Module Webs_kit.Authenticated_cookie

Authenticated cookies.

An authenticated cookie lets your service store expirable state on the client with the guarantee that it cannot tamper with it. The data is not encrypted, this is not made to store service secrets on the client.

In order to use this you need a private key in your service. An easy way to handle this is to generate one randomly with Authenticatable.random_key when you start your service. Note however that this invalidates any data currently stored on your clients whenever you restart your service – depending on your use case that may be okay, or not.

val get : key:Authenticatable.key -> now:Authenticatable.ptime -> name:string -> Webs.Req.t -> string option

get ~key ~now ~name req is the cookie of req named name authenticated and expired by key and now (see Authenticatable.decode).

TODO. Any kind of error leads to None.

val set : ?⁠atts:Webs.Http.Cookie.atts -> key:Authenticatable.key -> expire:Authenticatable.ptime option -> name:string -> string -> Webs.Resp.t -> Webs.Resp.t

set ~atts ~key ~expire ~name data resp sets in resp the cookie name to data authenticated by key and expiring at expire (see Authenticatable.encode). atts are the cookie's attribute they default to Webs.Http.Cookie.atts_default.