: "Some secret", store: redisStore)
router.all(middleware: session)

First an instance of RedisStore is created (see KituraSessionRedis for more information), then an instance of Session with the store as parameter is created, and finally it is connected to the desired path.

Plugins

License

This library is licensed under Apache 2.0. Full license text is available in LICENSE.