macchiato-framework/macchiato-core

Make signed cookies work or default to non-signed

Open

#51 aperta il 13 apr 2022

Vedi su GitHub
 (1 commento) (0 reazioni) (0 assegnatari)Clojure (34 fork)github user discovery
bugenhancementhelp wanted

Metriche repository

Star
 (383 star)
Metriche merge PR
 (Metriche PR in attesa)

Descrizione

First and foremost: The world needs something like Macchiato and I've used for several projects by now: thanks for making it work!

Now for my issue ;) …

Using the current template and following the current Documentation, cookies set “by hand” show up as `nil´ in subsequent request. Consider the following server config:

(defn home [req res raise]
  (-> (str (:cookies req))
      (r/ok)
      (assoc-in [:cookies "mycookie" :value] "is_set")
      (r/content-type "text/html")
      (res)))

(defn server []
  (mount/start)
  (let [host (or (:host @env) "127.0.0.1")
        port (or (some-> @env :port js/parseInt) 3001)]
    (http/start
     {:handler    home
      :host       host
      :port       port
      :on-success #(info "guestbook started on" host ":" port)})))

“mycookie” is sucessfully set in the browser, but subsequent requests show {"macchiato-session" {:value "G__1"}, "macchiato-session.sig" {:value nil}, "mycookie" {:value nil}}.

In order to assoc cookies as described in the documentation, it seems one has to use unsigned cookies and thus add :cookies {:signed? false} to the server configuration. I feel this should at least be part of the documentation and template.

Even better would be knowing how to actually make macchiato work with signed cookies… I assume it's possible given the option for it but haven't figured out how… any clues?

Guida contributor