2 files changed, 44 insertions, 9 deletions

diff --git a/src/lib.rs b/src/lib.rs
index cdfbe1a..75eacee 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,6 +1,5 @@
 #[cfg(test)]
 mod tests {
     #[test]
-    fn it_works() {
-    }
+    fn it_works() {}
 }
diff --git a/src/main.rs b/src/main.rs
index 0893825..368beb3 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,3 +1,5 @@
+// CSRF protection
+// https://github.com/heartsucker/iron-csrf
 extern crate iron;
 #[macro_use]
 extern crate log;
@@ -7,10 +9,15 @@ extern crate env_logger;
 #[macro_use]
 extern crate horrorshow;
 
+extern crate iron_sessionstorage;
+use iron_sessionstorage::traits::*;
+use iron_sessionstorage::SessionStorage;
+use iron_sessionstorage::backends::SignedCookieBackend;
+
 use iron::status;
 use iron::modifiers::Header;
 use iron::headers::ContentType;
-use iron::{Iron, Request, IronResult, Response};
+use iron::{Iron, Request, IronResult, Response, Chain};
 use router::Router;
 
 use horrorshow::prelude::*;
@@ -18,6 +25,20 @@ use horrorshow::Raw;
 
 use std::process::Command;
 
+struct Aaa(String);
+
+impl iron_sessionstorage::Value for Aaa {
+    fn get_key() -> &'static str {
+        "aaa"
+    }
+    fn into_raw(self) -> String {
+        self.0
+    }
+    fn from_raw(v: String) -> Option<Self> {
+        Some(Aaa(v))
+    }
+}
+
 fn render_message(message: &str) -> String {
     (html!{
         : Raw("<!DOCTYPE html>");
@@ -35,25 +56,40 @@ fn render_message(message: &str) -> String {
 }
 
 fn hello(r: &mut Request) -> IronResult<Response> {
+    let mut session_value = match try!(r.session().get::<Aaa>()) {
+        Some(aaa) => aaa,
+        None => Aaa("".to_owned()),
+    };
+
     let name = r.extensions
         .get::<Router>()
         .unwrap()
         .find("name")
-        .unwrap_or("World");
+        .unwrap_or("World").to_owned();
     let output = Command::new("date").output().unwrap().stdout;
     let date = String::from_utf8_lossy(&output);
 
-    Ok(Response::with((status::Ok,
-                       Header(ContentType::html()),
-                       render_message(&format!("Hello, {}. The time is {}", name, date)))))
+    let res = Ok(Response::with((status::Ok,
+                                 Header(ContentType::html()),
+                                 render_message(&format!("Hello, {}. The time is {}. {}",
+                                                         name,
+                                                         date,
+                                                         session_value.0)))));
+
+    info!("Updating session value. Current value: {}", session_value.0);
+    session_value.0.push('a');
+    try!(r.session().set(session_value));
+    res
 }
 
 fn main() {
     env_logger::init().unwrap();
-    info!("Some debug info");
+    let secret = b"secret2".to_vec();
     let router = router!(
         root: get "/" => hello,
         name: get "/:name" => hello);
-    let _server = Iron::new(router).http(":::8080").unwrap();
+    let mut chain = Chain::new(router);
+    chain.link_around(SessionStorage::new(SignedCookieBackend::new(secret)));
+    let _server = Iron::new(chain).http(":::8080").unwrap();
     println!("On 8080");
 }