@adonisjs/session 7.0.0-1 → 7.0.0-10

package/README.md

@@ -2,10 +2,10 @@
 
 <br />
 
-[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url] [![snyk-image]][snyk-url]
+[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url]
 
 ## Introduction
-Add sessions to your AdonisJS application. Cookie, Redis, and File drivers are included out of the box.
+Use sessions in your AdonisJS applications with a unified API to persist session data across different data-stores. Has inbuilt support for **cookie**, **files**, and **redis** drivers.
 
 ## Official Documentation
 The documentation is available on the [AdonisJS website](https://docs.adonisjs.com/guides/sessions)
@@ -19,10 +19,10 @@ We encourage you to read the [contribution guide](https://github.com/adonisjs/.g
 In order to ensure that the AdonisJS community is welcoming to all, please review and abide by the [Code of Conduct](https://github.com/adonisjs/.github/blob/main/docs/CODE_OF_CONDUCT.md).
 
 ## License
-AdonisJS ally is open-sourced software licensed under the [MIT license](LICENSE.md).
+AdonisJS session is open-sourced software licensed under the [MIT license](LICENSE.md).
 
-[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/session/test.yml?style=for-the-badge
-[gh-workflow-url]: https://github.com/adonisjs/session/actions/workflows/test.yml "Github action"
+[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/session/checks.yml?style=for-the-badge
+[gh-workflow-url]: https://github.com/adonisjs/session/actions/workflows/checks.yml "Github action"
 
 [npm-image]: https://img.shields.io/npm/v/@adonisjs/session/latest.svg?style=for-the-badge&logo=npm
 [npm-url]: https://www.npmjs.com/package/@adonisjs/session/v/latest "npm"
@@ -31,6 +31,3 @@ AdonisJS ally is open-sourced software licensed under the [MIT license](LICENSE.
 
 [license-url]: LICENSE.md
 [license-image]: https://img.shields.io/github/license/adonisjs/session?style=for-the-badge
-
-[snyk-image]: https://img.shields.io/snyk/vulnerabilities/github/adonisjs/session?label=Snyk%20Vulnerabilities&style=for-the-badge
-[snyk-url]: https://snyk.io/test/github/adonisjs/session?targetFile=package.json "snyk"

package/build/configure.js

@@ -10,9 +10,36 @@
  * Configures the package
  */
 export async function configure(command) {
+    /**
+     * Publish config file
+     */
     await command.publishStub('config.stub');
-    await command.defineEnvVariables({ SESSION_DRIVER: 'cookie' });
-    await command.updateRcFile((rcFile) => {
+    const codemods = await command.createCodemods();
+    /**
+     * Define environment variables
+     */
+    await codemods.defineEnvVariables({ SESSION_DRIVER: 'cookie' });
+    /**
+     * Define environment variables validations
+     */
+    await codemods.defineEnvValidations({
+        variables: {
+            SESSION_DRIVER: `Env.schema.enum(['cookie', 'redis', 'file', 'memory'] as const)`,
+        },
+        leadingComment: 'Variables for configuring session package',
+    });
+    /**
+     * Register middleware
+     */
+    await codemods.registerMiddleware('router', [
+        {
+            path: '@adonisjs/session/session_middleware',
+        },
+    ]);
+    /**
+     * Register provider
+     */
+    await codemods.updateRcFile((rcFile) => {
         rcFile.addProvider('@adonisjs/session/session_provider');
     });
 }

package/build/factories/main.d.ts

@@ -0,0 +1 @@
+export { SessionMiddlewareFactory } from './session_middleware_factory.js';

package/build/factories/main.js

@@ -0,0 +1,9 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+export { SessionMiddlewareFactory } from './session_middleware_factory.js';

package/build/factories/session_middleware_factory.d.ts

@@ -0,0 +1,22 @@
+import { Emitter } from '@adonisjs/core/events';
+import { EventsList } from '@adonisjs/core/types';
+import { SessionConfig } from '../src/types/main.js';
+import SessionMiddleware from '../src/session_middleware.js';
+/**
+ * Exposes the API to create an instance of the session middleware
+ * without additional plumbing
+ */
+export declare class SessionMiddlewareFactory {
+    #private;
+    /**
+     * Merge custom options
+     */
+    merge(options: {
+        config?: Partial<SessionConfig>;
+        emitter?: Emitter<EventsList>;
+    }): this;
+    /**
+     * Creates an instance of the session middleware
+     */
+    create(): Promise<SessionMiddleware>;
+}

package/build/factories/session_middleware_factory.js

@@ -0,0 +1,47 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { Emitter } from '@adonisjs/core/events';
+import { AppFactory } from '@adonisjs/core/factories/app';
+import { defineConfig } from '../index.js';
+import { registerSessionDriver } from '../src/helpers.js';
+import SessionMiddleware from '../src/session_middleware.js';
+/**
+ * Exposes the API to create an instance of the session middleware
+ * without additional plumbing
+ */
+export class SessionMiddlewareFactory {
+    #config = { driver: 'memory' };
+    #emitter;
+    #getApp() {
+        return new AppFactory().create(new URL('./', import.meta.url), () => { });
+    }
+    #getEmitter() {
+        return this.#emitter || new Emitter(this.#getApp());
+    }
+    /**
+     * Merge custom options
+     */
+    merge(options) {
+        if (options.config) {
+            this.#config = options.config;
+        }
+        if (options.emitter) {
+            this.#emitter = options.emitter;
+        }
+        return this;
+    }
+    /**
+     * Creates an instance of the session middleware
+     */
+    async create() {
+        const config = defineConfig(this.#config);
+        await registerSessionDriver(this.#getApp(), config.driver);
+        return new SessionMiddleware(config, this.#getEmitter());
+    }
+}

package/build/index.d.ts

@@ -6,7 +6,9 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-import './src/bindings/types.js';
-export { defineConfig } from './src/define_config.js';
-export { stubsRoot } from './stubs/main.js';
+import './src/types/extended.js';
+export * as errors from './src/errors.js';
 export { configure } from './configure.js';
+export { stubsRoot } from './stubs/main.js';
+export { defineConfig } from './src/define_config.js';
+export { default as driversList } from './src/drivers_collection.js';

package/build/index.js

@@ -6,7 +6,9 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-import './src/bindings/types.js';
-export { defineConfig } from './src/define_config.js';
-export { stubsRoot } from './stubs/main.js';
+import './src/types/extended.js';
+export * as errors from './src/errors.js';
 export { configure } from './configure.js';
+export { stubsRoot } from './stubs/main.js';
+export { defineConfig } from './src/define_config.js';
+export { default as driversList } from './src/drivers_collection.js';

package/build/providers/session_provider.d.ts

@@ -1,13 +1,24 @@
-import { ApplicationService } from '@adonisjs/core/types';
+import type { Edge } from 'edge.js';
+import type { ApplicationService } from '@adonisjs/core/types';
+/**
+ * Session provider configures the session management inside an
+ * AdonisJS application
+ */
 export default class SessionProvider {
     protected app: ApplicationService;
     constructor(app: ApplicationService);
     /**
-     * Register Session Manager in the container
+     * Returns edge when it's installed
      */
-    register(): Promise<void>;
+    protected getEdge(): Promise<Edge | null>;
     /**
-     * Register bindings
+     * Registering muddleware
+     */
+    register(): void;
+    /**
+     * Registering the active driver when middleware is used
+     * +
+     * Adding edge tags (if edge is installed)
      */
     boot(): Promise<void>;
 }

package/build/providers/session_provider.js

@@ -6,38 +6,55 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-import { extendHttpContext } from '../src/bindings/http_context.js';
-import { extendApiClient } from '../src/bindings/api_client.js';
+import debug from '../src/debug.js';
+import { registerSessionDriver } from '../src/helpers.js';
+import SessionMiddleware from '../src/session_middleware.js';
+/**
+ * Session provider configures the session management inside an
+ * AdonisJS application
+ */
 export default class SessionProvider {
     app;
     constructor(app) {
         this.app = app;
     }
     /**
-     * Register Session Manager in the container
+     * Returns edge when it's installed
      */
-    async register() {
-        this.app.container.singleton('session', async () => {
-            const { SessionManager } = await import('../src/session_manager.js');
-            const encryption = await this.app.container.make('encryption');
-            const redis = await this.app.container.make('redis').catch(() => undefined);
+    async getEdge() {
+        try {
+            const { default: edge } = await import('edge.js');
+            debug('Detected edge.js package. Adding session primitives to it');
+            return edge;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Registering muddleware
+     */
+    register() {
+        this.app.container.singleton(SessionMiddleware, async (resolver) => {
             const config = this.app.config.get('session', {});
-            return new SessionManager(config, encryption, redis);
+            const emitter = await resolver.make('emitter');
+            return new SessionMiddleware(config, emitter);
         });
     }
     /**
-     * Register bindings
+     * Registering the active driver when middleware is used
+     * +
+     * Adding edge tags (if edge is installed)
      */
     async boot() {
-        const sessionManager = await this.app.container.make('session');
-        /**
-         * Add `session` getter to the HttpContext class
-         */
-        extendHttpContext(sessionManager);
-        /**
-         * Add some macros and getter to japa/api-client classes for
-         * easier testing
-         */
-        extendApiClient(sessionManager);
+        this.app.container.resolving(SessionMiddleware, async () => {
+            const config = this.app.config.get('session');
+            await registerSessionDriver(this.app, config.driver);
+        });
+        const edge = await this.getEdge();
+        if (edge) {
+            const { edgePluginAdonisJSSession } = await import('../src/edge_plugin_adonisjs_session.js');
+            edge.use(edgePluginAdonisJSSession);
+        }
     }
 }

package/build/src/client.d.ts

@@ -1,41 +1,29 @@
-import { Store } from './store.js';
-import type { SessionConfig, SessionDriverContract } from './types.js';
 import type { CookieClient } from '@adonisjs/core/http';
+import type { SessionConfig, SessionData, SessionDriverContract } from './types/main.js';
 /**
- * SessionClient exposes the API to set session data as a client
+ * Session client exposes the API to set session data as a client
  */
-export declare class SessionClient extends Store {
+export declare class SessionClient {
     #private;
     /**
-     * Each instance of client works on a single session id. Generate
-     * multiple client instances for a different session id
+     * Session key for setting flash messages
      */
-    sessionId: string;
+    flashKey: string;
+    constructor(config: SessionConfig, driver: SessionDriverContract, cookieClient: CookieClient);
     /**
-     * Flash messages store. They are merged with the session data during
-     * commit
+     * Load session data from the driver
      */
-    flashMessages: Store;
-    constructor(config: SessionConfig, driver: SessionDriverContract, cookieClient: CookieClient, values: {
-        [key: string]: any;
-    } | null);
-    /**
-     * Find if the sessions are enabled
-     */
-    isEnabled(): boolean;
-    /**
-     * Load session from the driver
-     */
-    load(cookies: Record<string, any>): Promise<{
-        session: any;
-        flashMessages: any;
+    load(cookies: Record<string, any>, sessionId?: string): Promise<{
+        sessionId: string;
+        session: SessionData;
+        flashMessages: SessionData;
     }>;
     /**
      * Commits the session data to the session store and returns
      * the session id and cookie name for it to be accessible
      * by the server
      */
-    commit(): Promise<{
+    commit(values: SessionData | null, flashMessages: SessionData | null, sessionId?: string): Promise<{
         sessionId: string;
         signedSessionId: string;
         cookieName: string;
@@ -43,5 +31,5 @@ export declare class SessionClient extends Store {
     /**
      * Clear the session store
      */
-    forget(): Promise<void>;
+    forget(sessionId?: string): Promise<void>;
 }

package/build/src/client.js

@@ -9,15 +9,15 @@
 import { cuid } from '@adonisjs/core/helpers';
 import { Store } from './store.js';
 /**
- * SessionClient exposes the API to set session data as a client
+ * Session client exposes the API to set session data as a client
  */
-export class SessionClient extends Store {
+export class SessionClient {
     /**
      * Session configuration
      */
     #config;
     /**
-     * The session driver used to read and write session data
+     * The session driver to use for reading and writing session data
      */
     #driver;
     /**
@@ -25,41 +25,30 @@ export class SessionClient extends Store {
      */
     #cookieClient;
     /**
-     * Each instance of client works on a single session id. Generate
-     * multiple client instances for a different session id
+     * Session to use when no explicit session id is
+     * defined
      */
-    sessionId = cuid();
+    #sessionId = cuid();
     /**
      * Session key for setting flash messages
      */
-    #flashMessagesKey = '__flash__';
-    /**
-     * Flash messages store. They are merged with the session data during
-     * commit
-     */
-    flashMessages = new Store({});
-    constructor(config, driver, cookieClient, values) {
-        super(values);
+    flashKey = '__flash__';
+    constructor(config, driver, cookieClient) {
         this.#config = config;
         this.#driver = driver;
         this.#cookieClient = cookieClient;
     }
     /**
-     * Find if the sessions are enabled
-     */
-    isEnabled() {
-        return this.#config.enabled;
-    }
-    /**
-     * Load session from the driver
+     * Load session data from the driver
      */
-    async load(cookies) {
+    async load(cookies, sessionId) {
         const sessionIdCookie = cookies[this.#config.cookieName];
-        const sessionId = sessionIdCookie ? sessionIdCookie.value : this.sessionId;
-        const contents = await this.#driver.read(sessionId);
+        const sessId = sessionId || sessionIdCookie ? sessionIdCookie.value : this.#sessionId;
+        const contents = await this.#driver.read(sessId);
         const store = new Store(contents);
-        const flashMessages = store.pull(this.#flashMessagesKey, null);
+        const flashMessages = store.pull(this.flashKey, null);
         return {
+            sessionId: sessId,
             session: store.all(),
             flashMessages,
         };
@@ -69,32 +58,24 @@ export class SessionClient extends Store {
      * the session id and cookie name for it to be accessible
      * by the server
      */
-    async commit() {
-        this.set(this.#flashMessagesKey, this.flashMessages.all());
-        await this.#driver.write(this.sessionId, this.toJSON());
+    async commit(values, flashMessages, sessionId) {
+        const sessId = sessionId || this.#sessionId;
         /**
-         * Clear from the session client memory
+         * Persist session data to the store, alongside flash messages
          */
-        this.clear();
-        this.flashMessages.clear();
+        if (values || flashMessages) {
+            await this.#driver.write(sessId, Object.assign({ [this.flashKey]: flashMessages }, values));
+        }
         return {
-            sessionId: this.sessionId,
-            signedSessionId: this.#cookieClient.sign(this.#config.cookieName, this.sessionId),
+            sessionId: sessId,
+            signedSessionId: this.#cookieClient.sign(this.#config.cookieName, sessId),
             cookieName: this.#config.cookieName,
         };
     }
     /**
      * Clear the session store
      */
-    async forget() {
-        /**
-         * Clear from the session client memory
-         */
-        this.clear();
-        this.flashMessages.clear();
-        /**
-         * Clear with the driver
-         */
-        await this.#driver.destroy(this.sessionId);
+    async forget(sessionId) {
+        await this.#driver.destroy(sessionId || this.#sessionId);
     }
 }

package/build/src/debug.d.ts

@@ -0,0 +1,3 @@
+/// <reference types="@types/node" resolution-mode="require"/>
+declare const _default: import("util").DebugLogger;
+export default _default;

package/build/src/debug.js

@@ -0,0 +1,10 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { debuglog } from 'node:util';
+export default debuglog('adonisjs:session');

package/build/src/define_config.d.ts

@@ -1,5 +1,8 @@
-import { SessionConfig } from './types.js';
+import type { CookieOptions } from '@adonisjs/core/types/http';
+import type { SessionConfig } from './types/main.js';
 /**
- * Helper to define session config
+ * Helper to normalize session config
  */
-export declare function defineConfig(config: SessionConfig): SessionConfig;
+export declare function defineConfig(config: Partial<SessionConfig>): SessionConfig & {
+    cookie: Partial<CookieOptions>;
+};

package/build/src/define_config.js

@@ -1,13 +1,42 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import string from '@poppinss/utils/string';
 import { InvalidArgumentsException } from '@poppinss/utils';
+import debug from './debug.js';
 /**
- * Helper to define session config
+ * Helper to normalize session config
  */
 export function defineConfig(config) {
-    if (!config.cookieName) {
-        throw new InvalidArgumentsException('Missing "cookieName" property inside the session config');
-    }
+    /**
+     * Make sure a driver is defined
+     */
     if (!config.driver) {
         throw new InvalidArgumentsException('Missing "driver" property inside the session config');
     }
-    return config;
+    const age = config.age || '2h';
+    const clearWithBrowser = config.clearWithBrowser ?? false;
+    const cookieOptions = { ...config.cookie };
+    /**
+     * Define maxAge property when session id cookie is
+     * not a session cookie.
+     */
+    if (!clearWithBrowser) {
+        debug('computing maxAge for session id cookie');
+        cookieOptions.maxAge = string.seconds.parse(config.age || age);
+    }
+    return {
+        enabled: true,
+        age,
+        clearWithBrowser,
+        cookieName: 'adonis_session',
+        cookie: cookieOptions,
+        driver: config.driver,
+        ...config,
+    };
 }

package/build/src/drivers/cookie.d.ts

@@ -1,23 +1,21 @@
 import type { HttpContext } from '@adonisjs/core/http';
-import type { SessionConfig, SessionDriverContract } from '../types.js';
+import { CookieOptions } from '@adonisjs/core/types/http';
+import type { SessionData, SessionDriverContract } from '../types/main.js';
 /**
- * Cookie driver utilizes the encrypted HTTP cookies to write session value.
+ * Cookie driver stores the session data inside an encrypted
+ * cookie.
  */
 export declare class CookieDriver implements SessionDriverContract {
     #private;
-    constructor(config: SessionConfig, ctx: HttpContext);
+    constructor(config: Partial<CookieOptions>, ctx: HttpContext);
     /**
      * Read session value from the cookie
      */
-    read(sessionId: string): {
-        [key: string]: any;
-    } | null;
+    read(sessionId: string): SessionData | null;
     /**
      * Write session values to the cookie
      */
-    write(sessionId: string, values: {
-        [key: string]: any;
-    }): void;
+    write(sessionId: string, values: SessionData): void;
     /**
      * Removes the session cookie
      */

package/build/src/drivers/cookie.js

@@ -6,20 +6,24 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
+import debug from '../debug.js';
 /**
- * Cookie driver utilizes the encrypted HTTP cookies to write session value.
+ * Cookie driver stores the session data inside an encrypted
+ * cookie.
  */
 export class CookieDriver {
-    #config;
     #ctx;
+    #config;
     constructor(config, ctx) {
         this.#config = config;
         this.#ctx = ctx;
+        debug('initiating cookie driver %O', this.#config);
     }
     /**
      * Read session value from the cookie
      */
     read(sessionId) {
+        debug('cookie driver: reading session data %s', sessionId);
         const cookieValue = this.#ctx.request.encryptedCookie(sessionId);
         if (typeof cookieValue !== 'object') {
             return null;
@@ -30,15 +34,14 @@ export class CookieDriver {
      * Write session values to the cookie
      */
     write(sessionId, values) {
-        if (typeof values !== 'object') {
-            throw new Error('Session cookie driver expects an object of values');
-        }
-        this.#ctx.response.encryptedCookie(sessionId, values, this.#config.cookie);
+        debug('cookie driver: writing session data %s: %O', sessionId, values);
+        this.#ctx.response.encryptedCookie(sessionId, values, this.#config);
     }
     /**
      * Removes the session cookie
      */
     destroy(sessionId) {
+        debug('cookie driver: destroying session data %s', sessionId);
         if (this.#ctx.request.cookiesList()[sessionId]) {
             this.#ctx.response.clearCookie(sessionId);
         }
@@ -48,6 +51,7 @@ export class CookieDriver {
      */
     touch(sessionId) {
         const value = this.read(sessionId);
+        debug('cookie driver: touching session data %s', sessionId);
         if (!value) {
             return;
         }