Sha256: 5430417674b151bc5c8038921a68a4332eeb077d0bd6441fd8f714099e3f2a79

Contents?: true

Size: 1.04 KB

Versions: 45

Compression:

Stored size: 1.04 KB

Contents

# Session

The session management uses symmetric private key encryption to store data on the client and avoid tampering.

```ruby
use Utopia::Session,
	:expires_after => 3600,
	:secret => '40 or more random characters for your secret key'
```

All session data is stored on the client, but it's encrypted with a salt and the secret key. It would be hard for the client to decrypt the data without the secret.

## Using `environment.yaml`

The session secret should not be shared or ideally, not stored in source code. This can be easily achieved using an environment variable, stored in `environment.yaml` on the production server:

```ruby
use Utopia::Session,
	:expires_after => 3600,
	:secret => ENV['UTOPIA_SESSION_SECRET']
```

In development, the secret would be reset every time the server is restarted. To set a fixed secret on production, run the following:

```bash
$ utopia server environment UTOPIA_SESSION_SECRET=$(head /dev/urandom | shasum | base64 | head -c 40)
```

This is done by default when using `utopia server create` and `utopia server update`.

Version data entries

45 entries across 45 versions & 1 rubygems

Version Path
utopia-2.15.1 wiki/pages/middleware/session/index.md
utopia-2.15.0 wiki/pages/middleware/session/index.md
utopia-2.14.0 wiki/pages/middleware/session/index.md
utopia-2.13.4 documentation/pages/wiki/middleware/session/content.md
utopia-2.13.3 documentation/pages/wiki/middleware/session/content.md
utopia-2.13.2 documentation/pages/wiki/middleware/session/content.md
utopia-2.13.1 documentation/pages/wiki/middleware/session/content.md
utopia-2.13.0 documentation/pages/wiki/middleware/session/content.md
utopia-2.12.4 documentation/pages/wiki/middleware/session/content.md
utopia-2.12.3 documentation/pages/wiki/middleware/session/content.md
utopia-2.12.2 documentation/pages/wiki/middleware/session/content.md
utopia-2.12.1 documentation/pages/wiki/middleware/session/content.md
utopia-2.12.0 documentation/pages/wiki/middleware/session/content.md
utopia-2.11.1 documentation/pages/wiki/middleware/session/content.md
utopia-2.11.0 documentation/pages/wiki/middleware/session/content.md
utopia-2.10.0 documentation/pages/wiki/middleware/session/content.md
utopia-2.9.5 documentation/pages/wiki/middleware/session/content.md
utopia-2.9.3 documentation/pages/wiki/middleware/session/content.md
utopia-2.9.2 documentation/pages/wiki/middleware/session/content.md
utopia-2.9.1 documentation/pages/wiki/middleware/session/content.md