Re: [Caml-list] ANN: ocaml-session

caml-list - the Caml user's mailing list
 help / color / mirror / Atom feed

From: "Török Edwin" <edwin+ml-ocaml@etorok.net>
To: caml-list@inria.fr
Subject: Re: [Caml-list] ANN: ocaml-session
Date: Fri, 18 Dec 2015 17:55:27 +0200	[thread overview]
Message-ID: <56742C6F.4060905@etorok.net> (raw)
In-Reply-To: <CAEkQQgL40wDspYf0pGzLa9LY1+iFy-5iem8=jTjz2GZponecKg@mail.gmail.com>

On 12/17/2015 08:51 PM, Spiros Eliopoulos wrote:
> Hey List,
> 
> I'm happy to announce the initial release of ocaml-session:
> 
>   https://github.com/inhabitedtype/ocaml-session
> 
> ocaml-session is an session manager that handles cookie headers and backend storage for HTTP servers. The library supports CoHTTP and Webmachine; Async and Lwt; and pluggable backing stores based on a functor interface.

Nice!

> 
> The library ships with an in-memory backend (for development and testing) and a postgresql-ocaml[0] based backend.

How about signed cookies as a storage backend?
Python Flask and Django can use it to store session entirely in the cookies with an hmac signature and expiration time, so your server can be entirely stateless.
As long as the amount of data in your session is small, and all you need is authenticated data (and not secret data) I think its quite an elegant solution,
and more fitting with a functional style.

Now of course comes the question Cryptokit or nocrypto :)

[1] http://werkzeug.pocoo.org/docs/0.11/contrib/securecookie/
[2] https://docs.djangoproject.com/en/1.9/topics/http/sessions/
[3] http://pythonhosted.org/itsdangerous/


-- 
Edwin Török | Co-founder and Lead Developer

Skylable open-source object storage: reliable, fast, secure
http://www.skylable.com

next prev parent reply	other threads:[~2015-12-18 15:55 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-17 18:51 Spiros Eliopoulos
2015-12-18  8:53 ` François Bobot
2015-12-18 15:55 ` Török Edwin [this message]
2015-12-18 16:36   ` Spiros Eliopoulos
2015-12-18 16:52   ` Bruno Deferrari

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=56742C6F.4060905@etorok.net \
    --to=edwin+ml-ocaml@etorok.net \
    --cc=caml-list@inria.fr \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).