endoze
commented
2 days ago If you're interested, I published my Axum extractor which can be used with loco.
Open endoze opened 4 days ago
endoze
commented
2 days ago If you're interested, I published my Axum extractor which can be used with loco.
When trying this crate out with rails 5 sessions, it's unable to currently parse them. While newer versions of rails send sessions in the format of
cipher_text--iv--auth_tag, Rails 5 does it a bit different. They encode it more like this:cipher_and_iv_base64_encoded--auth_tag. You need to base64 decode the first part to get ahold of the actual cipher_text and iv.In your code, it assumes that a session is always in three parts instead of 2 like it is in the case of rails 5 sessions. For a working and fairly robust implementation, I'd look at the message_verifier crate. While working on an Axum extractor for rails session data, I came across both your crate and the aforementioned one as viable implementations. Just thought I'd share my findings and I hope this information can be of some use to you.