activerecord-session_store 1.0.0 → 1.1.3

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of activerecord-session_store might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: c0920d7a8356d636009b0ab31c27a96cbaad5f1b
4
- data.tar.gz: f395a9a6b74ed0c90120e971f91ea1bc5087b62f
2
+ SHA256:
3
+ metadata.gz: af08a0134b3e5a615c2d9f400c30c9d0b4f5327e21c1254f49cfec775ef73732
4
+ data.tar.gz: f6dd6871a3df37d22cc652b54b3f76f41746d9f0c5e01920984a3bcc6d516cf6
5
5
  SHA512:
6
- metadata.gz: e5c6788589a3c53391308c31718e1c8bf181b2bf7180ad70a1720cd9129815e5f77043ad4b51efec0b3ebbc404c4132fab404bb8a76880570c89d1948e76958d
7
- data.tar.gz: b7f0155f5446dbadf8a5c9dca98a42f24615015035991402810908b28d7fce21257eb7264c046c7596902b8a5f55f2501820541d269358c8f62d7da97067affc
6
+ metadata.gz: 300394f621b26e545ba842e3d8c4a78f733cd34768ede33ab07f7f4abfc168fc1fa60c4b10ea47a7046db896395206201e3a0b0aa1680418bd219998ebbd5b46
7
+ data.tar.gz: f4fd30af09711cc74e0a7365c6c529c99a1cd47a4aa91f8c0314deb4eb0cd552d8b3824e497e5d9af86ac110c98f3b9d5865b771af1db12993401774bdfd7422
data/README.md CHANGED
@@ -18,12 +18,23 @@ Run the migration generator:
18
18
 
19
19
  rails generate active_record:session_migration
20
20
 
21
+ Run the migration:
22
+
23
+ rake db:migrate
24
+
21
25
  Then, set your session store in `config/initializers/session_store.rb`:
22
26
 
23
27
  ```ruby
24
28
  Rails.application.config.session_store :active_record_store, :key => '_my_app_session'
25
29
  ```
26
30
 
31
+ To avoid your sessions table expanding without limit as it will store expired and
32
+ potentially sensitive session data, it is strongly recommended in production
33
+ environments to schedule the `db:sessions:trim` rake task to run daily.
34
+ Running `bin/rake db:sessions:trim` will delete all sessions that have not
35
+ been updated in the last 30 days. The 30 days cutoff can be changed using the
36
+ `SESSION_DAYS_TRIM_THRESHOLD` environment variable.
37
+
27
38
  Configuration
28
39
  --------------
29
40
 
@@ -31,7 +42,8 @@ The default assumes a `sessions` tables with columns:
31
42
 
32
43
  * `id` (numeric primary key),
33
44
  * `session_id` (string, usually varchar; maximum length is 255), and
34
- * `data` (text or longtext; careful if your session data exceeds 65KB).
45
+ * `data` (text, longtext, json or jsonb); careful if your session data exceeds
46
+ 65KB).
35
47
 
36
48
  The `session_id` column should always be indexed for speedy lookups.
37
49
  Session data is marshaled to the `data` column in Base64 format.
@@ -53,11 +65,14 @@ having a separate `id` column if you don't want it. However, you must
53
65
  set `session.model.id = session.session_id` by hand! A before filter
54
66
  on ApplicationController is a good place.
55
67
 
56
- The serializer may be one of `marshal`, `json`, or `hybrid`. `marshal` is
57
- the default and uses the built-in Marshal methods coupled with Base64
58
- encoding. `json` does what it says on the tin, using the `parse()` and
59
- `generate()` methods of the JSON module. `hybrid` will read either type
60
- but write as JSON.
68
+ The serializer may be class responding to `#load(value)` and `#dump(value)`, or
69
+ a symbol of `marshal`, `json`, `hybrid` or `null`. `marshal` is the default and
70
+ uses the built-in Marshal methods coupled with Base64 encoding. `json` does
71
+ what it says on the tin, using the `parse()` and `generate()` methods of the
72
+ JSON module. `hybrid` will read either type but write as JSON. `null` will
73
+ not perform serialization, leaving that up to the ActiveRecord database
74
+ adapter. This allows you to take advantage of the native JSON capabilities of
75
+ your database.
61
76
 
62
77
  Since the default class is a simple Active Record, you get timestamps
63
78
  for free if you add `created_at` and `updated_at` datetime columns to
@@ -98,7 +98,7 @@ module ActionDispatch
98
98
  def delete_session(request, session_id, options)
99
99
  logger.silence_logger do
100
100
  if sid = current_session_id(request)
101
- if model = get_session_model(request, sid)
101
+ if model = @@session_class.find_by_session_id(sid)
102
102
  data = model.data
103
103
  model.destroy
104
104
  end
@@ -1,3 +1,4 @@
1
+ require 'active_record'
1
2
  require 'active_record/session_store/version'
2
3
  require 'action_dispatch/session/active_record_store'
3
4
  require "active_record/session_store/extension/logger_silencer"
@@ -6,6 +7,8 @@ require 'multi_json'
6
7
 
7
8
  module ActiveRecord
8
9
  module SessionStore
10
+ autoload :Session, 'active_record/session_store/session'
11
+
9
12
  module ClassMethods # :nodoc:
10
13
  mattr_accessor :serializer
11
14
 
@@ -47,6 +50,8 @@ module ActiveRecord
47
50
  JsonSerializer
48
51
  when :hybrid then
49
52
  HybridSerializer
53
+ when :null then
54
+ NullSerializer
50
55
  else
51
56
  self.serializer
52
57
  end
@@ -91,15 +96,28 @@ module ActiveRecord
91
96
  value.start_with?(MARSHAL_SIGNATURE)
92
97
  end
93
98
  end
99
+
100
+ # Defer serialization to the ActiveRecord database adapter
101
+ class NullSerializer
102
+ def self.load(value)
103
+ value
104
+ end
105
+
106
+ def self.dump(value)
107
+ value
108
+ end
109
+ end
94
110
  end
95
111
  end
96
112
  end
97
113
 
98
- require 'active_record/session_store/session'
114
+ ActiveSupport.on_load(:active_record) do
115
+ require 'active_record/session_store/session'
116
+ end
117
+
99
118
  require 'active_record/session_store/sql_bypass'
100
119
  require 'active_record/session_store/railtie' if defined?(Rails)
101
120
 
102
- ActionDispatch::Session::ActiveRecordStore.session_class = ActiveRecord::SessionStore::Session
103
121
  Logger.send :include, ActiveRecord::SessionStore::Extension::LoggerSilencer
104
122
 
105
123
  begin
@@ -80,7 +80,10 @@ module ActiveRecord
80
80
 
81
81
  private
82
82
  def serialize_data!
83
- return false unless loaded?
83
+ unless loaded?
84
+ return false if Rails::VERSION::MAJOR < 5
85
+ throw :abort
86
+ end
84
87
  write_attribute(@@data_column_name, self.class.serialize(data))
85
88
  end
86
89
 
@@ -88,7 +91,10 @@ module ActiveRecord
88
91
  # larger than the data storage column. Raises
89
92
  # ActionController::SessionOverflowError.
90
93
  def raise_on_session_data_overflow!
91
- return false unless loaded?
94
+ unless loaded?
95
+ return false if Rails::VERSION::MAJOR < 5
96
+ throw :abort
97
+ end
92
98
  limit = self.class.data_column_size_limit
93
99
  if limit and read_attribute(@@data_column_name).size > limit
94
100
  raise ActionController::SessionOverflowError
@@ -97,3 +103,5 @@ module ActiveRecord
97
103
  end
98
104
  end
99
105
  end
106
+
107
+ ActionDispatch::Session::ActiveRecordStore.session_class = ActiveRecord::SessionStore::Session
@@ -1,5 +1,5 @@
1
1
  module ActiveRecord
2
2
  module SessionStore
3
- VERSION = '1.0.0'
3
+ VERSION = "1.1.3".freeze
4
4
  end
5
5
  end
@@ -19,6 +19,10 @@ module ActiveRecord
19
19
  end
20
20
  current_table_name
21
21
  end
22
+
23
+ def migration_version
24
+ "[#{ActiveRecord::Migration.current_version}]" if ActiveRecord::Migration.respond_to?(:current_version)
25
+ end
22
26
  end
23
27
  end
24
28
  end
@@ -1,4 +1,4 @@
1
- class <%= migration_class_name %> < ActiveRecord::Migration
1
+ class <%= migration_class_name %> < ActiveRecord::Migration<%= migration_version %>
2
2
  def change
3
3
  create_table :<%= session_table_name %> do |t|
4
4
  t.string :session_id, :null => false
@@ -1,15 +1,14 @@
1
1
  namespace 'db:sessions' do
2
2
  desc "Creates a sessions migration for use with ActiveRecord::SessionStore"
3
3
  task :create => [:environment, 'db:load_config'] do
4
- raise 'Task unavailable to this database (no migration support)' unless ActiveRecord::Base.connection.supports_migrations?
5
4
  Rails.application.load_generators
6
- require 'rails/generators/rails/session_migration/session_migration_generator'
7
- Rails::Generators::SessionMigrationGenerator.start [ ENV['MIGRATION'] || 'add_sessions_table' ]
5
+ require 'generators/active_record/session_migration_generator'
6
+ ActiveRecord::Generators::SessionMigrationGenerator.start [ ENV['MIGRATION'] || 'add_sessions_table' ]
8
7
  end
9
8
 
10
9
  desc "Clear the sessions table"
11
10
  task :clear => [:environment, 'db:load_config'] do
12
- ActiveRecord::Base.connection.execute "DELETE FROM #{ActiveRecord::SessionStore::Session.table_name}"
11
+ ActiveRecord::Base.connection.execute "TRUNCATE TABLE #{ActiveRecord::SessionStore::Session.table_name}"
13
12
  end
14
13
 
15
14
  desc "Trim old sessions from the table (default: > 30 days)"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activerecord-session_store
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-05-16 00:00:00.000000000 Z
11
+ date: 2019-03-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activerecord
@@ -17,9 +17,6 @@ dependencies:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
19
  version: '4.0'
20
- - - "<"
21
- - !ruby/object:Gem::Version
22
- version: '5.1'
23
20
  type: :runtime
24
21
  prerelease: false
25
22
  version_requirements: !ruby/object:Gem::Requirement
@@ -27,9 +24,6 @@ dependencies:
27
24
  - - ">="
28
25
  - !ruby/object:Gem::Version
29
26
  version: '4.0'
30
- - - "<"
31
- - !ruby/object:Gem::Version
32
- version: '5.1'
33
27
  - !ruby/object:Gem::Dependency
34
28
  name: actionpack
35
29
  requirement: !ruby/object:Gem::Requirement
@@ -37,9 +31,6 @@ dependencies:
37
31
  - - ">="
38
32
  - !ruby/object:Gem::Version
39
33
  version: '4.0'
40
- - - "<"
41
- - !ruby/object:Gem::Version
42
- version: '5.1'
43
34
  type: :runtime
44
35
  prerelease: false
45
36
  version_requirements: !ruby/object:Gem::Requirement
@@ -47,9 +38,6 @@ dependencies:
47
38
  - - ">="
48
39
  - !ruby/object:Gem::Version
49
40
  version: '4.0'
50
- - - "<"
51
- - !ruby/object:Gem::Version
52
- version: '5.1'
53
41
  - !ruby/object:Gem::Dependency
54
42
  name: railties
55
43
  requirement: !ruby/object:Gem::Requirement
@@ -57,9 +45,6 @@ dependencies:
57
45
  - - ">="
58
46
  - !ruby/object:Gem::Version
59
47
  version: '4.0'
60
- - - "<"
61
- - !ruby/object:Gem::Version
62
- version: '5.1'
63
48
  type: :runtime
64
49
  prerelease: false
65
50
  version_requirements: !ruby/object:Gem::Requirement
@@ -67,9 +52,6 @@ dependencies:
67
52
  - - ">="
68
53
  - !ruby/object:Gem::Version
69
54
  version: '4.0'
70
- - - "<"
71
- - !ruby/object:Gem::Version
72
- version: '5.1'
73
55
  - !ruby/object:Gem::Dependency
74
56
  name: rack
75
57
  requirement: !ruby/object:Gem::Requirement
@@ -124,20 +106,6 @@ dependencies:
124
106
  - - ">="
125
107
  - !ruby/object:Gem::Version
126
108
  version: '0'
127
- - !ruby/object:Gem::Dependency
128
- name: appraisal
129
- requirement: !ruby/object:Gem::Requirement
130
- requirements:
131
- - - "~>"
132
- - !ruby/object:Gem::Version
133
- version: 2.1.0
134
- type: :development
135
- prerelease: false
136
- version_requirements: !ruby/object:Gem::Requirement
137
- requirements:
138
- - - "~>"
139
- - !ruby/object:Gem::Version
140
- version: 2.1.0
141
109
  description:
142
110
  email: david@loudthinking.com
143
111
  executables: []
@@ -180,8 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
180
148
  - !ruby/object:Gem::Version
181
149
  version: '0'
182
150
  requirements: []
183
- rubyforge_project:
184
- rubygems_version: 2.5.1
151
+ rubygems_version: 3.0.3
185
152
  signing_key:
186
153
  specification_version: 4
187
154
  summary: An Action Dispatch session store backed by an Active Record class.