var commitSession = function(env, jsgiResponse, key, secret){
var session = env["jsgi.session"];
if (!session) return jsgiResponse;
var sessionData = JSON.stringify(session);
var digest = sha.hash(sessionData + secret).decodeToString(64);
// do not serialize if the session is not dirty.
if (digest == env["jsgi.session.digest"]) return jsgiResponse;
sessionData = sessionData + "--" + digest;
if (sessionData.length > 4096) {
env["jsgi.errors"] += "Session Cookie data size exceeds 4k! Content dropped";
return jsgiResponse;
}
var options = env["jsgi.session.options"];
var cookie = { value: sessionData };
if (options["expires_after"])
cookie.expires = new Date() + options["expires_after"];
var response = new Response(jsgiResponse.status, jsgiResponse.headers, jsgiResponse.body);
response.setCookie(key, cookie);
return response;
}