mirror of
https://github.com/simonmichael/hledger.git
synced 2024-12-26 03:42:25 +03:00
web: don't write a session file at startup
The .hledger-web_client_session_key.aes file written at startup is cluttersome and means hledger-web can only be started from a writable directory. What do we lose if I disable it ? https://hackage.haskell.org/package/yesod-core-1.4.33/docs/Yesod-Core.html#v:makeSessionBackend says "Default: Uses clientsession with a 2 hour timeout." http://hackage.haskell.org/package/clientsession-0.9.1.2 says "Securely store session data in a client-side cookie." I think: hledger-web saves (eg) the state of the sidebar as session data, in a cookie, and my web browser saves that locally. And this still seems to work, across server restarts. So what's the purpose of saving this "client session" file on the server ? Let's disable it and find out.
This commit is contained in:
parent
ecdbc05703
commit
e9ff1280d7
@ -100,11 +100,13 @@ type Form x = Html -> MForm (HandlerT App IO) (FormResult x, Widget)
|
||||
instance Yesod App where
|
||||
approot = ApprootMaster $ appRoot . settings
|
||||
|
||||
-- Store session data on the client in encrypted cookies,
|
||||
-- default session idle timeout is 120 minutes
|
||||
makeSessionBackend _ = fmap Just $ defaultClientSessionBackend
|
||||
(120 * 60)
|
||||
".hledger-web_client_session_key.aes"
|
||||
-- -- Store session data on the client in encrypted cookies,
|
||||
-- -- default session idle timeout is 120 minutes
|
||||
-- makeSessionBackend _ = fmap Just $ defaultClientSessionBackend
|
||||
-- (120 * 60)
|
||||
-- ".hledger-web_client_session_key.aes"
|
||||
-- don't use session data
|
||||
makeSessionBackend _ = return Nothing
|
||||
|
||||
defaultLayout widget = do
|
||||
master <- getYesod
|
||||
|
Loading…
Reference in New Issue
Block a user