Class: Gloo::WebSvr::Session

Inherits:

Object

• Object
• Gloo::WebSvr::Session

Defined in:

lib/gloo/web_svr/session.rb

Constant Summary

SESSION_CONTAINER =

'session'.freeze

Instance Method Summary

• #add_session_for_response(headers) ⇒ Object

  If there is session data, encrypt and add it to the response.

• #cookie_expires ⇒ Object

  Get the expiration time for the session cookie.

• #cookie_path ⇒ Object

  Get the path for the session cookie.

• #decode_decrypt(data) ⇒ Object

  Decode and decrypt the session data.

• #encrypt_encode(data) ⇒ Object

  Encrypt and encode the session data.

• #initialize(engine, server_obj) ⇒ Session constructor

  Set up the web server.

• #iv ⇒ Object

  Get the initialization vector for the cipher.

• #key ⇒ Object

  Get the key for the encryption cipher.

• #secure_cookie? ⇒ Boolean

  Should the session cookie be secure?.

• #session_name ⇒ Object

  Get the session cookie name.

• #set_session_data_for_request(env) ⇒ Object

  Get the session data from the encrypted cookie.

Constructor Details

#initialize(engine, server_obj) ⇒ Session

Set up the web server.

# File 'lib/gloo/web_svr/session.rb', line 27

def initialize( engine, server_obj )
  @engine = engine
  @log = @engine.log

  @server_obj = server_obj
end

Instance Method Details

#add_session_for_response(headers) ⇒ Object

If there is session data, encrypt and add it to the response. Once done, clear out the session data.

# File 'lib/gloo/web_svr/session.rb', line 70

def add_session_for_response( headers )
  # Are we using sessions?
  if @server_obj.use_session?
    # Build and add encrypted session data
    data = @server_obj.get_session_data
    unless data.empty?
      data = encrypt_encode( data )
      session_hash = { 
        value: data, 
        path: cookie_path, 
        expires: cookie_expires,
        http_only: true }

      if secure_cookie?
        session_hash[ :secure ] = true
      end

      Rack::Utils.set_cookie_header!( headers, session_name, session_hash )
    end

    # Clear out session data
    @server_obj.clear_session_data
  end

  return headers
end

#cookie_expires ⇒ Object

Get the expiration time for the session cookie.

# File 'lib/gloo/web_svr/session.rb', line 148

def cookie_expires
  return @server_obj.session_cookie_expires
end

#cookie_path ⇒ Object

Get the path for the session cookie.

# File 'lib/gloo/web_svr/session.rb', line 141

def cookie_path
  return @server_obj.session_cookie_path
end

#decode_decrypt(data) ⇒ Object

Decode and decrypt the session data.

# File 'lib/gloo/web_svr/session.rb', line 112

def decode_decrypt( data )
  data = Gloo::Objs::Cipher.decrypt( data, key, iv )
  return JSON.parse( data )
end

#encrypt_encode(data) ⇒ Object

Encrypt and encode the session data.

# File 'lib/gloo/web_svr/session.rb', line 105

def encrypt_encode( data )
  return Gloo::Objs::Cipher.encrypt( data.to_json, key, iv )
end

#iv ⇒ Object

Get the initialization vector for the cipher.

# File 'lib/gloo/web_svr/session.rb', line 134

def iv
  return @server_obj.encryption_iv
end

#key ⇒ Object

Get the key for the encryption cipher.

# File 'lib/gloo/web_svr/session.rb', line 127

def key
  return @server_obj.encryption_key
end

#secure_cookie? ⇒ Boolean

Should the session cookie be secure?

Returns:

• (Boolean)

# File 'lib/gloo/web_svr/session.rb', line 155

def secure_cookie?
  return @server_obj.session_cookie_secure
end

#session_name ⇒ Object

Get the session cookie name.

# File 'lib/gloo/web_svr/session.rb', line 120

def session_name
  return @server_obj.session_name
end

#set_session_data_for_request(env) ⇒ Object

Get the session data from the encrypted cookie. Add it to the session container.

# File 'lib/gloo/web_svr/session.rb', line 43

def set_session_data_for_request( env )
  cookie_hash = Rack::Utils.parse_cookies( env )

  # Are we using sessions?
  if @server_obj.use_session?
    data = cookie_hash[ session_name ]

    if data
      data = decode_decrypt( data ) 

      data.each do |key, value|
        @server_obj.set_session_var( key, value )
      end
    end
  end

end