I'd appreciate a basic Pedestal example of how to (1) setup cookies that survive server restarts and (2) use cookie-based sessions; in particular how to get and set values.
I'm a little surprised not to find an example that uses ring.middleware.session/wrap-session (source code here: https://github.com/ring-clojure/ring/blob/master/ring-core/src/ring/middleware/session.clj).
Setup
According to this Pedestal sample code for using Ring middleware, there are two key things to add to your service.clj. First, define the session interceptor:
; aliases for namespace :require
[io.pedestal.http.ring-middlewares :as middlewares]
[ring.middleware.session.cookie :as cookie]
(definterceptor session-interceptor
(middlewares/session {:store (cookie/cookie-store)}))
The sample code has this caveat, however:
In this example code we do not specify the secret with which the session data is encrypted prior to being sent back to the browser. This has two consequences, the first being that we need to use the same interceptor instance throughout the service so that the session data is readable and writable to all paths. The second consequence is that session data will become unrecoverable when the server process is ended. Even though the browser retains the cookie, it is not unrecoverable cipher-text and the session interceptor will treat it as non-existent.
How do I overcome the above limitations?
And, second, add the session-interceptor to your routes (the following is my example code):
(defroutes routes
[[["/"
{:get [:root root/index]}
^:interceptors [session-interceptor
(body-params/body-params)
bootstrap/html-body]]]]
Use (Get and Set)
I know that the setup steps above cause the Ring middleware to add a :session key to the request map. So getting is easy: (:session request). But how and where do I add to the session? An example would be appreciated.