activerecord-session_store 1.0.0 → 1.1.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.

This version of activerecord-session_store might be problematic. Click here for more details.

Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +21 -6
  3. data/lib/active_record/session_store.rb +13 -0
  4. data/lib/active_record/session_store/session.rb +8 -2
  5. data/lib/active_record/session_store/version.rb +1 -1
  6. data/lib/tasks/database.rake +3 -3
  7. metadata +9 -9
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: c0920d7a8356d636009b0ab31c27a96cbaad5f1b
4
- data.tar.gz: f395a9a6b74ed0c90120e971f91ea1bc5087b62f
3
+ metadata.gz: 199bab6eabd1c53a61809255dd6fafd4ecfeffd1
4
+ data.tar.gz: fd10f4a954606f18f6d1d706d8f71d510eaa855b
5
5
  SHA512:
6
- metadata.gz: e5c6788589a3c53391308c31718e1c8bf181b2bf7180ad70a1720cd9129815e5f77043ad4b51efec0b3ebbc404c4132fab404bb8a76880570c89d1948e76958d
7
- data.tar.gz: b7f0155f5446dbadf8a5c9dca98a42f24615015035991402810908b28d7fce21257eb7264c046c7596902b8a5f55f2501820541d269358c8f62d7da97067affc
6
+ metadata.gz: 02175400f0fd3cb44160b71d440241ad97224dc48d20e9fbbbbffb28ba9364b7880446b71a62c34297b5ddb16cd75e6bc04d0940549e74f72ebc0f3672871695
7
+ data.tar.gz: f5e2b9522e09858fbeafe2dff0298ca80fef72c822282141a11c01eb147164afa86cbc5cdeb1a20ba4f790109eacfce3359ce2920932d04903cede2270fade96
data/README.md CHANGED
@@ -18,12 +18,23 @@ Run the migration generator:
18
18
 
19
19
  rails generate active_record:session_migration
20
20
 
21
+ Run the migration:
22
+
23
+ rake db:migrate
24
+
21
25
  Then, set your session store in `config/initializers/session_store.rb`:
22
26
 
23
27
  ```ruby
24
28
  Rails.application.config.session_store :active_record_store, :key => '_my_app_session'
25
29
  ```
26
30
 
31
+ To avoid your sessions table expanding without limit as it will store expired and
32
+ potentially sensitive session data, it is strongly recommended in production
33
+ environments to schedule the `db:sessions:trim` rake task to run daily.
34
+ Running `bin/rake db:sessions:trim` will delete all sessions that have not
35
+ been updated in the last 30 days. The 30 days cutoff can be changed using the
36
+ `SESSION_DAYS_TRIM_THRESHOLD` environment variable.
37
+
27
38
  Configuration
28
39
  --------------
29
40
 
@@ -31,7 +42,8 @@ The default assumes a `sessions` tables with columns:
31
42
 
32
43
  * `id` (numeric primary key),
33
44
  * `session_id` (string, usually varchar; maximum length is 255), and
34
- * `data` (text or longtext; careful if your session data exceeds 65KB).
45
+ * `data` (text, longtext, json or jsonb); careful if your session data exceeds
46
+ 65KB).
35
47
 
36
48
  The `session_id` column should always be indexed for speedy lookups.
37
49
  Session data is marshaled to the `data` column in Base64 format.
@@ -53,11 +65,14 @@ having a separate `id` column if you don't want it. However, you must
53
65
  set `session.model.id = session.session_id` by hand! A before filter
54
66
  on ApplicationController is a good place.
55
67
 
56
- The serializer may be one of `marshal`, `json`, or `hybrid`. `marshal` is
57
- the default and uses the built-in Marshal methods coupled with Base64
58
- encoding. `json` does what it says on the tin, using the `parse()` and
59
- `generate()` methods of the JSON module. `hybrid` will read either type
60
- but write as JSON.
68
+ The serializer may be class responding to `#load(value)` and `#dump(value)`, or
69
+ a symbol of `marshal`, `json`, `hybrid` or `null`. `marshal` is the default and
70
+ uses the built-in Marshal methods coupled with Base64 encoding. `json` does
71
+ what it says on the tin, using the `parse()` and `generate()` methods of the
72
+ JSON module. `hybrid` will read either type but write as JSON. `null` will
73
+ not perform serialization, leaving that up to the ActiveRecord database
74
+ adapter. This allows you to take advantage of the native JSON capabilities of
75
+ your database.
61
76
 
62
77
  Since the default class is a simple Active Record, you get timestamps
63
78
  for free if you add `created_at` and `updated_at` datetime columns to
data/lib/active_record/session_store.rb CHANGED
@@ -47,6 +47,8 @@ module ActiveRecord
47
47
  JsonSerializer
48
48
  when :hybrid then
49
49
  HybridSerializer
50
+ when :null then
51
+ NullSerializer
50
52
  else
51
53
  self.serializer
52
54
  end
@@ -91,6 +93,17 @@ module ActiveRecord
91
93
  value.start_with?(MARSHAL_SIGNATURE)
92
94
  end
93
95
  end
96
+
97
+ # Defer serialization to the ActiveRecord database adapter
98
+ class NullSerializer
99
+ def self.load(value)
100
+ value
101
+ end
102
+
103
+ def self.dump(value)
104
+ value
105
+ end
106
+ end
94
107
  end
95
108
  end
96
109
  end
data/lib/active_record/session_store/session.rb CHANGED
@@ -80,7 +80,10 @@ module ActiveRecord
80
80
 
81
81
  private
82
82
  def serialize_data!
83
- return false unless loaded?
83
+ unless loaded?
84
+ return false if Rails::VERSION::MAJOR < 5
85
+ throw :abort
86
+ end
84
87
  write_attribute(@@data_column_name, self.class.serialize(data))
85
88
  end
86
89
 
@@ -88,7 +91,10 @@ module ActiveRecord
88
91
  # larger than the data storage column. Raises
89
92
  # ActionController::SessionOverflowError.
90
93
  def raise_on_session_data_overflow!
91
- return false unless loaded?
94
+ unless loaded?
95
+ return false if Rails::VERSION::MAJOR < 5
96
+ throw :abort
97
+ end
92
98
  limit = self.class.data_column_size_limit
93
99
  if limit and read_attribute(@@data_column_name).size > limit
94
100
  raise ActionController::SessionOverflowError
data/lib/active_record/session_store/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module ActiveRecord
2
2
  module SessionStore
3
- VERSION = '1.0.0'
3
+ VERSION = '1.1.0'
4
4
  end
5
5
  end
data/lib/tasks/database.rake CHANGED
@@ -3,13 +3,13 @@ namespace 'db:sessions' do
3
3
  task :create => [:environment, 'db:load_config'] do
4
4
  raise 'Task unavailable to this database (no migration support)' unless ActiveRecord::Base.connection.supports_migrations?
5
5
  Rails.application.load_generators
6
- require 'rails/generators/rails/session_migration/session_migration_generator'
7
- Rails::Generators::SessionMigrationGenerator.start [ ENV['MIGRATION'] || 'add_sessions_table' ]
6
+ require 'generators/active_record/session_migration_generator'
7
+ ActiveRecord::Generators::SessionMigrationGenerator.start [ ENV['MIGRATION'] || 'add_sessions_table' ]
8
8
  end
9
9
 
10
10
  desc "Clear the sessions table"
11
11
  task :clear => [:environment, 'db:load_config'] do
12
- ActiveRecord::Base.connection.execute "DELETE FROM #{ActiveRecord::SessionStore::Session.table_name}"
12
+ ActiveRecord::Base.connection.execute "TRUNCATE TABLE #{ActiveRecord::SessionStore::Session.table_name}"
13
13
  end
14
14
 
15
15
  desc "Trim old sessions from the table (default: > 30 days)"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activerecord-session_store
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0
4
+ version: 1.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - David Heinemeier Hansson
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-05-16 00:00:00.000000000 Z
11
+ date: 2017-05-11 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: activerecord
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '4.0'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '5.1'
22
+ version: '5.2'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '4.0'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '5.1'
32
+ version: '5.2'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: actionpack
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -39,7 +39,7 @@ dependencies:
39
39
  version: '4.0'
40
40
  - - "<"
41
41
  - !ruby/object:Gem::Version
42
- version: '5.1'
42
+ version: '5.2'
43
43
  type: :runtime
44
44
  prerelease: false
45
45
  version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
49
49
  version: '4.0'
50
50
  - - "<"
51
51
  - !ruby/object:Gem::Version
52
- version: '5.1'
52
+ version: '5.2'
53
53
  - !ruby/object:Gem::Dependency
54
54
  name: railties
55
55
  requirement: !ruby/object:Gem::Requirement
@@ -59,7 +59,7 @@ dependencies:
59
59
  version: '4.0'
60
60
  - - "<"
61
61
  - !ruby/object:Gem::Version
62
- version: '5.1'
62
+ version: '5.2'
63
63
  type: :runtime
64
64
  prerelease: false
65
65
  version_requirements: !ruby/object:Gem::Requirement
@@ -69,7 +69,7 @@ dependencies:
69
69
  version: '4.0'
70
70
  - - "<"
71
71
  - !ruby/object:Gem::Version
72
- version: '5.1'
72
+ version: '5.2'
73
73
  - !ruby/object:Gem::Dependency
74
74
  name: rack
75
75
  requirement: !ruby/object:Gem::Requirement
@@ -181,7 +181,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
181
181
  version: '0'
182
182
  requirements: []
183
183
  rubyforge_project:
184
- rubygems_version: 2.5.1
184
+ rubygems_version: 2.5.2
185
185
  signing_key:
186
186
  specification_version: 4
187
187
  summary: An Action Dispatch session store backed by an Active Record class.