Open RomainLanz opened 4 years ago
Isn't the session implementable/exposable as a middleware? That would make it much easier to customize where it is enabled.
In AdonisJS 4 it was handled by a middleware.
In V5, the session is initiated directly from the provider in a server hook (source code).
Was there a technical reason for implementing it this way?
@targos Yup. Middleware doesn't guarantee that downstream code will be executed everytime. For example: Following is the example of how the session middleware was implemented earlier
class SessionMiddleware {
public async handle (ctx, next) {
await ctx.session.init()
await next()
await ctx.session.commit()
}
}
Now if the next
method (which is next middleware or the controller) raises an exception, the commit
method will never be executed. Yes, we can wrap it inside a try/catch statement. But then that prevents the global exception handler from being called.
The server hooks in v5 guarantee that before
and after
hooks are always called. There is a limitation in what you can achieve with these hooks, but the guarantee of being always called is what sessions need.
I understand. Then I think it's important that this proposal defines a to exclude the session from either:
Any update?
Yes, we can wrap it inside a try/catch statement. But then that prevents the global exception handler from being called.
You could also wrap it in a try/finally
statement.
Rendered
At the moment, any routes create a session by default. This can lead to performance issue for high traffic application and may be undesired.
We should provide an easy and developer-friendly way to disable session on some routes.