-
Notifications
You must be signed in to change notification settings - Fork 23
Server keys management
To encrypt and sign cookies there is a piece of random bytes called a server key. It is supposed to be known only to a server, otherwise a client will be able to forge it's cookies. Changing a server key means invalidating all existing cookies, so it is suitable for emergency cases like compromising the key. Nevertheless it can be done in a gracious way without affecting clients.
The simplest case is when we do not want to change the key at all:
let sks = mkPersistentServerKey "your key value here"That's it, nothing else is required!
Note: this is the only way to use server key with servant < 0.9
A key set of this type can mutate the server key and also keeps previous server keys. This allows us to accept cookies encrypted with an old key and reencrypt them with the current one. It's performed transparently both for a user and for a developer.
The mechanism is supposed to work with different "backends", such as
storing keys in a folder or a database, therefore implementation of
this part is up to a developer. The function mkRenewableKeySet takes
few hooks and two arguments of user-defined types -- initial state and
parameters for the hooks. See haddock documentation for detailed
description of them.
In the demo there is an implementation of a key set based on a folder with files containing keys.
Both PersistentServerKey and RenewableKeySet are instances of
ServerKeySet. If neither of them provides desired functionality, you
can directly create instance of ServerKeySet. It has only two
methods to implement (getKeys and removeKey), hence doesn't put
any strict requirements on the implementation.