From 37590b9e3edd61d71f9d9ad15096e9ead7639fbc Mon Sep 17 00:00:00 2001
From: Casey Allred <sbditto85@gmail.com>
Date: Mon, 23 Jan 2017 21:33:02 +0000
Subject: [PATCH] limit the session key as per the the definition comment 'The
 ID of a session. Always 18 bytes base64url-encoded as 24 characters.' using
 30 characters to be conservative

---
 .../src/Web/ServerSession/Backend/Persistent/Internal/Impl.hs   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/serversession-backend-persistent/src/Web/ServerSession/Backend/Persistent/Internal/Impl.hs b/serversession-backend-persistent/src/Web/ServerSession/Backend/Persistent/Internal/Impl.hs
index ec02314..70afadb 100644
--- a/serversession-backend-persistent/src/Web/ServerSession/Backend/Persistent/Internal/Impl.hs
+++ b/serversession-backend-persistent/src/Web/ServerSession/Backend/Persistent/Internal/Impl.hs
@@ -150,7 +150,7 @@ instance forall sess. P.PersistFieldSql (Decomposed sess) => P.PersistEntity (Pe
         (P.DBName "key")
         (P.FTTypeCon Nothing "SessionId sess")
         (P.sqlType (Proxy :: Proxy (SessionId sess)))
-        []
+        ["maxlen=30"]
         True
         P.NoReference
   persistFieldDef PersistentSessionAuthId