Include this in kemal-session itself?
Thyra opened this issue · 3 comments
Is there any advantage to having this Handler as a separate shard and not including it in kemal-session itself? I can't imagine anyone who would say, "Well, actually, I would rather like to have sessions that are not CSRF-safe because I like to live dangerously" ;-).
This way with the separate shard it's just some extra complication for people who are new to Kemal.
I think this is a good idea 👍
@Thyra @sdogruyol I have tried to fix this issue a couple of time but I always run into the issue that Kemal::Session
contains constants that are being set twice when I require "kemal-csrf
in kemal-session because kemal-csrf requires kemal-session.
Is there a way to make sure that a constant only gets set once? Or would a better solution be to just move the CSRF
class into kemal-session?
Yeah, moving CSRF
into Kemal session would be feasible