refactor(SessionHandler): SessionAdministrator decorates SessionHandler instead of holding components#9
Merged
ralflang merged 1 commit intoJun 9, 2026
Conversation
…er instead of holding components Eliminates the three-component construction (backend, factory, serializer) in favor of a single SessionHandler dependency. Operations route through SessionHandler's existing public API: - listAll/load/destroy/expire/getMetadata are pass-throughs - findByUser and destroyAllForUser compose over the pass-throughs Adds expire() and getMetadata() pass-throughs that were previously missing — admin callers should never need to inject both SessionAdministrator and SessionHandler side by side. DI is now trivial: the Injector autowires the SessionHandler dependency, no factory class needed.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Reshapes the just-merged
SessionAdministratorso it takes a singleSessionHandlerconstructor argument instead of three components (SessionStorageBackend,SessionFactory,SessionSerializer).All operations route through
SessionHandler's existing public API:listAll/load/destroy/expire/getMetadataare pass-throughsfindByUseranddestroyAllForUsercompose over the pass-throughsAdds
expire()andgetMetadata()pass-throughs that the original draft was missing. Design rule: code holdingSessionAdministratorshould never also need to injectSessionHandlerdirectly. Every operation an admin caller might want is now onSessionAdministratoreither as a pass-through or as a user-aware composition.Active-session-only operations on
SessionHandler(create,save,regenerate, the SessionHandlerInterface plumbing) are deliberately NOT proxied — they don't make sense for arbitrary stored sessions.DI consequence: no factory class needed. The Injector autowires the
SessionHandlerconstructor dependency.Safe to merge: zero consumers exist anywhere in the codebase yet. The original constructor shape was published a few hours ago in #8 and no DI binding was added.
Refs horde/Core#131