docs-session.md
Session in Hologram provides secure storage that persists across page visits within a user's browsing session. Session data is stored in a secure session cookie that ensures data integrity and security. You can work with session data in three main contexts:
init/3 functions)init/3 and commandsSessions are ideal for storing user authentication data, temporary state, and sensitive information. The data is automatically secured by the server through the session system. Hologram also provides functions for managing regular Cookies outside of the session system. See the "Session vs Direct Cookie Management" section below for guidance on when to use which approach.
Hologram provides the following functions for working with sessions:
get_session(server, key) - reads a session valueget_session(server, key, default) - reads a session value with a default if the key doesn't existput_session(server, key, value) - writes a session valuedelete_session(server, key) - deletes a session valueNote: Session keys must be atoms or strings - other types raise. Atom keys are accepted and converted to strings, so :user_id and "user_id" address the same value. In embedded mode the session is backed by the Phoenix session store, which keys by string, and recovering the original atom would require an unsafe string-to-atom conversion.
You can read session values using the get_session/2 and get_session/3 functions.
For simple values stored in the session:
def init(_params, component, server) do
user_id = get_session(server, :user_id)
put_state(component, :user_id, user_id)
end
Sessions can store any Elixir data type, including complex data structures like maps, lists, and tuples. You can work with these structures directly:
def init(_params, component, server) do
preferences =
server
|> get_session(:user_profile)
|> Map.get(:preferences, %{})
put_state(component, :user_preferences, preferences)
end
When a session key doesn't exist, get_session/2 returns nil. You can provide default values using get_session/3:
def init(_params, component, server) do
cart_items = get_session(server, :cart, [])
put_state(component, :cart_items, cart_items)
end
You can write session values using the put_session/3 function. Session data is automatically persisted and will be available across page visits within the same session.
Writing simple values to the session:
def init(_params, _component, server) do
put_session(server, :user_id, 123)
end
Sessions can store complex Elixir data structures:
def init(_params, _component, server) do
user_profile = %{
id: 123,
email: "[email protected]",
role: :admin,
preferences: %{
theme: "dark",
notifications: true
}
}
put_session(server, :user_profile, user_profile)
end
To update existing session data, retrieve it, modify it, and store it back:
def init(_params, _component, server) do
cart = get_session(server, :cart, [])
updated_cart = [%{id: 456, quantity: 1} | cart]
put_session(server, :cart, updated_cart)
end
Remove session values using the delete_session/2 function:
def init(_params, _component, server) do
delete_session(server, :temporary_data)
end
Session operations can also be performed in server commands, allowing for dynamic session management in response to user interactions:
def command(:login, params, server) do
case authenticate_user(params.email, params.password) do
{:ok, user} ->
server
|> put_session(:user_id, user.id)
|> put_session(:user_role, user.role)
|> put_action(:redirect_to_dashboard)
{:error, _reason} ->
put_action(server, :show_error_message, message: "Invalid credentials")
end
end
def command(:add_to_cart, params, server) do
cart = get_session(server, :cart, [])
item = %{product_id: params.product_id, quantity: params.quantity}
updated_cart = [item | cart]
server
|> put_session(:cart, updated_cart)
|> put_action(:update_cart_display, cart: updated_cart)
end
def command(:logout, _params, server) do
server
|> delete_session(:user_id)
|> delete_session(:user_role)
|> delete_session(:cart)
|> put_action(:redirect_to_home)
end
Understanding when to use Hologram's session system versus direct cookie management:
Sponsored by
Previous
Next