macchiato-framework/macchiato-core

Make signed cookies work or default to non-signed

Open

#51 geöffnet am 13. Apr. 2022

Auf GitHub ansehen
 (1 Kommentar) (0 Reaktionen) (0 zugewiesene Personen)Clojure (34 Forks)github user discovery
bugenhancementhelp wanted

Repository-Metriken

Stars
 (383 Stars)
PR-Merge-Metriken
 (PR-Metriken ausstehend)

Beschreibung

First and foremost: The world needs something like Macchiato and I've used for several projects by now: thanks for making it work!

Now for my issue ;) …

Using the current template and following the current Documentation, cookies set “by hand” show up as `nil´ in subsequent request. Consider the following server config:

(defn home [req res raise]
  (-> (str (:cookies req))
      (r/ok)
      (assoc-in [:cookies "mycookie" :value] "is_set")
      (r/content-type "text/html")
      (res)))

(defn server []
  (mount/start)
  (let [host (or (:host @env) "127.0.0.1")
        port (or (some-> @env :port js/parseInt) 3001)]
    (http/start
     {:handler    home
      :host       host
      :port       port
      :on-success #(info "guestbook started on" host ":" port)})))

“mycookie” is sucessfully set in the browser, but subsequent requests show {"macchiato-session" {:value "G__1"}, "macchiato-session.sig" {:value nil}, "mycookie" {:value nil}}.

In order to assoc cookies as described in the documentation, it seems one has to use unsigned cookies and thus add :cookies {:signed? false} to the server configuration. I feel this should at least be part of the documentation and template.

Even better would be knowing how to actually make macchiato work with signed cookies… I assume it's possible given the option for it but haven't figured out how… any clues?

Contributor Guide