Domain: Session service
lhaze opened this issue · 1 comments
lhaze commented
ISession
interfaceSession
API:- session expiration (
set_expiry/get_expiry/flush
) - session as data storage with dict API
information about the user (ISessionWithUser
)
- session expiration (
lhaze commented
One clarification: there's no need for making session model/service/whatever user-model-aware. Two reasons:
- There are lots of applications where having a session instance doesn't imply having a user model instance specified. Maybe there's no user model at all.
- It seems quite opposite dependency. There is some kind of authentication service that depends on Session component (how about client-side "sessions", even if they are security anti-pattern?), that reads some value from the session and interprets it as an identifier for user repository to get an instance. This seems to be The Clean Architecture way.