suggestion: add functions to load and store data in user's current session

[skybrian]

Site sessions are stored in KV under site_sessions and currently have no value; they are just set to true. Typical apps will have their own session object. They may want to store it in KV too.

It's easy enough to store this under a separate key. However, this results in an extra round trip to KV on every request, and there are two records to delete when the user logs out. So it might be nice to add a way to store load and store custom data in the user's current session.

[iuioiua]

Hi Brian, that's a very reasonable request. I'll look into this and get back to you within the week with ideas.

[iuioiua]

Ok. Here's what we can do. We can make handleCallback() accept a user-defined storageFn() argument. The function would accept the returned access token from the given OAuth provider and return an object of the dev choice. That object would then be stored in KV. This would allow the dev to figure out what to do with the access token and what to store.

This change would be accompanied by a getSessionObject() or similar. This function would act as a mechanism for retrieving stored values. If the function call returns null, we know the session doesn't exist.

I was previously tossing up whether we should encrypt this session object, but it might be best to leave such technicalities to the user. Use cases vary; some people might rather have better performance and aren't worried about such values being stored as is.

It might take a week or two before I have time to implement this, but it'd make a great addition.

[skybrian]

I think this is fine for my use case. I will only be using it to store the GitHub username in the session. (The storageFn does need to be async in order to do the fetch.)

Other people might want to modify the session after login, for example to set session variables.