architect-functions 0.4.0 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/architect/http.rb +34 -4
- metadata +1 -1
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ae0b9f06545ba09f213b21faf0311bf865e2b7e92d3409453c7a63f542572582
|
4
|
+
data.tar.gz: 720205c50fb4c36b22fd38275d91c542c1f5e2648b923fd5a2de23599e3e60d3
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c266611780bdae97daa7445fc9ad6a7153a930c5ba61cf3907b4060899d2afbc0a806540618ca09aee9bb758b4f26b8653aa8371a5283a8730aff60cc7fdcf0b
|
7
|
+
data.tar.gz: 1f64be0ef1a8b1cb1da2c4e75316f595aefd665c14883dfb7a3e1292a535edae838e7e2c5c50519f6a7bef8913bb122c983374e004778d6d6154bd6f9e526958
|
data/lib/architect/http.rb
CHANGED
@@ -1,11 +1,41 @@
|
|
1
|
+
require 'jwe'
|
2
|
+
require 'json'
|
3
|
+
require 'cgi'
|
4
|
+
|
1
5
|
module Arc
|
2
6
|
module HTTP
|
3
7
|
module Session
|
4
|
-
|
5
|
-
|
8
|
+
|
9
|
+
def self.read(request)
|
10
|
+
|
11
|
+
# look for the headers and return if theres nothing
|
12
|
+
raw = request[:headers][:cookie] || false
|
13
|
+
return {} if raw == false
|
14
|
+
|
15
|
+
# if we found cookie parse it; bail if _idx is missing
|
16
|
+
parsed = raw.split(/=|;/)
|
17
|
+
return {} unless parsed.include? '_idx'
|
18
|
+
|
19
|
+
# return the decrypted payload
|
20
|
+
payload = parsed[parsed.index('_idx') + 1]
|
21
|
+
key = ENV['ARC_APP_SECRET'] || 'MDAwMDAwMDAwMDAwMDAwMA=='[0..15]
|
22
|
+
JSON.parse(JWE.decrypt(payload, key))
|
6
23
|
end
|
7
|
-
|
8
|
-
|
24
|
+
|
25
|
+
def self.write(payload)
|
26
|
+
key = ENV['ARC_APP_SECRET'] || 'MDAwMDAwMDAwMDAwMDAwMA=='[0..15]
|
27
|
+
encrypted = JWE.encrypt(payload.to_json, key, alg: 'dir', enc: 'A128GCM')
|
28
|
+
maxAge = Time.at 788400000 * 1000
|
29
|
+
CGI::Cookie.new(
|
30
|
+
'name'=> '_idx',
|
31
|
+
'value'=> encrypted,
|
32
|
+
'maxAge'=> maxAge,
|
33
|
+
'expires'=> maxAge,
|
34
|
+
'secure'=> true,
|
35
|
+
'httpOnly'=> true,
|
36
|
+
'path'=> '/',
|
37
|
+
'sameSite'=> 'lax'
|
38
|
+
).to_s
|
9
39
|
end
|
10
40
|
end
|
11
41
|
end
|