View Source EctoSessions.Config behaviour (Ecto Sessions v0.3.0)
This module handles ecto_sessions runtime configuration.
In your runtime.exs
/config.exs
:
config :your_app, MyApp.EctoSessions,
auth_token_length: 128,
hashing_algorithm: :sha512,
secret_salt: "my-unique-secret",
session_ttl: 60 * 60 * 24,
refresh_session_ttl: 60 * 60 * 12
auth_token_length
auth_token_length
Returns the length of the session auth token.
Defaults to 64
. Can be changed at any time, applies for new sessions only.
hashing_algorithm
hashing_algorithm
Returns the hashing algorithm to use. Can be one of the following:
:sha256
the default;:sha
:sha224
:sha256
:sha384
:sha512
:sha3_224
:sha3_256
:sha3_384
:sha3_512
:blake2b
:blake2s
:ripemd160
nil
to not hash, and store tokens in plaintext;
See erlang's crypto hash_algorithm()
for more information.
hashing_algorithm-1
hashing_algorithm
Optional secret salt, commonly known as pepper to be added to the
auth token before hashing.
Once changed, invalidates all sessions, as lookup is no longer possible.
Can only be set if hashing_algorithm
is not nil
.
Set to nil
to not salt auth_tokens. Defaults to nil
.
session_ttl
session_ttl
How many seconds since the creation a session should last.
Defaults to 7 days (60 * 60 * 24 * 7
).
refresh_session_ttl
refresh_session_ttl
The number of seconds that should be added to the session expires at when
calling Session.changeset()
.
nil
to prevent this behaviour.
Defaults to 7 days (60 * 60 * 24 * 7
).
Link to this section Summary
Link to this section Callbacks
@callback get_auth_token_length() :: non_neg_integer()
@callback get_hashing_algorithm() :: atom()
@callback get_refresh_session_ttl() :: non_neg_integer()
@callback get_secret_salt() :: binary() | nil
@callback get_session_ttl() :: non_neg_integer()