Comments (2)
mark-bradshaw
commented on August 15, 2024
Hi @kfir124
- Yar and auth-cookie are parallel projects, but not connected in any way. I'm not intimately familiar with AC, but I'll give this question a shot. Yar is simpler to use IMO. AC has additional complexities. Auth-cookie, as the name suggests, ties into the authentication layer of Hapi and so requires a user be logged in to use it. Yar has no such requirements. Sessions are independent of logins. Another difference, as I understand it, is in storage size. Yar handles arbitrary length data sizes but automatically dropping data into the hapi cache layer if necessary, though it tries to use cookies where it can. AC can use a cache fallback, but you have to handle that manually. I'd suggest just looking over the docs for both and seeing which seems to appeal more.
- When the user logs out use
yar.reset()to clear out the session. - That's trickier. I'm afraid there's no direct way to target a specific session of another browser/user. You'll need to write some code to check for invalidated sessions and clear them, or double check admin permissions instead of relying on the session to grant access. Something like that.
Using yar with redis is very common. Just setup redis as your hapi caching layer (https://github.com/hapijs/catbox-redis) and you're all good. Yar will do the rest.
The session id is kept in the cookie, and the cookie is always encrypted.
from yar.
lock
commented on August 15, 2024
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.
from yar.
Related Issues (20)
- no 'domain' cookie options in documentation HOT 2
- Can't register plugin - UnhandledPromiseRejectionWarning: TypeError: Cannot read property 'register' of undefined HOT 2
- why the _store is empty each request HOT 9
- Using hapi's server.decorate could be dangerous. HOT 2
- Falsy values are converted to null HOT 2
- Delete a specific user's session HOT 5
- Yar doesn't handle the session cookie multiple times correctly. HOT 3
- Minor: Deprecated use of uuid HOT 1
- Session in distributed environment HOT 2
- Change module namespace HOT 1
- Support nes HOT 2
- Action required: Greenkeeper could not be activated 🚨 HOT 1
- Update dep HOT 1
- Only node 12
- Require hapi 19
- Change plugin name to @hapi/yar
- Assign data in onPreResponse lifecycle extension with takeover HOT 5
- Use built-in crypto.randomUUID HOT 2
- Drop support for node v12
- Password rotation
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from yar.