Skip to content

Comments

docs: expand views, auth & sessions chapter#9

Merged
Taure merged 1 commit intomainfrom
docs/expand-views-auth-sessions
Feb 24, 2026
Merged

docs: expand views, auth & sessions chapter#9
Taure merged 1 commit intomainfrom
docs/expand-views-auth-sessions

Conversation

@Taure
Copy link
Contributor

@Taure Taure commented Feb 24, 2026

Summary

  • ErlyDTL template basics: added syntax reference table, base layout with {% extends %}/{% block %} inheritance, and template options (view, headers, status_code)
  • CSRF token: login form now includes _csrf_token hidden field, consistent with the plugins chapter's nova_csrf_plugin setup
  • Simplified auth flow: moved credential validation from security function into the controller (the standard web pattern); session_auth/1 now returns {redirect, "/login"} instead of bare false
  • Simplified sessions: removed manual generate_session_id()/set_resp_cookie — uses Nova's auto-created sessions via nova_stream_h; documented use_sessions config, return types, and delete/1 cookie expiry
  • Consolidated routes: collapsed three route groups into two (public + protected)

Test plan

  • mdbook build succeeds
  • Cross-references to plugins.md, routing.md, error-handling.md, and data-layer/setup.md resolve correctly
  • Code examples verified against Nova source (nova_basic_handler, nova_session, nova_stream_h, nova_security_handler)

🤖 Generated with Claude Code

@Taure @claude
docs: expand views, auth & sessions chapter with template basics, CSR…
dcf0ac9 
…F, and simplified login flow

- Add ErlyDTL syntax reference table, base layout with template inheritance
- Add CSRF token to login form (required by nova_csrf_plugin)
- Document all template options (view, headers, status_code)
- Move credential validation from security function into controller
- Simplify session_auth to return {redirect, "/login"} instead of bare false
- Remove manual session ID generation — use Nova's auto-created sessions
- Consolidate routes from three groups to two (public + protected)
- Add use_sessions config, session API return types, and delete/1 cookie behavior

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@Taure Taure merged commit d64a39d into main Feb 24, 2026
1 check passed
@Taure Taure deleted the docs/expand-views-auth-sessions branch February 24, 2026 17:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Taure