Class: Monorail::SessionManager
- Inherits:
-
Object
- Object
- Monorail::SessionManager
- Includes:
- Singleton
- Defined in:
- lib/monorail/monorail_webd.rb
Overview
class SessionManager Generate sessions and session keys. This singleton class is used to support Monorail requests. We get our session keys from a system entropy machine. This version REQUIRES uuidgen and throws a fatal error if it’s not present.
Defined Under Namespace
Classes: TooManySessions
Constant Summary collapse
- SessionTimeout =
TODO, make the session timeout (currently hardcoded to 10 minutes) configurable.
600
- AuthorizationTimeout =
Authorization timeout is an interval after which we must re-authorize against an authoritative source. It’s to make sure we cut the user off in case his access rights should expire or be revoked during a session.
120
- MaxSessions =
MaxSessions is the top number of sessions we permit at a time. May need to become configurable
100
Instance Method Summary collapse
-
#create_session ⇒ Object
create_session This is as a good a place as any to purge expired sessions.
-
#generate_key ⇒ Object
generate_key.
-
#get_key_seed ⇒ Object
get_key_seed This method uses uuidgen, which must be present on the system.
-
#initialize ⇒ SessionManager
constructor
initialize.
-
#purge_expired_sessions ⇒ Object
purge_expired_sessions.
-
#retrieve_or_create_session(session_name) ⇒ Object
retrieve_or_create_session.
Constructor Details
#initialize ⇒ SessionManager
initialize
66 67 68 69 70 71 72 |
# File 'lib/monorail/monorail_webd.rb', line 66 def initialize # generate one key and throw it away. That way if there is a problem # with the entropy generator, it'll generate an exception at the top # of the run. generate_key @sessions = {} end |
Instance Method Details
#create_session ⇒ Object
create_session This is as a good a place as any to purge expired sessions. We also throttle the total number of sessions open at any given time.
122 123 124 125 126 127 128 129 130 131 132 |
# File 'lib/monorail/monorail_webd.rb', line 122 def create_session purge_expired_sessions unless @sessions.size < MaxSessions raise TooManySessions end sc = Session.new @sessions [sc.session_name.dup] = sc sc end |
#generate_key ⇒ Object
generate_key
87 88 89 90 91 92 93 94 95 |
# File 'lib/monorail/monorail_webd.rb', line 87 def generate_key if !@key_suffix or @key_suffix > 1000000 @key_seed = get_key_seed raise "Invalid session-key seed" unless @key_seed.length > 8 @key_suffix = 0 end @key_suffix += 1 format( "%s%08x", @key_seed, @key_suffix ) end |
#get_key_seed ⇒ Object
get_key_seed This method uses uuidgen, which must be present on the system. Override here to use some other mechanism.
80 81 82 |
# File 'lib/monorail/monorail_webd.rb', line 80 def get_key_seed `uuidgen -r`.chomp.gsub(/[\-]/, "") end |
#purge_expired_sessions ⇒ Object
purge_expired_sessions
138 139 140 141 142 |
# File 'lib/monorail/monorail_webd.rb', line 138 def purge_expired_sessions @sessions.delete_if {|k,v| v.is_expired? } end |
#retrieve_or_create_session(session_name) ⇒ Object
retrieve_or_create_session
100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 |
# File 'lib/monorail/monorail_webd.rb', line 100 def retrieve_or_create_session session_name sc = @sessions[session_name] if sc if sc.is_expired? @sessions.delete sc.session_name sc = nil else sc.touch end end sc or create_session end |