activerecord-session_store 1.0.0.pre → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e266cfc34f1078245ab5c7b89003a2fba65041d3
-  data.tar.gz: c9f398c65a0511ca359d45c09b824d1af1965142
+  metadata.gz: c0920d7a8356d636009b0ab31c27a96cbaad5f1b
+  data.tar.gz: f395a9a6b74ed0c90120e971f91ea1bc5087b62f
 SHA512:
-  metadata.gz: bc865efe6b4efdb8e448b227787bfcc153069796ec22de12e803293f3798124764aee1b3feb50766248399b15795ab12f5775f273677ef4f841521bb2f825e25
-  data.tar.gz: 930fa087e6dd906fb2d5df43d3131cbe75808e1008e9280a0e67307f257d800ce0d7885987c6382d423361fa2bfb5aa7840b5062f6860b755bcf29a92ca8f518
+  metadata.gz: e5c6788589a3c53391308c31718e1c8bf181b2bf7180ad70a1720cd9129815e5f77043ad4b51efec0b3ebbc404c4132fab404bb8a76880570c89d1948e76958d
+  data.tar.gz: b7f0155f5446dbadf8a5c9dca98a42f24615015035991402810908b28d7fce21257eb7264c046c7596902b8a5f55f2501820541d269358c8f62d7da97067affc

data/README.md

@@ -38,13 +38,14 @@ Session data is marshaled to the `data` column in Base64 format.
 If the data you write is larger than the column's size limit,
 ActionController::SessionOverflowError will be raised.
 
-You may configure the table name, primary key, and data column.
-For example, at the end of `config/application.rb`:
+You may configure the table name, primary key, data column, and
+serializer type. For example, at the end of `config/application.rb`:
 
 ```ruby
 ActiveRecord::SessionStore::Session.table_name = 'legacy_session_table'
 ActiveRecord::SessionStore::Session.primary_key = 'session_id'
 ActiveRecord::SessionStore::Session.data_column_name = 'legacy_session_data'
+ActiveRecord::SessionStore::Session.serializer = :json
 ```
 
 Note that setting the primary key to the `session_id` frees you from
@@ -52,6 +53,12 @@ having a separate `id` column if you don't want it. However, you must
 set `session.model.id = session.session_id` by hand!  A before filter
 on ApplicationController is a good place.
 
+The serializer may be one of `marshal`, `json`, or `hybrid`.  `marshal` is
+the default and uses the built-in Marshal methods coupled with Base64
+encoding.  `json` does what it says on the tin, using the `parse()` and
+`generate()` methods of the JSON module.  `hybrid` will read either type
+but write as JSON.
+
 Since the default class is a simple Active Record, you get timestamps
 for free if you add `created_at` and `updated_at` datetime columns to
 the `sessions` table, making periodic session expiration a snap.

data/lib/action_dispatch/session/active_record_store.rb

@@ -98,10 +98,24 @@ module ActionDispatch
       def delete_session(request, session_id, options)
         logger.silence_logger do
           if sid = current_session_id(request)
-            get_session_model(request, sid).destroy
-            request.env[SESSION_RECORD_KEY] = nil
+            if model = get_session_model(request, sid)
+              data = model.data
+              model.destroy
+            end
+          end
+
+          request.env[SESSION_RECORD_KEY] = nil
+
+          unless options[:drop]
+            new_sid = generate_sid
+
+            if options[:renew]
+              new_model = @@session_class.new(:session_id => new_sid, :data => data)
+              new_model.save
+              request.env[SESSION_RECORD_KEY] = new_model
+            end
+            new_sid
           end
-          generate_sid unless options[:drop]
         end
       end
 

data/lib/active_record/session_store.rb

@@ -1,15 +1,20 @@
+require 'active_record/session_store/version'
 require 'action_dispatch/session/active_record_store'
 require "active_record/session_store/extension/logger_silencer"
+require 'active_support/core_ext/hash/keys'
+require 'multi_json'
 
 module ActiveRecord
   module SessionStore
     module ClassMethods # :nodoc:
-      def marshal(data)
-        ::Base64.encode64(Marshal.dump(data)) if data
+      mattr_accessor :serializer
+
+      def serialize(data)
+        serializer_class.dump(data) if data
       end
 
-      def unmarshal(data)
-        Marshal.load(::Base64.decode64(data)) if data
+      def deserialize(data)
+        serializer_class.load(data) if data
       end
 
       def drop_table!
@@ -33,6 +38,59 @@ module ActiveRecord
         end
         connection.add_index table_name, session_id_column, :unique => true
       end
+
+      def serializer_class
+        case self.serializer
+          when :marshal, nil then
+            MarshalSerializer
+          when :json then
+            JsonSerializer
+          when :hybrid then
+            HybridSerializer
+          else
+            self.serializer
+        end
+      end
+
+      # Use Marshal with Base64 encoding
+      class MarshalSerializer
+        def self.load(value)
+          Marshal.load(::Base64.decode64(value))
+        end
+
+        def self.dump(value)
+          ::Base64.encode64(Marshal.dump(value))
+        end
+      end
+
+      # Uses built-in JSON library to encode/decode session
+      class JsonSerializer
+        def self.load(value)
+          hash = MultiJson.load(value)
+          hash.is_a?(Hash) ? hash.with_indifferent_access[:value] : hash
+        end
+
+        def self.dump(value)
+          MultiJson.dump(value: value)
+        end
+      end
+
+      # Transparently migrates existing session values from Marshal to JSON
+      class HybridSerializer < JsonSerializer
+        MARSHAL_SIGNATURE = 'BAh'.freeze
+
+        def self.load(value)
+          if needs_migration?(value)
+            Marshal.load(::Base64.decode64(value))
+          else
+            super
+          end
+        end
+
+        def self.needs_migration?(value)
+          value.start_with?(MARSHAL_SIGNATURE)
+        end
+      end
     end
   end
 end

data/lib/active_record/session_store/session.rb

@@ -14,7 +14,7 @@ module ActiveRecord
       cattr_accessor :data_column_name
       self.data_column_name = 'data'
 
-      before_save :marshal_data!
+      before_save :serialize_data!
       before_save :raise_on_session_data_overflow!
 
       # This method is defiend in `protected_attributes` gem. We can't check for
@@ -66,9 +66,9 @@ module ActiveRecord
         super
       end
 
-      # Lazy-unmarshal session state.
+      # Lazy-deserialize session state.
       def data
-        @data ||= self.class.unmarshal(read_attribute(@@data_column_name)) || {}
+        @data ||= self.class.deserialize(read_attribute(@@data_column_name)) || {}
       end
 
       attr_writer :data
@@ -79,9 +79,9 @@ module ActiveRecord
       end
 
       private
-        def marshal_data!
+        def serialize_data!
           return false unless loaded?
-          write_attribute(@@data_column_name, self.class.marshal(data))
+          write_attribute(@@data_column_name, self.class.serialize(data))
         end
 
         # Ensures that the data about to be stored in the database is not

data/lib/active_record/session_store/sql_bypass.rb

@@ -7,17 +7,17 @@ module ActiveRecord
     # an example session model class meant as a basis for your own classes.
     #
     # The database connection, table name, and session id and data columns
-    # are configurable class attributes. Marshaling and unmarshaling
+    # are configurable class attributes. Serializing and deserializeing
     # are implemented as class methods that you may override. By default,
-    # marshaling data is
+    # serializing data is
     #
     #   ::Base64.encode64(Marshal.dump(data))
     #
-    # and unmarshaling data is
+    # and deserializing data is
     #
     #   Marshal.load(::Base64.decode64(data))
     #
-    # This marshaling behavior is intended to store the widest range of
+    # This serializing behavior is intended to store the widest range of
     # binary session data in a +text+ column. For higher performance,
     # store in a +blob+ column instead and forgo the Base64 encoding.
     class SqlBypass
@@ -58,10 +58,10 @@ module ActiveRecord
           @connection_pool ||= ActiveRecord::Base.connection_pool
         end
 
-        # Look up a session by id and unmarshal its data if found.
+        # Look up a session by id and deserialize its data if found.
         def find_by_session_id(session_id)
           if record = connection.select_one("SELECT #{connection.quote_column_name(data_column)} AS data FROM #{@@table_name} WHERE #{connection.quote_column_name(@@session_id_column)}=#{connection.quote(session_id.to_s)}")
-            new(:session_id => session_id, :marshaled_data => record['data'])
+            new(:session_id => session_id, :serialized_data => record['data'])
           end
         end
       end
@@ -73,14 +73,14 @@ module ActiveRecord
 
       attr_writer :data
 
-      # Look for normal and marshaled data, self.find_by_session_id's way of
-      # telling us to postpone unmarshaling until the data is requested.
+      # Look for normal and serialized data, self.find_by_session_id's way of
+      # telling us to postpone deserializing until the data is requested.
       # We need to handle a normal data attribute in case of a new record.
       def initialize(attributes)
         @session_id     = attributes[:session_id]
         @data           = attributes[:data]
-        @marshaled_data = attributes[:marshaled_data]
-        @new_record     = @marshaled_data.nil?
+        @serialized_data = attributes[:serialized_data]
+        @new_record     = @serialized_data.nil?
       end
 
       # Returns true if the record is persisted, i.e. it's not a new record
@@ -88,11 +88,11 @@ module ActiveRecord
         !@new_record
       end
 
-      # Lazy-unmarshal session state.
+      # Lazy-deserialize session state.
       def data
         unless @data
-          if @marshaled_data
-            @data, @marshaled_data = self.class.unmarshal(@marshaled_data) || {}, nil
+          if @serialized_data
+            @data, @serialized_data = self.class.deserialize(@serialized_data) || {}, nil
           else
             @data = {}
           end
@@ -106,7 +106,7 @@ module ActiveRecord
 
       def save
         return false unless loaded?
-        marshaled_data = self.class.marshal(data)
+        serialized_data = self.class.serialize(data)
         connect        = connection
 
         if @new_record
@@ -117,12 +117,12 @@ module ActiveRecord
               #{connect.quote_column_name(data_column)} )
             VALUES (
               #{connect.quote(session_id)},
-              #{connect.quote(marshaled_data)} )
+              #{connect.quote(serialized_data)} )
           end_sql
         else
           connect.update <<-end_sql, 'Update session'
             UPDATE #{table_name}
-            SET #{connect.quote_column_name(data_column)}=#{connect.quote(marshaled_data)}
+            SET #{connect.quote_column_name(data_column)}=#{connect.quote(serialized_data)}
             WHERE #{connect.quote_column_name(session_id_column)}=#{connect.quote(session_id)}
           end_sql
         end

data/lib/active_record/session_store/version.rb

@@ -0,0 +1,5 @@
+module ActiveRecord
+  module SessionStore
+    VERSION = '1.0.0'
+  end
+end

data/lib/tasks/database.rake

@@ -11,4 +11,12 @@ namespace 'db:sessions' do
   task :clear => [:environment, 'db:load_config'] do
     ActiveRecord::Base.connection.execute "DELETE FROM #{ActiveRecord::SessionStore::Session.table_name}"
   end
+
+  desc "Trim old sessions from the table (default: > 30 days)"
+  task :trim => [:environment, 'db:load_config'] do
+    cutoff_period = (ENV['SESSION_DAYS_TRIM_THRESHOLD'] || 30).to_i.days.ago
+    ActiveRecord::SessionStore::Session.
+      where("updated_at < ?", cutoff_period).
+      delete_all
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: activerecord-session_store
 version: !ruby/object:Gem::Version
-  version: 1.0.0.pre
+  version: 1.0.0
 platform: ruby
 authors:
 - David Heinemeier Hansson
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-04-07 00:00:00.000000000 Z
+date: 2016-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activerecord
@@ -90,6 +90,26 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3'
+- !ruby/object:Gem::Dependency
+  name: multi_json
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.11.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.11'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.11.2
 - !ruby/object:Gem::Dependency
   name: sqlite3
   requirement: !ruby/object:Gem::Requirement
@@ -134,6 +154,7 @@ files:
 - lib/active_record/session_store/railtie.rb
 - lib/active_record/session_store/session.rb
 - lib/active_record/session_store/sql_bypass.rb
+- lib/active_record/session_store/version.rb
 - lib/activerecord/session_store.rb
 - lib/generators/active_record/session_migration_generator.rb
 - lib/generators/active_record/templates/migration.rb
@@ -155,9 +176,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 1.9.3
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">"
+  - - ">="
     - !ruby/object:Gem::Version
-      version: 1.3.1
+      version: '0'
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.5.1