Class: Rage::SidekiqSession

Inherits:

Object

Object
Rage::SidekiqSession

Defined in:: lib/rage/sidekiq_session.rb

Overview

Used specifically for compatibility with Sidekiq's Web interface. Remove once we have real sessions or once Sidekiq's author decides they don't need cookie sessions to protect against CSRF.

Constant Summary collapse

KEY =

Digest::SHA2.hexdigest(ENV["SECRET_KEY_BASE"] || File.read("Gemfile.lock") + File.read("config/routes.rb"))

SESSION_KEY =

"rage.sidekiq.session"

Instance Attribute Summary collapse

#changed ⇒ Object readonly
Returns the value of attribute changed.

Class Method Summary collapse

.with_session(env) ⇒ Object

Instance Method Summary collapse

#[](key) ⇒ Object
#[]=(key, value) ⇒ Object
#dump ⇒ Object
#initialize(env) ⇒ SidekiqSession constructor
A new instance of SidekiqSession.
#to_hash ⇒ Object

Constructor Details

#initialize(env) ⇒ `SidekiqSession`

Returns a new instance of SidekiqSession.

# File 'lib/rage/sidekiq_session.rb', line 32

def initialize(env)
  @env = env
  session = Rack::Utils.parse_cookies(@env)[SESSION_KEY]
  @data = decode_session(session)
end

Instance Attribute Details

#changed ⇒ `Object` (readonly)

Returns the value of attribute changed.



30
31
32

# File 'lib/rage/sidekiq_session.rb', line 30

def changed
  @changed
end

Class Method Details

.with_session(env) ⇒ `Object`

# File 'lib/rage/sidekiq_session.rb', line 15

def self.with_session(env)
  env["rack.session"] = session = self.new(env)
  response = yield

  if session.changed
    Rack::Utils.set_cookie_header!(
      response[1],
      SESSION_KEY,
      { path: env["SCRIPT_NAME"], httponly: true, same_site: true, value: session.dump }
    )
  end

  response
end

Instance Method Details

#[](key) ⇒ `Object`



38
39
40

# File 'lib/rage/sidekiq_session.rb', line 38

def [](key)
  @data[key]
end

#[]=(key, value) ⇒ `Object`

# File 'lib/rage/sidekiq_session.rb', line 42

def[]=(key, value)
  @changed = true
  @data[key] = value
end

#dump ⇒ `Object`

# File 'lib/rage/sidekiq_session.rb', line 51

def dump
  encoded_data = Marshal.dump(@data)
  signature = OpenSSL::HMAC.hexdigest("SHA256", KEY, encoded_data)

  Base64.urlsafe_encode64("#{encoded_data}--#{signature}")
end

#to_hash ⇒ `Object`



47
48
49

# File 'lib/rage/sidekiq_session.rb', line 47

def to_hash
  @data
end