@adonisjs/session 7.0.0-1 → 7.0.0-11

package/README.md

@@ -2,10 +2,10 @@
 
 <br />
 
-[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url] [![snyk-image]][snyk-url]
+[![gh-workflow-image]][gh-workflow-url] [![npm-image]][npm-url] ![][typescript-image] [![license-image]][license-url]
 
 ## Introduction
-Add sessions to your AdonisJS application. Cookie, Redis, and File drivers are included out of the box.
+Use sessions in your AdonisJS applications with a unified API to persist session data across different data-stores. Has inbuilt support for **cookie**, **files**, and **redis** drivers.
 
 ## Official Documentation
 The documentation is available on the [AdonisJS website](https://docs.adonisjs.com/guides/sessions)
@@ -19,10 +19,10 @@ We encourage you to read the [contribution guide](https://github.com/adonisjs/.g
 In order to ensure that the AdonisJS community is welcoming to all, please review and abide by the [Code of Conduct](https://github.com/adonisjs/.github/blob/main/docs/CODE_OF_CONDUCT.md).
 
 ## License
-AdonisJS ally is open-sourced software licensed under the [MIT license](LICENSE.md).
+AdonisJS session is open-sourced software licensed under the [MIT license](LICENSE.md).
 
-[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/session/test.yml?style=for-the-badge
-[gh-workflow-url]: https://github.com/adonisjs/session/actions/workflows/test.yml "Github action"
+[gh-workflow-image]: https://img.shields.io/github/actions/workflow/status/adonisjs/session/checks.yml?style=for-the-badge
+[gh-workflow-url]: https://github.com/adonisjs/session/actions/workflows/checks.yml "Github action"
 
 [npm-image]: https://img.shields.io/npm/v/@adonisjs/session/latest.svg?style=for-the-badge&logo=npm
 [npm-url]: https://www.npmjs.com/package/@adonisjs/session/v/latest "npm"
@@ -31,6 +31,3 @@ AdonisJS ally is open-sourced software licensed under the [MIT license](LICENSE.
 
 [license-url]: LICENSE.md
 [license-image]: https://img.shields.io/github/license/adonisjs/session?style=for-the-badge
-
-[snyk-image]: https://img.shields.io/snyk/vulnerabilities/github/adonisjs/session?label=Snyk%20Vulnerabilities&style=for-the-badge
-[snyk-url]: https://snyk.io/test/github/adonisjs/session?targetFile=package.json "snyk"

package/build/configure.js

@@ -10,9 +10,36 @@
  * Configures the package
  */
 export async function configure(command) {
+    /**
+     * Publish config file
+     */
     await command.publishStub('config.stub');
-    await command.defineEnvVariables({ SESSION_DRIVER: 'cookie' });
-    await command.updateRcFile((rcFile) => {
+    const codemods = await command.createCodemods();
+    /**
+     * Define environment variables
+     */
+    await codemods.defineEnvVariables({ SESSION_DRIVER: 'cookie' });
+    /**
+     * Define environment variables validations
+     */
+    await codemods.defineEnvValidations({
+        variables: {
+            SESSION_DRIVER: `Env.schema.enum(['cookie', 'redis', 'file', 'memory'] as const)`,
+        },
+        leadingComment: 'Variables for configuring session package',
+    });
+    /**
+     * Register middleware
+     */
+    await codemods.registerMiddleware('router', [
+        {
+            path: '@adonisjs/session/session_middleware',
+        },
+    ]);
+    /**
+     * Register provider
+     */
+    await codemods.updateRcFile((rcFile) => {
         rcFile.addProvider('@adonisjs/session/session_provider');
     });
 }

package/build/factories/main.d.ts

@@ -0,0 +1 @@
+export { SessionMiddlewareFactory } from './session_middleware_factory.js';

package/build/factories/main.js

@@ -0,0 +1,9 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+export { SessionMiddlewareFactory } from './session_middleware_factory.js';

package/build/factories/session_middleware_factory.d.ts

@@ -0,0 +1,22 @@
+import { Emitter } from '@adonisjs/core/events';
+import { EventsList } from '@adonisjs/core/types';
+import { SessionConfig } from '../src/types/main.js';
+import SessionMiddleware from '../src/session_middleware.js';
+/**
+ * Exposes the API to create an instance of the session middleware
+ * without additional plumbing
+ */
+export declare class SessionMiddlewareFactory {
+    #private;
+    /**
+     * Merge custom options
+     */
+    merge(options: {
+        config?: Partial<SessionConfig>;
+        emitter?: Emitter<EventsList>;
+    }): this;
+    /**
+     * Creates an instance of the session middleware
+     */
+    create(): Promise<SessionMiddleware>;
+}

package/build/factories/session_middleware_factory.js

@@ -0,0 +1,47 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { Emitter } from '@adonisjs/core/events';
+import { AppFactory } from '@adonisjs/core/factories/app';
+import { defineConfig } from '../index.js';
+import { registerSessionDriver } from '../src/helpers.js';
+import SessionMiddleware from '../src/session_middleware.js';
+/**
+ * Exposes the API to create an instance of the session middleware
+ * without additional plumbing
+ */
+export class SessionMiddlewareFactory {
+    #config = { driver: 'memory' };
+    #emitter;
+    #getApp() {
+        return new AppFactory().create(new URL('./', import.meta.url), () => { });
+    }
+    #getEmitter() {
+        return this.#emitter || new Emitter(this.#getApp());
+    }
+    /**
+     * Merge custom options
+     */
+    merge(options) {
+        if (options.config) {
+            this.#config = options.config;
+        }
+        if (options.emitter) {
+            this.#emitter = options.emitter;
+        }
+        return this;
+    }
+    /**
+     * Creates an instance of the session middleware
+     */
+    async create() {
+        const config = defineConfig(this.#config);
+        await registerSessionDriver(this.#getApp(), config.driver);
+        return new SessionMiddleware(config, this.#getEmitter());
+    }
+}

package/build/index.d.ts

@@ -6,7 +6,9 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-import './src/bindings/types.js';
-export { defineConfig } from './src/define_config.js';
-export { stubsRoot } from './stubs/main.js';
+import './src/types/extended.js';
+export * as errors from './src/errors.js';
 export { configure } from './configure.js';
+export { stubsRoot } from './stubs/main.js';
+export { defineConfig } from './src/define_config.js';
+export { default as driversList } from './src/drivers_collection.js';

package/build/index.js

@@ -6,7 +6,9 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-import './src/bindings/types.js';
-export { defineConfig } from './src/define_config.js';
-export { stubsRoot } from './stubs/main.js';
+import './src/types/extended.js';
+export * as errors from './src/errors.js';
 export { configure } from './configure.js';
+export { stubsRoot } from './stubs/main.js';
+export { defineConfig } from './src/define_config.js';
+export { default as driversList } from './src/drivers_collection.js';

package/build/providers/session_provider.d.ts

@@ -1,13 +1,24 @@
-import { ApplicationService } from '@adonisjs/core/types';
+import type { Edge } from 'edge.js';
+import type { ApplicationService } from '@adonisjs/core/types';
+/**
+ * Session provider configures the session management inside an
+ * AdonisJS application
+ */
 export default class SessionProvider {
     protected app: ApplicationService;
     constructor(app: ApplicationService);
     /**
-     * Register Session Manager in the container
+     * Returns edge when it's installed
      */
-    register(): Promise<void>;
+    protected getEdge(): Promise<Edge | null>;
     /**
-     * Register bindings
+     * Registering muddleware
+     */
+    register(): void;
+    /**
+     * Registering the active driver when middleware is used
+     * +
+     * Adding edge tags (if edge is installed)
      */
     boot(): Promise<void>;
 }

package/build/providers/session_provider.js

@@ -6,38 +6,55 @@
  * For the full copyright and license information, please view the LICENSE
  * file that was distributed with this source code.
  */
-import { extendHttpContext } from '../src/bindings/http_context.js';
-import { extendApiClient } from '../src/bindings/api_client.js';
+import debug from '../src/debug.js';
+import { registerSessionDriver } from '../src/helpers.js';
+import SessionMiddleware from '../src/session_middleware.js';
+/**
+ * Session provider configures the session management inside an
+ * AdonisJS application
+ */
 export default class SessionProvider {
     app;
     constructor(app) {
         this.app = app;
     }
     /**
-     * Register Session Manager in the container
+     * Returns edge when it's installed
      */
-    async register() {
-        this.app.container.singleton('session', async () => {
-            const { SessionManager } = await import('../src/session_manager.js');
-            const encryption = await this.app.container.make('encryption');
-            const redis = await this.app.container.make('redis').catch(() => undefined);
+    async getEdge() {
+        try {
+            const { default: edge } = await import('edge.js');
+            debug('Detected edge.js package. Adding session primitives to it');
+            return edge;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Registering muddleware
+     */
+    register() {
+        this.app.container.singleton(SessionMiddleware, async (resolver) => {
             const config = this.app.config.get('session', {});
-            return new SessionManager(config, encryption, redis);
+            const emitter = await resolver.make('emitter');
+            return new SessionMiddleware(config, emitter);
         });
     }
     /**
-     * Register bindings
+     * Registering the active driver when middleware is used
+     * +
+     * Adding edge tags (if edge is installed)
      */
     async boot() {
-        const sessionManager = await this.app.container.make('session');
-        /**
-         * Add `session` getter to the HttpContext class
-         */
-        extendHttpContext(sessionManager);
-        /**
-         * Add some macros and getter to japa/api-client classes for
-         * easier testing
-         */
-        extendApiClient(sessionManager);
+        this.app.container.resolving(SessionMiddleware, async () => {
+            const config = this.app.config.get('session');
+            await registerSessionDriver(this.app, config.driver);
+        });
+        const edge = await this.getEdge();
+        if (edge) {
+            const { edgePluginSession } = await import('../src/plugins/edge.js');
+            edge.use(edgePluginSession);
+        }
     }
 }

package/build/src/client.d.ts

@@ -1,47 +1,40 @@
-import { Store } from './store.js';
-import type { SessionConfig, SessionDriverContract } from './types.js';
-import type { CookieClient } from '@adonisjs/core/http';
+import type { SessionData, SessionDriverContract } from './types/main.js';
 /**
- * SessionClient exposes the API to set session data as a client
+ * Session client exposes the API to set session data as a client
  */
-export declare class SessionClient extends Store {
+export declare class SessionClient {
     #private;
     /**
-     * Each instance of client works on a single session id. Generate
-     * multiple client instances for a different session id
+     * Session key for setting flash messages
+     */
+    flashKey: string;
+    /**
+     * Session to use when no explicit session id is
+     * defined
      */
     sessionId: string;
+    constructor(driver: SessionDriverContract);
     /**
-     * Flash messages store. They are merged with the session data during
-     * commit
+     * Merge session data
      */
-    flashMessages: Store;
-    constructor(config: SessionConfig, driver: SessionDriverContract, cookieClient: CookieClient, values: {
-        [key: string]: any;
-    } | null);
+    merge(values: SessionData): this;
     /**
-     * Find if the sessions are enabled
+     * Merge flash messages
      */
-    isEnabled(): boolean;
+    flash(values: SessionData): this;
     /**
-     * Load session from the driver
+     * Commits data to the session store.
      */
-    load(cookies: Record<string, any>): Promise<{
-        session: any;
-        flashMessages: any;
-    }>;
+    commit(): Promise<void>;
     /**
-     * Commits the session data to the session store and returns
-     * the session id and cookie name for it to be accessible
-     * by the server
+     * Destroys the session data with the store
      */
-    commit(): Promise<{
-        sessionId: string;
-        signedSessionId: string;
-        cookieName: string;
-    }>;
+    destroy(sessionId?: string): Promise<void>;
     /**
-     * Clear the session store
+     * Loads session data from the session store
      */
-    forget(): Promise<void>;
+    load(sessionId?: string): Promise<{
+        values: any;
+        flashMessages: any;
+    }>;
 }

package/build/src/client.js

@@ -7,94 +7,79 @@
  * file that was distributed with this source code.
  */
 import { cuid } from '@adonisjs/core/helpers';
+import debug from './debug.js';
 import { Store } from './store.js';
 /**
- * SessionClient exposes the API to set session data as a client
+ * Session client exposes the API to set session data as a client
  */
-export class SessionClient extends Store {
+export class SessionClient {
     /**
-     * Session configuration
+     * Data store
      */
-    #config;
+    #store = new Store({});
     /**
-     * The session driver used to read and write session data
+     * Flash messages store
      */
-    #driver;
-    /**
-     * Cookie client contract to sign and unsign cookies
-     */
-    #cookieClient;
+    #flashMessagesStore = new Store({});
     /**
-     * Each instance of client works on a single session id. Generate
-     * multiple client instances for a different session id
+     * The session driver to use for reading and writing session data
      */
-    sessionId = cuid();
+    #driver;
     /**
      * Session key for setting flash messages
      */
-    #flashMessagesKey = '__flash__';
+    flashKey = '__flash__';
     /**
-     * Flash messages store. They are merged with the session data during
-     * commit
+     * Session to use when no explicit session id is
+     * defined
      */
-    flashMessages = new Store({});
-    constructor(config, driver, cookieClient, values) {
-        super(values);
-        this.#config = config;
+    sessionId = cuid();
+    constructor(driver) {
         this.#driver = driver;
-        this.#cookieClient = cookieClient;
     }
     /**
-     * Find if the sessions are enabled
+     * Merge session data
      */
-    isEnabled() {
-        return this.#config.enabled;
+    merge(values) {
+        this.#store.merge(values);
+        return this;
     }
     /**
-     * Load session from the driver
+     * Merge flash messages
      */
-    async load(cookies) {
-        const sessionIdCookie = cookies[this.#config.cookieName];
-        const sessionId = sessionIdCookie ? sessionIdCookie.value : this.sessionId;
-        const contents = await this.#driver.read(sessionId);
-        const store = new Store(contents);
-        const flashMessages = store.pull(this.#flashMessagesKey, null);
-        return {
-            session: store.all(),
-            flashMessages,
-        };
+    flash(values) {
+        this.#flashMessagesStore.merge(values);
+        return this;
     }
     /**
-     * Commits the session data to the session store and returns
-     * the session id and cookie name for it to be accessible
-     * by the server
+     * Commits data to the session store.
      */
     async commit() {
-        this.set(this.#flashMessagesKey, this.flashMessages.all());
-        await this.#driver.write(this.sessionId, this.toJSON());
-        /**
-         * Clear from the session client memory
-         */
-        this.clear();
-        this.flashMessages.clear();
-        return {
-            sessionId: this.sessionId,
-            signedSessionId: this.#cookieClient.sign(this.#config.cookieName, this.sessionId),
-            cookieName: this.#config.cookieName,
-        };
+        if (!this.#flashMessagesStore.isEmpty) {
+            this.#store.set(this.flashKey, this.#flashMessagesStore.toJSON());
+        }
+        debug('committing session data during api request');
+        if (!this.#store.isEmpty) {
+            this.#driver.write(this.sessionId, this.#store.toJSON());
+        }
+    }
+    /**
+     * Destroys the session data with the store
+     */
+    async destroy(sessionId) {
+        debug('destroying session data during api request');
+        this.#driver.destroy(sessionId || this.sessionId);
     }
     /**
-     * Clear the session store
+     * Loads session data from the session store
      */
-    async forget() {
-        /**
-         * Clear from the session client memory
-         */
-        this.clear();
-        this.flashMessages.clear();
-        /**
-         * Clear with the driver
-         */
-        await this.#driver.destroy(this.sessionId);
+    async load(sessionId) {
+        const contents = await this.#driver.read(sessionId || this.sessionId);
+        const store = new Store(contents);
+        const flashMessages = store.pull(this.flashKey, {});
+        return {
+            values: store.all(),
+            flashMessages,
+        };
     }
 }

package/build/src/debug.d.ts

@@ -0,0 +1,3 @@
+/// <reference types="@types/node" resolution-mode="require"/>
+declare const _default: import("util").DebugLogger;
+export default _default;

package/build/src/debug.js

@@ -0,0 +1,10 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import { debuglog } from 'node:util';
+export default debuglog('adonisjs:session');

package/build/src/define_config.d.ts

@@ -1,5 +1,8 @@
-import { SessionConfig } from './types.js';
+import type { CookieOptions } from '@adonisjs/core/types/http';
+import type { SessionConfig } from './types/main.js';
 /**
- * Helper to define session config
+ * Helper to normalize session config
  */
-export declare function defineConfig(config: SessionConfig): SessionConfig;
+export declare function defineConfig(config: Partial<SessionConfig>): SessionConfig & {
+    cookie: Partial<CookieOptions>;
+};

package/build/src/define_config.js

@@ -1,13 +1,42 @@
+/*
+ * @adonisjs/session
+ *
+ * (c) AdonisJS
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+import string from '@poppinss/utils/string';
 import { InvalidArgumentsException } from '@poppinss/utils';
+import debug from './debug.js';
 /**
- * Helper to define session config
+ * Helper to normalize session config
  */
 export function defineConfig(config) {
-    if (!config.cookieName) {
-        throw new InvalidArgumentsException('Missing "cookieName" property inside the session config');
-    }
+    /**
+     * Make sure a driver is defined
+     */
     if (!config.driver) {
         throw new InvalidArgumentsException('Missing "driver" property inside the session config');
     }
-    return config;
+    const age = config.age || '2h';
+    const clearWithBrowser = config.clearWithBrowser ?? false;
+    const cookieOptions = { ...config.cookie };
+    /**
+     * Define maxAge property when session id cookie is
+     * not a session cookie.
+     */
+    if (!clearWithBrowser) {
+        debug('computing maxAge for session id cookie');
+        cookieOptions.maxAge = string.seconds.parse(config.age || age);
+    }
+    return {
+        enabled: true,
+        age,
+        clearWithBrowser,
+        cookieName: 'adonis_session',
+        cookie: cookieOptions,
+        driver: config.driver,
+        ...config,
+    };
 }

package/build/src/drivers/cookie.d.ts

@@ -1,23 +1,21 @@
 import type { HttpContext } from '@adonisjs/core/http';
-import type { SessionConfig, SessionDriverContract } from '../types.js';
+import { CookieOptions } from '@adonisjs/core/types/http';
+import type { SessionData, SessionDriverContract } from '../types/main.js';
 /**
- * Cookie driver utilizes the encrypted HTTP cookies to write session value.
+ * Cookie driver stores the session data inside an encrypted
+ * cookie.
  */
 export declare class CookieDriver implements SessionDriverContract {
     #private;
-    constructor(config: SessionConfig, ctx: HttpContext);
+    constructor(config: Partial<CookieOptions>, ctx: HttpContext);
     /**
      * Read session value from the cookie
      */
-    read(sessionId: string): {
-        [key: string]: any;
-    } | null;
+    read(sessionId: string): SessionData | null;
     /**
      * Write session values to the cookie
      */
-    write(sessionId: string, values: {
-        [key: string]: any;
-    }): void;
+    write(sessionId: string, values: SessionData): void;
     /**
      * Removes the session cookie
      */