activerecord-session_store 1.0.0 → 1.1.3
Sign up to get free protection for your applications and to get access to all the features.
Potentially problematic release.
This version of activerecord-session_store might be problematic. Click here for more details.
- checksums.yaml +5 -5
- data/README.md +21 -6
- data/lib/action_dispatch/session/active_record_store.rb +1 -1
- data/lib/active_record/session_store.rb +20 -2
- data/lib/active_record/session_store/session.rb +10 -2
- data/lib/active_record/session_store/version.rb +1 -1
- data/lib/generators/active_record/session_migration_generator.rb +4 -0
- data/lib/generators/active_record/templates/migration.rb +1 -1
- data/lib/tasks/database.rake +3 -4
- metadata +3 -36
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: af08a0134b3e5a615c2d9f400c30c9d0b4f5327e21c1254f49cfec775ef73732
|
|
4
|
+
data.tar.gz: f6dd6871a3df37d22cc652b54b3f76f41746d9f0c5e01920984a3bcc6d516cf6
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 300394f621b26e545ba842e3d8c4a78f733cd34768ede33ab07f7f4abfc168fc1fa60c4b10ea47a7046db896395206201e3a0b0aa1680418bd219998ebbd5b46
|
|
7
|
+
data.tar.gz: f4fd30af09711cc74e0a7365c6c529c99a1cd47a4aa91f8c0314deb4eb0cd552d8b3824e497e5d9af86ac110c98f3b9d5865b771af1db12993401774bdfd7422
|
data/README.md
CHANGED
|
@@ -18,12 +18,23 @@ Run the migration generator:
|
|
|
18
18
|
|
|
19
19
|
rails generate active_record:session_migration
|
|
20
20
|
|
|
21
|
+
Run the migration:
|
|
22
|
+
|
|
23
|
+
rake db:migrate
|
|
24
|
+
|
|
21
25
|
Then, set your session store in `config/initializers/session_store.rb`:
|
|
22
26
|
|
|
23
27
|
```ruby
|
|
24
28
|
Rails.application.config.session_store :active_record_store, :key => '_my_app_session'
|
|
25
29
|
```
|
|
26
30
|
|
|
31
|
+
To avoid your sessions table expanding without limit as it will store expired and
|
|
32
|
+
potentially sensitive session data, it is strongly recommended in production
|
|
33
|
+
environments to schedule the `db:sessions:trim` rake task to run daily.
|
|
34
|
+
Running `bin/rake db:sessions:trim` will delete all sessions that have not
|
|
35
|
+
been updated in the last 30 days. The 30 days cutoff can be changed using the
|
|
36
|
+
`SESSION_DAYS_TRIM_THRESHOLD` environment variable.
|
|
37
|
+
|
|
27
38
|
Configuration
|
|
28
39
|
--------------
|
|
29
40
|
|
|
@@ -31,7 +42,8 @@ The default assumes a `sessions` tables with columns:
|
|
|
31
42
|
|
|
32
43
|
* `id` (numeric primary key),
|
|
33
44
|
* `session_id` (string, usually varchar; maximum length is 255), and
|
|
34
|
-
* `data` (text or
|
|
45
|
+
* `data` (text, longtext, json or jsonb); careful if your session data exceeds
|
|
46
|
+
65KB).
|
|
35
47
|
|
|
36
48
|
The `session_id` column should always be indexed for speedy lookups.
|
|
37
49
|
Session data is marshaled to the `data` column in Base64 format.
|
|
@@ -53,11 +65,14 @@ having a separate `id` column if you don't want it. However, you must
|
|
|
53
65
|
set `session.model.id = session.session_id` by hand! A before filter
|
|
54
66
|
on ApplicationController is a good place.
|
|
55
67
|
|
|
56
|
-
The serializer may be
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
but write as JSON.
|
|
68
|
+
The serializer may be class responding to `#load(value)` and `#dump(value)`, or
|
|
69
|
+
a symbol of `marshal`, `json`, `hybrid` or `null`. `marshal` is the default and
|
|
70
|
+
uses the built-in Marshal methods coupled with Base64 encoding. `json` does
|
|
71
|
+
what it says on the tin, using the `parse()` and `generate()` methods of the
|
|
72
|
+
JSON module. `hybrid` will read either type but write as JSON. `null` will
|
|
73
|
+
not perform serialization, leaving that up to the ActiveRecord database
|
|
74
|
+
adapter. This allows you to take advantage of the native JSON capabilities of
|
|
75
|
+
your database.
|
|
61
76
|
|
|
62
77
|
Since the default class is a simple Active Record, you get timestamps
|
|
63
78
|
for free if you add `created_at` and `updated_at` datetime columns to
|
|
@@ -98,7 +98,7 @@ module ActionDispatch
|
|
|
98
98
|
def delete_session(request, session_id, options)
|
|
99
99
|
logger.silence_logger do
|
|
100
100
|
if sid = current_session_id(request)
|
|
101
|
-
if model =
|
|
101
|
+
if model = @@session_class.find_by_session_id(sid)
|
|
102
102
|
data = model.data
|
|
103
103
|
model.destroy
|
|
104
104
|
end
|
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
require 'active_record'
|
|
1
2
|
require 'active_record/session_store/version'
|
|
2
3
|
require 'action_dispatch/session/active_record_store'
|
|
3
4
|
require "active_record/session_store/extension/logger_silencer"
|
|
@@ -6,6 +7,8 @@ require 'multi_json'
|
|
|
6
7
|
|
|
7
8
|
module ActiveRecord
|
|
8
9
|
module SessionStore
|
|
10
|
+
autoload :Session, 'active_record/session_store/session'
|
|
11
|
+
|
|
9
12
|
module ClassMethods # :nodoc:
|
|
10
13
|
mattr_accessor :serializer
|
|
11
14
|
|
|
@@ -47,6 +50,8 @@ module ActiveRecord
|
|
|
47
50
|
JsonSerializer
|
|
48
51
|
when :hybrid then
|
|
49
52
|
HybridSerializer
|
|
53
|
+
when :null then
|
|
54
|
+
NullSerializer
|
|
50
55
|
else
|
|
51
56
|
self.serializer
|
|
52
57
|
end
|
|
@@ -91,15 +96,28 @@ module ActiveRecord
|
|
|
91
96
|
value.start_with?(MARSHAL_SIGNATURE)
|
|
92
97
|
end
|
|
93
98
|
end
|
|
99
|
+
|
|
100
|
+
# Defer serialization to the ActiveRecord database adapter
|
|
101
|
+
class NullSerializer
|
|
102
|
+
def self.load(value)
|
|
103
|
+
value
|
|
104
|
+
end
|
|
105
|
+
|
|
106
|
+
def self.dump(value)
|
|
107
|
+
value
|
|
108
|
+
end
|
|
109
|
+
end
|
|
94
110
|
end
|
|
95
111
|
end
|
|
96
112
|
end
|
|
97
113
|
|
|
98
|
-
|
|
114
|
+
ActiveSupport.on_load(:active_record) do
|
|
115
|
+
require 'active_record/session_store/session'
|
|
116
|
+
end
|
|
117
|
+
|
|
99
118
|
require 'active_record/session_store/sql_bypass'
|
|
100
119
|
require 'active_record/session_store/railtie' if defined?(Rails)
|
|
101
120
|
|
|
102
|
-
ActionDispatch::Session::ActiveRecordStore.session_class = ActiveRecord::SessionStore::Session
|
|
103
121
|
Logger.send :include, ActiveRecord::SessionStore::Extension::LoggerSilencer
|
|
104
122
|
|
|
105
123
|
begin
|
|
@@ -80,7 +80,10 @@ module ActiveRecord
|
|
|
80
80
|
|
|
81
81
|
private
|
|
82
82
|
def serialize_data!
|
|
83
|
-
|
|
83
|
+
unless loaded?
|
|
84
|
+
return false if Rails::VERSION::MAJOR < 5
|
|
85
|
+
throw :abort
|
|
86
|
+
end
|
|
84
87
|
write_attribute(@@data_column_name, self.class.serialize(data))
|
|
85
88
|
end
|
|
86
89
|
|
|
@@ -88,7 +91,10 @@ module ActiveRecord
|
|
|
88
91
|
# larger than the data storage column. Raises
|
|
89
92
|
# ActionController::SessionOverflowError.
|
|
90
93
|
def raise_on_session_data_overflow!
|
|
91
|
-
|
|
94
|
+
unless loaded?
|
|
95
|
+
return false if Rails::VERSION::MAJOR < 5
|
|
96
|
+
throw :abort
|
|
97
|
+
end
|
|
92
98
|
limit = self.class.data_column_size_limit
|
|
93
99
|
if limit and read_attribute(@@data_column_name).size > limit
|
|
94
100
|
raise ActionController::SessionOverflowError
|
|
@@ -97,3 +103,5 @@ module ActiveRecord
|
|
|
97
103
|
end
|
|
98
104
|
end
|
|
99
105
|
end
|
|
106
|
+
|
|
107
|
+
ActionDispatch::Session::ActiveRecordStore.session_class = ActiveRecord::SessionStore::Session
|
data/lib/tasks/database.rake
CHANGED
|
@@ -1,15 +1,14 @@
|
|
|
1
1
|
namespace 'db:sessions' do
|
|
2
2
|
desc "Creates a sessions migration for use with ActiveRecord::SessionStore"
|
|
3
3
|
task :create => [:environment, 'db:load_config'] do
|
|
4
|
-
raise 'Task unavailable to this database (no migration support)' unless ActiveRecord::Base.connection.supports_migrations?
|
|
5
4
|
Rails.application.load_generators
|
|
6
|
-
require '
|
|
7
|
-
|
|
5
|
+
require 'generators/active_record/session_migration_generator'
|
|
6
|
+
ActiveRecord::Generators::SessionMigrationGenerator.start [ ENV['MIGRATION'] || 'add_sessions_table' ]
|
|
8
7
|
end
|
|
9
8
|
|
|
10
9
|
desc "Clear the sessions table"
|
|
11
10
|
task :clear => [:environment, 'db:load_config'] do
|
|
12
|
-
ActiveRecord::Base.connection.execute "
|
|
11
|
+
ActiveRecord::Base.connection.execute "TRUNCATE TABLE #{ActiveRecord::SessionStore::Session.table_name}"
|
|
13
12
|
end
|
|
14
13
|
|
|
15
14
|
desc "Trim old sessions from the table (default: > 30 days)"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: activerecord-session_store
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.1.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- David Heinemeier Hansson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2019-03-23 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activerecord
|
|
@@ -17,9 +17,6 @@ dependencies:
|
|
|
17
17
|
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
19
|
version: '4.0'
|
|
20
|
-
- - "<"
|
|
21
|
-
- !ruby/object:Gem::Version
|
|
22
|
-
version: '5.1'
|
|
23
20
|
type: :runtime
|
|
24
21
|
prerelease: false
|
|
25
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -27,9 +24,6 @@ dependencies:
|
|
|
27
24
|
- - ">="
|
|
28
25
|
- !ruby/object:Gem::Version
|
|
29
26
|
version: '4.0'
|
|
30
|
-
- - "<"
|
|
31
|
-
- !ruby/object:Gem::Version
|
|
32
|
-
version: '5.1'
|
|
33
27
|
- !ruby/object:Gem::Dependency
|
|
34
28
|
name: actionpack
|
|
35
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -37,9 +31,6 @@ dependencies:
|
|
|
37
31
|
- - ">="
|
|
38
32
|
- !ruby/object:Gem::Version
|
|
39
33
|
version: '4.0'
|
|
40
|
-
- - "<"
|
|
41
|
-
- !ruby/object:Gem::Version
|
|
42
|
-
version: '5.1'
|
|
43
34
|
type: :runtime
|
|
44
35
|
prerelease: false
|
|
45
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -47,9 +38,6 @@ dependencies:
|
|
|
47
38
|
- - ">="
|
|
48
39
|
- !ruby/object:Gem::Version
|
|
49
40
|
version: '4.0'
|
|
50
|
-
- - "<"
|
|
51
|
-
- !ruby/object:Gem::Version
|
|
52
|
-
version: '5.1'
|
|
53
41
|
- !ruby/object:Gem::Dependency
|
|
54
42
|
name: railties
|
|
55
43
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -57,9 +45,6 @@ dependencies:
|
|
|
57
45
|
- - ">="
|
|
58
46
|
- !ruby/object:Gem::Version
|
|
59
47
|
version: '4.0'
|
|
60
|
-
- - "<"
|
|
61
|
-
- !ruby/object:Gem::Version
|
|
62
|
-
version: '5.1'
|
|
63
48
|
type: :runtime
|
|
64
49
|
prerelease: false
|
|
65
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
@@ -67,9 +52,6 @@ dependencies:
|
|
|
67
52
|
- - ">="
|
|
68
53
|
- !ruby/object:Gem::Version
|
|
69
54
|
version: '4.0'
|
|
70
|
-
- - "<"
|
|
71
|
-
- !ruby/object:Gem::Version
|
|
72
|
-
version: '5.1'
|
|
73
55
|
- !ruby/object:Gem::Dependency
|
|
74
56
|
name: rack
|
|
75
57
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -124,20 +106,6 @@ dependencies:
|
|
|
124
106
|
- - ">="
|
|
125
107
|
- !ruby/object:Gem::Version
|
|
126
108
|
version: '0'
|
|
127
|
-
- !ruby/object:Gem::Dependency
|
|
128
|
-
name: appraisal
|
|
129
|
-
requirement: !ruby/object:Gem::Requirement
|
|
130
|
-
requirements:
|
|
131
|
-
- - "~>"
|
|
132
|
-
- !ruby/object:Gem::Version
|
|
133
|
-
version: 2.1.0
|
|
134
|
-
type: :development
|
|
135
|
-
prerelease: false
|
|
136
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
137
|
-
requirements:
|
|
138
|
-
- - "~>"
|
|
139
|
-
- !ruby/object:Gem::Version
|
|
140
|
-
version: 2.1.0
|
|
141
109
|
description:
|
|
142
110
|
email: david@loudthinking.com
|
|
143
111
|
executables: []
|
|
@@ -180,8 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
180
148
|
- !ruby/object:Gem::Version
|
|
181
149
|
version: '0'
|
|
182
150
|
requirements: []
|
|
183
|
-
|
|
184
|
-
rubygems_version: 2.5.1
|
|
151
|
+
rubygems_version: 3.0.3
|
|
185
152
|
signing_key:
|
|
186
153
|
specification_version: 4
|
|
187
154
|
summary: An Action Dispatch session store backed by an Active Record class.
|