Class: RailsSessionKeyRotator

Inherits:

Object

Object
RailsSessionKeyRotator

show all

Defined in:: lib/rails_session_key_rotator.rb

Instance Method Summary collapse

#call(env) ⇒ Object
#initialize(app, options = {}) ⇒ RailsSessionKeyRotator constructor

A new instance of RailsSessionKeyRotator.

Constructor Details

#initialize(app, options = {}) ⇒ `RailsSessionKeyRotator`

Returns a new instance of RailsSessionKeyRotator.

# File 'lib/rails_session_key_rotator.rb', line 5

def initialize(app, options = {})
  @app = app
  @session_cookie_key = options.fetch(:key)
  old_secret = options.fetch(:old_secret)
  new_secret = options.fetch(:new_secret)
  @old_verifier = ActiveSupport::MessageVerifier.new(old_secret)
  @new_verifier = ActiveSupport::MessageVerifier.new(new_secret)
end

Instance Method Details

#call(env) ⇒ `Object`

# File 'lib/rails_session_key_rotator.rb', line 14

def call(env)
  request = Rack::Request.new(env)
  session_cookie = request.cookies[@session_cookie_key]
  session_data = verify_old_session_data(session_cookie) if session_cookie.present?
  if session_data.present?
    request.cookies[@session_cookie_key] = @new_verifier.generate(session_data)
    ActiveSupport::Notifications.instrument('rails_session_key_rotator.upgraded', request)
  end
  @app.call(env)
end

Class: RailsSessionKeyRotator

Instance Method Summary collapse

Constructor Details

#initialize(app, options = {}) ⇒ RailsSessionKeyRotator

Instance Method Details

#call(env) ⇒ Object

#initialize(app, options = {}) ⇒ `RailsSessionKeyRotator`

#call(env) ⇒ `Object`