**BREAKING CHANGES** Use of state in LoanWrappers

[David Pollak]

Folks,

An unfortunate construct developed in Lift related to using LoanWrappers to perform functions associated with a request (e.g., testing for cookie availability) and potentially modifying SessionVar state related to cookie availability.  The Lift libraries used this pattern (e.g. ProtoExtendedSession).

As we've extended the S scope around stateless requests (including stateless REST requests), the problems with this pattern became apparent.

I've updated LiftRules with two new rules:

  /**
   * Execute certain functions early in a Stateful Request
   */
  val earlyInStateful = RulesSeq[Box[Req] => Unit]

  /**
   * Execute certain functions early in a Stateful Request
   */
  val earlyInStateless = RulesSeq[Box[Req] => Unit]

Any request-sniffing/state modifying functions should be placed in one of these two locations and removed from S.addAround/LoanWrappers.

I have updated ProtoExtendedSession.  The key change you need to make in Boot.scala if you're using ProtoExtendedSession is:

remove:
  S.addAround(ExtendedSession.requestLoans)

insert:
    LiftRules.earlyInStateful.append(ExtendedSession.testCookieEarlyInStateful)

The complete ticket is described here:
https://www.assembla.com/spaces/liftweb/tickets/939-protoextended-session-uses-bad-construct#last_comment

I have also put together a small sample application of using ExtendedLogin correctly: https://github.com/dpp/starting_point/tree/extended_login

Sorry for the inconvenience.

Thanks,

David


--
Lift, the simply functional web framework http://liftweb.net

Simply Lift http://simply.liftweb.net
Beginning Scala http://www.apress.com/book/view/1430219890
Follow me: http://twitter.com/dpp
Blog: http://goodstuff.im

[Peter Robinett]

Sounds good. Is this in 2.3-M1 or did you add it after yesterday's release?

Cheers,

Peter

[Indrajit Raychaudhuri]

In a few hours, there would be an RC2 with this included :)

- Indrajit

> --
> You received this message because you are subscribed to the Google
> Groups "Lift" group.
> To post to this group, send email to lif...@googlegroups.com.
> To unsubscribe from this group, send email to
> liftweb+u...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/liftweb?hl=en.

[Peter Robinett]

Cool, thanks!

[Timothy Perrett]

Great, this is a change for the better. 

Can one assume that now the cookie checking is not being done within the loan wrapper the need for work arounds like:

LiftRules.liftRequest.append { 

  case Req("classpath" :: _, _, _) => true

  case Req("favicon" :: Nil, "ico", GetRequest) => false

  case Req(_, "css", GetRequest) => false

  case Req(_, "js", GetRequest) => false

}

...Are now gone due to the check being a proper part of the pipeline? 

Cheers, Tim

[Joa Ebert]

Hey,

is this related to the issue I have mistakenly posted to Assembla?

http://www.assembla.com/spaces/liftweb/tickets/940?comment=14958732#comment:14958732

Best,

Joa

[David Pollak]

In general, you shouldn't have side effects in a rewrite other than memoizing values.
 

Best,

Joa

--
You received this message because you are subscribed to the Google Groups "Lift" group.
To post to this group, send email to lif...@googlegroups.com.
To unsubscribe from this group, send email to liftweb+u...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/liftweb?hl=en.

[lester]

Thanks, David!

> The complete ticket is described here:https://www.assembla.com/spaces/liftweb/tickets/939-protoextended-ses...

>
> I have also put together a small sample application of using ExtendedLogin
> correctly:https://github.com/dpp/starting_point/tree/extended_login
>
> Sorry for the inconvenience.
>
> Thanks,
>
> David
>
> --
> Lift, the simply functional web frameworkhttp://liftweb.net
> Simply Lifthttp://simply.liftweb.net

> Beginning Scalahttp://www.apress.com/book/view/1430219890