Class: N::App::Session

Inherits:

Hash

• Object
• Hash
• N::App::Session

Defined in:

lib/n/app/session.rb

Overview

Session

This object encapsulates a WebApplication session.

Design:

The session should be persistable to survive server shutdowns.

Usage

State is a neccessary evil but try to avoid using session variables as much as possible. Session state is typically distributed to many servers so avoid storing complete objects in session variables, only store oids and integer/strings.

Constant Summary

COOKIE_NAME =

"nsid"

Instance Attribute Summary

• #session_id ⇒ Object readonly

  Returns the value of attribute session_id.

• #touch_time ⇒ Object

  the last touch time.

• #user ⇒ Object

  keep the user to allow for session lookup based on user.

Class Method Summary

• .calculate_id ⇒ Object

  Calculates a unique id.

• .initialize_gc(session_manager, interval) ⇒ Object

  Initialize sessions garbage collection.

Instance Method Summary

• #initialize(sid, request = nil) ⇒ Session constructor

  A new instance of Session.

• #login(request, user) ⇒ Object

  Login a user.

• #logout ⇒ Object

  Logout a user.

• #refresh! ⇒ Object

  Refresh session entities.

• #stale? ⇒ Boolean
• #synchronize! ⇒ Object

  call this method to synchronize the session with other servers in the cluster.

• #touch ⇒ Object

Constructor Details

#initialize(sid, request = nil) ⇒ Session

Returns a new instance of Session.

# File 'lib/n/app/session.rb', line 129

def initialize(sid, request = nil)
	super()
	@session_id = sid
	@touch_time = Time.now
	@user = N::AnonymousUser.instance()
end

Instance Attribute Details

#session_id ⇒ Object (readonly)

Returns the value of attribute session_id.

# File 'lib/n/app/session.rb', line 116

def session_id
  @session_id
end

#touch_time ⇒ Object

the last touch time

# File 'lib/n/app/session.rb', line 125

def touch_time
  @touch_time
end

#user ⇒ Object

keep the user to allow for session lookup based on user. also do NOT keep the full user as an object in the session hash to optimize druby usage!

# File 'lib/n/app/session.rb', line 122

def user
  @user
end

Class Method Details

.calculate_id ⇒ Object

Calculates a unique id.

The session id must be unique, a monotonically increasing function like time is appropriate. Random may produce equal ids? add a prefix (SALT) to stop hackers from creating session_ids.

TODO: make the prefix configurable

# File 'lib/n/app/session.rb', line 201

def self.calculate_id
	time = Time.now
	# FIXME: make this more random? 
	id = Digest::MD5.md5("SALT#{time.to_i} #{time.tv_usec}").to_s
	return id
end

.initialize_gc(session_manager, interval) ⇒ Object

Initialize sessions garbage collection.

Warning: this is not used yet!

# File 'lib/n/app/session.rb', line 212

def self.initialize_gc(session_manager, interval)
	# gmosx, FIXME: store this in a variable.
	Thread.new {
		loop do
			sleep(interval)
			garbage_collect(session_manager.sessions)
		end
	}
end

Instance Method Details

#login(request, user) ⇒ Object

Login a user

Returns false for banned users.

# File 'lib/n/app/session.rb', line 140

def login(request, user)
	return false if user.banned? 
	@user = user
	@user.login(request)
	$sessions.login(@user.oid, @user.name)
	$log.info "User '#{user}' logged in!"
	return true
end

#logout ⇒ Object

Logout a user

# File 'lib/n/app/session.rb', line 151

def logout()
	self.clear()
	@user.logout()
	$sessions.logout(@user.oid)
	$log.info "User '#{user}' logged out!"
	@user = N::AnonymousUser.instance
end

#refresh! ⇒ Object

Refresh session entities.

Call this when you manually change entities stored in the session. A typical scenario is when you change an online user.

Warning: the current version only refreshes the “USER” entity.

# File 'lib/n/app/session.rb', line 188

def refresh!
	@user = $db.get(@user.oid, @user.class) if @user
end

#stale? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/n/app/session.rb', line 167

def stale?
	timeout = @user.anonymous? ? $srv_anon_session_timeout : $srv_session_timeout
	return (Time.now - @touch_time > timeout)
end

#synchronize! ⇒ Object

call this method to synchronize the session with other servers in the cluster.

# File 'lib/n/app/session.rb', line 175

def synchronize!
	# gmosx: TODO, add a check if the session is allready
	# synchronized.
	$sessions[@session_id] = self
end

#touch ⇒ Object

# File 'lib/n/app/session.rb', line 161

def touch
	@touch_time = Time.now
end