refactor(session): extract SessionConfig and add auto-migration

- session/config.rs: add SessionConfig struct that pre-validates all session configuration values, with build_middleware() for infallible middleware construction - session/middleware.rs: expose parse_same_site as pub(crate) - session/storage/redis.rs: derive Clone for RedisSessionStore - main.rs: validate session config before HttpServer loop, use SessionConfig::build_middleware() inside closure; add sqlx::migrate!() call after database connection
2026-06-10 18:48:55 +08:00
parent b83a842c6f
commit 61dc08c036
4 changed files with 110 additions and 24 deletions
@@ -1,7 +1,68 @@
+use actix_web::cookie::SameSite;
+
 use crate::config::AppConfig;
-use crate::error::AppResult;
+use crate::error::{AppError, AppResult};
+use crate::session::SessionMiddleware;
+use crate::session::SessionStore;
+use crate::session::middleware::parse_same_site;
+
+/// Pre-validated session configuration, safe to build middleware from.
+#[derive(Clone)]
+pub struct SessionConfig {
+    cookie_name: String,
+    cookie_secure: bool,
+    cookie_http_only: bool,
+    cookie_same_site: SameSite,
+    cookie_path: String,
+    cookie_domain: Option<String>,
+    max_age_secs: Option<u64>,
+    ttl_secs: u64,
+}
+
+impl SessionConfig {
+    /// Build a `SessionMiddleware` from pre-validated config (infallible).
+    pub fn build_middleware<Store: SessionStore + 'static>(
+        &self,
+        store: Store,
+        key: actix_web::cookie::Key,
+    ) -> SessionMiddleware<Store> {
+        SessionMiddleware::builder(store, key)
+            .cookie_name(self.cookie_name.clone())
+            .cookie_secure(self.cookie_secure)
+            .cookie_http_only(self.cookie_http_only)
+            .cookie_same_site(self.cookie_same_site)
+            .cookie_path(self.cookie_path.clone())
+            .cookie_domain(self.cookie_domain.clone())
+            .cookie_max_age_secs(self.max_age_secs)
+            .state_ttl_secs(self.ttl_secs)
+            .build()
+    }
+}

 impl AppConfig {
+    /// Parse and validate all session configuration values.
+    pub fn session_config(&self) -> AppResult<SessionConfig> {
+        let ttl_secs = self.session_ttl_secs()?;
+        if ttl_secs == 0 {
+            return Err(AppError::Config(
+                "APP_SESSION_TTL_SECS must be greater than 0".into(),
+            ));
+        }
+        let same_site_str = self.session_cookie_same_site()?;
+        let cookie_same_site = parse_same_site(&same_site_str)?;
+        Ok(SessionConfig {
+            cookie_name: self.session_cookie_name()?,
+            cookie_secure: self.session_cookie_secure()?,
+            cookie_http_only: self.session_cookie_http_only()?,
+            cookie_same_site,
+            cookie_path: self.session_cookie_path()?,
+            cookie_domain: self.session_cookie_domain()?,
+            max_age_secs: self.session_max_age_secs()?,
+            ttl_secs,
+        })
+    }
+
+
    pub fn session_cookie_name(&self) -> AppResult<String> {
        self.get_env_or("APP_SESSION_COOKIE_NAME", "sid".to_string())
    }