Module: Webhookdb::Service::Middleware

Defined in:
lib/webhookdb/service/middleware.rb

Defined Under Namespace

Classes: CopyCookieToExplicitHeader, RequestLogger, SessionLength, SessionReader

Class Method Summary collapse

Class Method Details

.add_common_middleware(builder) ⇒ Object



52
53
54
55
56
57
# File 'lib/webhookdb/service/middleware.rb', line 52

def self.add_common_middleware(builder)
  builder.use(Rack::ContentLength)
  builder.use(Rack::Chunked)
  builder.use(Sentry::Rack::CaptureExceptions)
  builder.use(Rack::Deflater)
end

.add_cors_middleware(builder) ⇒ Object



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'lib/webhookdb/service/middleware.rb', line 23

def self.add_cors_middleware(builder)
  builder.use(Rack::Cors) do
    allow do
      origins(*Webhookdb::Service.cors_origins)
      resource "*",
               headers: :any,
               methods: :any,
               credentials: true,
               expose: ["ETag", Webhookdb::Service::AUTH_TOKEN_HEADER]
    end
    allow do
      origins("*")
      resource "/v1/saved_queries/*",
               headers: :any,
               methods: [:get],
               credentials: false,
               expose: "*"
    end
    allow do
      origins("*")
      resource "/v1/db/run_sql",
               headers: :any,
               methods: [:get, :post],
               credentials: false,
               expose: "*"
    end
  end
end

.add_dev_middleware(builder) ⇒ Object



59
60
61
62
# File 'lib/webhookdb/service/middleware.rb', line 59

def self.add_dev_middleware(builder)
  builder.use(Rack::ShowExceptions)
  builder.use(Rack::Lint)
end

.add_middlewares(builder) ⇒ Object



12
13
14
15
16
17
18
19
20
21
# File 'lib/webhookdb/service/middleware.rb', line 12

def self.add_middlewares(builder)
  self.add_cors_middleware(builder)
  self.add_common_middleware(builder)
  self.add_dev_middleware(builder) if Webhookdb::Service.devmode
  self.add_ssl_middleware(builder) if Webhookdb::Service.enforce_ssl
  self.add_session_middleware(builder)
  self.add_security_middleware(builder)
  Webhookdb::Service::Auth.add_warden_middleware(builder)
  builder.use(RequestLogger)
end

.add_security_middleware(_builder) ⇒ Object

Add security middleware to builder.



77
78
79
80
# File 'lib/webhookdb/service/middleware.rb', line 77

def self.add_security_middleware(_builder)
  # session_hijacking causes issues in integration tests...?
  # builder.use Rack::Protection, except: :session_hijacking
end

.add_session_middleware(builder) ⇒ Object

Add middleware for maintaining sessions to builder.



69
70
71
72
73
74
# File 'lib/webhookdb/service/middleware.rb', line 69

def self.add_session_middleware(builder)
  builder.use CopyCookieToExplicitHeader
  builder.use Rack::Session::Cookie, Webhookdb::Service.cookie_config
  builder.use SessionLength
  builder.use(SessionReader)
end

.add_ssl_middleware(builder) ⇒ Object



64
65
66
# File 'lib/webhookdb/service/middleware.rb', line 64

def self.add_ssl_middleware(builder)
  builder.use(Rack::SslEnforcer, redirect_html: false)
end