Red.CookieSessions 1.2.1

This package has been deprecated as it is legacy and is no longer maintained.

There is a newer version of this package available.
See the version list below for details.

dotnet add package Red.CookieSessions --version 1.2.1

NuGet\Install-Package Red.CookieSessions -Version 1.2.1

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="Red.CookieSessions" Version="1.2.1" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add Red.CookieSessions --version 1.2.1

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: Red.CookieSessions, 1.2.1"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install Red.CookieSessions as a Cake Addin
#addin nuget:?package=Red.CookieSessions&version=1.2.1

// Install Red.CookieSessions as a Cake Tool
#tool nuget:?package=Red.CookieSessions&version=1.2.1

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

Simple session management middleware for Red.

Usage

After installing and referencing this library, the Red.Request has the extension methods OpenSession(sessionData) and GetSession().

OpenSession(sessionData) will open a new session and add a header to the response associated with the request.

GetSession<TSession>() will return the CookieSession object wrapping the TSession-data, which has two methods: Renew() and Close(), and the field Data, which holds the session-data object

Example

class MySession 
{
    public string Username;
}
...

server.Use(new CookieSessions<MySession>(new CookieSessionSettings(TimeSpan.FromDays(1))
{   // We allow unauthenticated users to send requests to /login, so we can authenticate them
    ShouldAuthenticate = path => path != "/login" // We allow people to send requests without a valid Authorization to /login, where we can authenticate them
}));
server.Post("/login", async (req, res) =>
{
    var form = await res.GetFormDataAsync();
    if (ValidForm(form) && Authenticate(form["username"], form["password"]))
    {
        req.OpenSession(new MySession {Username = form["username"]}); // Here we just have the username as session-data
        await res.SendStatus(HttpStatusCode.OK);
    }
    else 
        await res.SendStatus(HttpStatusCode.BadRequest);
});
// Only authenticated users are allowed to /friends
server.Get("/friends", async (req, res) => 
{
    var session = req.GetSession<MySession>();
    var friends = database.GetFriendsOfUser(session.Username);
    await res.SendJson(friends);
});
server.Post("/logout", async (req, res) => 
{
    req.GetSession<MySession>().Close();
    await res.SendStatus(HttpStatusCode.OK);
});

Implementation

OpenSession will open a new session and attach a Set-Cookie header to the associated response. This header's value contains the token used for authentication. The token is generated using the RandomNumberGenerator from System.Security.Cryptography, so it shouldn't be too easy to "guess" other tokens, even with knowledge of some tokens.

Product	Compatible and additional computed target framework versions.
.NET	net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed.
.NET Core	netcoreapp2.0 is compatible. netcoreapp2.1 was computed. netcoreapp2.2 was computed. netcoreapp3.0 was computed. netcoreapp3.1 was computed.

Product

.NET

.NET Core

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

.NETCoreApp 2.0
- RHttpServer (>= 3.0.0)

NuGet packages (4)

Showing the top 4 NuGet packages that depend on Red.CookieSessions:

Package	Downloads
Red.CookieSessions.EFCore A EntityFrameworkCore session store for Red.CookieSessions	8.6K
Red.CookieSessions.LiteDBStore A LiteDB session store for Red.CookieSessions	4.7K
Red.CookieSessions.SQLiteStore A SQLite session store for Red.CookieSessions, to persists sessions	4.6K
Red.CookieSessions.RedisStore A Redis session store for Red.CookieSessions	2.3K

GitHub repositories

This package is not used by any popular GitHub repositories.

Version	Downloads	Last updated
5.1.0	2,057	2/22/2020
5.0.0	2,787	1/3/2020
4.1.0	2,874	9/29/2019
4.0.1	1,546	9/29/2019
4.0.0	699	9/29/2019
3.1.0	1,098	5/16/2019
3.0.2	1,239	4/30/2019
3.0.1	1,256	3/10/2019
3.0.0	806	3/10/2019
2.2.0	948	1/9/2019
2.1.1	959	9/12/2018
2.1.0	927	9/12/2018
2.0.0	1,210	6/26/2018
1.3.0	1,107	5/20/2018
1.2.1	1,090	5/19/2018
1.2.0	1,105	5/19/2018
1.1.0	1,271	4/20/2018
1.0.0	1,126	3/26/2018

changed the way to determine whether a path requires authentication. Now using Func<string,bool>