Session Shelf

Free

Languages

Dart

Description:

session shelf

session_shelf #
The session_shelf is the implementation of cookiesMiddleware and sessionMiddleware for shelf, to store sessions in files or SQL databases as plain or encrypted text.
This package is based on mezoni's (shelf_session)[https://pub.dev/packages/shelf_session], with more powerful feathers.
Version: 0.2.0
About #
Adds two middleware for shelf:

cookiesMiddleware
sessionMiddleware

The cookiesMiddleware can be used independently.
The sessionMiddleware depends on cookiesMiddleware and must be used after it.
final pipeline = const Pipeline()
.addMiddleware(cookiesMiddleware())
.addMiddleware(sessionMiddleware())
.addHandler(handler);
copied to clipboard
A small workable example:
import 'dart:io' show Cookie;

import 'package:shelf/shelf.dart';
import 'package:shelf/shelf_io.dart' as io;
import 'package:shelf_router/shelf_router.dart';
import 'package:session_shelf/session_shelf.dart';
import 'package:shelf_static/shelf_static.dart';

void main(List<String> args) async {
final router = Router();
router.get('/', _handleHome);
router.get('/login', _handleLogin);
router.get('/login/', _handleLogin);
router.post('/login', _handleLogin);
router.post('/login/', _handleLogin);
router.get('/logout', _handleLogout);
router.get('/logout/', _handleLogout);
final staticHandler =
createStaticHandler('web', defaultDocument: 'index.html');
final handler = Cascade().add(staticHandler).add(router).handler;
final pipeline = const Pipeline()
.addMiddleware(logRequests())
.addMiddleware(cookiesMiddleware())
.addMiddleware(sessionMiddleware())
.addHandler(handler);
const address = 'localhost';
const port = 8080;
final server = await io.serve(pipeline, address, port);
print('Serving at http://${server.address.host}:${server.port}');
}

const _menu = '''
<a href="/">Home</a><br />
<a href="/login">Log in</a><br />
<a href="/logout">Log out</a><br />''';

Future<Response> _handleHome(Request request) async {
final userManager = UserManager();
final user = await userManager.getUser(request);
var body = '$_menu{{message}}<br />{{cookies}}';
if (user == null) {
body = body.replaceAll('{{message}}', 'You are not logged in');
} else {
body = body.replaceAll('{{message}}', 'You are logged in as ${user.name}');
}

final cookies = request.getCookies();
body = body.replaceAll('{{cookies}}',
cookies.entries.map((e) => '${e.key}: ${e.value}').join('<br />'));
request.addCookie(Cookie('foo', 'Foo'));
if (!cookies.containsKey('baz')) {
request.addCookie(Cookie('baz', 'Baz'));
} else {
request.removeCookie(Cookie('baz', ''));
}

return _render(body);
}

Future<Response> _handleLogin(Request request) async {
const html = '''
<form action="" method="post">
<label>Login</label><br />
<input name="login" type="text" /><br />
<label>Password</label><br />
<input name="password" type="password" /><br /><br />
<button>Log in</button>
</form>
''';

if (request.method == 'GET') {
return _render(_menu + html);
}

final body = await request.readAsString();
final queryParameters = Uri(query: body).queryParameters;
final login = queryParameters['login'] ?? ''
..trim();
final password = queryParameters['password'] ?? ''
..trim();
if (login.isEmpty || password.isEmpty) {
return _render(_menu + html);
}

final user = User(login);
final userManager = UserManager();
await userManager.setUser(request, user);
return Response.found('/');
}

Future<Response> _handleLogout(Request request) async {
await Session.deleteSession(request);
return Response.found('/');
}

Response _render(String body) {
return Response.ok(body, headers: {
'Content-type': 'text/html; charset=UTF-8',
});
}

class User {
final String name;

User(this.name);
}

class UserManager {
Future<User?> getUser(Request request) async {
final session = await Session.getSession(request);
if (session == null) {
return null;
}

final user = session.data['user'];
if (user is User) {
return user;
}

return null;
}

Future<User> setUser(Request request, User user) async {
var session = await Session.getSession(request);
session ??= await Session.createSession(request);
session.data['user'] = user;
return user;
}
}

copied to clipboard
By default, session data is stored in a hash map at runtime.
This implementation implies that session data should only be created for authorized users.
This approach eliminates memory overflow in the case of various types of attacks.
After the expiration of the lifetime, the session data is deleted automatically (which causes the memory to be freed).
Timers are not used for these purposes. This happens during the creation of new sessions.
To store sessions in files, useFileStorage.plain;
main() {
Session.storage = FileStorage.plain(Directory('session_shelf'));
}
copied to clipboard
To store encrypted sessions in files, useFileStorage.crypto;
main() {
Session.storage = FileStorage.crypto(Directory('session_shelf'), algorithm, secretKey);
}
copied to clipboard
To store sessions in SQL database, useSqlStorage;
final db = sqlite3.openInMemory();

main() async {
Session.storage = SqlStorage('session_shelf', db.execute, (sql) {
final ResultSet resultSet = db.select(sql);
return resultSet;
});
await Session.storage.createTable();
}
copied to clipboard
To store encrypted sessions in SQL database, useSqlCryptoStorage;
final db = sqlite3.openInMemory();

main() async {
Session.storage = SqlCryptoStorage('session_shelf_crypto', db.execute, (sql) {
final ResultSet resultSet = db.select(sql);
return resultSet;
// This is just an example. Please DO NOT write your secret key in code.
}, algorithm, secretKey);
await Session.storage.createTable();
}
copied to clipboard
If your data contains non-basic types:
void setupJsonSerializer() {
Session.toEncodable = (obj) {
if (obj is User) {
return {
'type': 'User',
'name': obj.name,
};
}
return obj;
};
Session.reviver = (k, v) {
if (v is Map && v.length == 2 && v['type'] == 'User' && v.containsKey('name')) {
return User(v['name'] as String);
}
return v;
};
}
copied to clipboard
For other examples, see example.dart. Or you can implement your own SessionStorage.

License

For personal and professional use. You cannot resell or redistribute these repositories in their original state.

session_shelf

Languages

Categories

Description:

License

Share

Files In This Product:

Customer Reviews

License

Overview

What you can do with it

What you can't do with it

Related Products

cupertino_icons

shared_preferences

intl

url_launcher

image_picker

firebase_auth

google_fonts

firebase_core

firebase_messaging

permission_handler

cloud_firestore

cached_network_image

custom_lint

flutter_svg

flutter_local_notifications

file_picker

path_provider

provider

geolocator

share_plus

More From This Creator

flutter_exts

desktop_info

structured_data

simplest

airex_flutter_plugin

country_selector

dartius

movesense_flutter

pr_widget

tinkoff_acquiring_sdk

flutter_share_to_stories

flutter_iap_ios

appsync_subscription

xuxu_ui

custom_route_transition_scr3amind

ynab

mango_wear

mmd_ecommerce_fl_lib

prompter_pm

todo_cli