brevio-session 0.2.0 → 0.2.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +1 -1
- data/brevio-session.gemspec +2 -2
- data/lib/brevio/session/with_session_login.rb +92 -0
- data/lib/brevio/session.rb +9 -96
- metadata +5 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 97d1fd49360aab5a99bd4191bf1504c9c9b001a582284559373550244432d04b
|
4
|
+
data.tar.gz: 452394130da4b986a42aaf807eb0cb580e7e1ff2f54b79e28224aca4e6915a37
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a673c0227a23ccc2c95104932249bed517cabce3b1ab461a12717dbca74f4e755db44d51c6103126679f3988687942919a88715c7940eb18722f7a5d7534e32d
|
7
|
+
data.tar.gz: b3f17e1adaa4df6f376f0cc20c34ae2332cffe60e0ede1d70d5cf63eb12214f67720e7db981ea901c02f183cb74fbcd00df8d436d84acd59448d5d12f075db89
|
data/Gemfile.lock
CHANGED
data/brevio-session.gemspec
CHANGED
@@ -2,7 +2,7 @@
|
|
2
2
|
|
3
3
|
Gem::Specification.new do |spec|
|
4
4
|
spec.name = 'brevio-session'
|
5
|
-
spec.version = '0.2.
|
5
|
+
spec.version = '0.2.2'
|
6
6
|
spec.authors = ['Brevio AS']
|
7
7
|
spec.email = ['support@brevio.com']
|
8
8
|
spec.files = `git ls-files -z`.split("\0")
|
@@ -17,7 +17,7 @@ Gem::Specification.new do |spec|
|
|
17
17
|
spec.add_development_dependency 'debug', '~> 1.5.0', '<= 1.6.0'
|
18
18
|
spec.add_development_dependency 'rubocop', '~> 1.35'
|
19
19
|
spec.add_dependency 'actionpack', '~> 7.0.3'
|
20
|
-
spec.add_dependency 'redis', '~>
|
20
|
+
spec.add_dependency 'redis', '~> 4.8'
|
21
21
|
spec.add_dependency 'zeitwerk', '~> 2.6.7'
|
22
22
|
spec.metadata['rubygems_mfa_required'] = 'true'
|
23
23
|
end
|
@@ -0,0 +1,92 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
require 'active_support/concern'
|
4
|
+
|
5
|
+
module Brevio::Session
|
6
|
+
module WithSessionLogin
|
7
|
+
extend ActiveSupport::Concern
|
8
|
+
|
9
|
+
# By including this module into a Rails controller you will have access to the convenience methods
|
10
|
+
# fetch_brevio_session(!) and brevio_logged_in? which acts as a wrapper around the decrypting of
|
11
|
+
# predefined session cookies and sessions stored in Redis.
|
12
|
+
#
|
13
|
+
# We also require access to instance attributes like #request and the cookie jar, which are only
|
14
|
+
# available in the context of a controller.
|
15
|
+
#
|
16
|
+
included do
|
17
|
+
unless self <= ActionController::Base || instance_methods.include?(:session)
|
18
|
+
raise 'Included Brevio::Session outside of controller'
|
19
|
+
end
|
20
|
+
end
|
21
|
+
|
22
|
+
# Fetches the Brevio session from Redis, based on the encrypted key stored in the client's cookie.
|
23
|
+
# Returns *nil* if there's no session present.
|
24
|
+
#
|
25
|
+
def fetch_brevio_session
|
26
|
+
brevio_session, redis_key = fetch_session
|
27
|
+
return nil if brevio_session.nil?
|
28
|
+
if brevio_config.debug?
|
29
|
+
brevio_config.logger.info "[brevio-session] Found session #{brevio_session.inspect}"
|
30
|
+
end
|
31
|
+
refresh_session(redis_key) unless params.transform_keys(&:underscore)[:no_session].present?
|
32
|
+
brevio_session
|
33
|
+
rescue RuntimeError => e
|
34
|
+
brevio_config.logger.error "[brevio-session] #{e.message}"
|
35
|
+
nil
|
36
|
+
end
|
37
|
+
|
38
|
+
# Calls the above function, but raises an exception if the session isn't present.
|
39
|
+
def fetch_brevio_session!
|
40
|
+
brevio_session, redis_key = fetch_session
|
41
|
+
raise NilSession, 'Brevio session was nil' if brevio_session.nil?
|
42
|
+
refresh_session(redis_key) unless params.transform_keys(&:underscore)[:no_session].present?
|
43
|
+
brevio_session
|
44
|
+
end
|
45
|
+
|
46
|
+
# Returns a boolean flag indicating whether the current client has a Brevio session cookie set,
|
47
|
+
# and whether this cookie contains a user ID.
|
48
|
+
#
|
49
|
+
def brevio_logged_in?
|
50
|
+
brevio_session, = fetch_session
|
51
|
+
brevio_session&.dig(:user_id).present?
|
52
|
+
end
|
53
|
+
|
54
|
+
private
|
55
|
+
|
56
|
+
def brevio_config
|
57
|
+
Config.config
|
58
|
+
end
|
59
|
+
|
60
|
+
def fetch_session
|
61
|
+
brevio_config.logger.info '[brevio-session] Fetching Brevio session'
|
62
|
+
cookie = request.cookie_jar[brevio_config.session_cookie]
|
63
|
+
redis_key = Cookies::Parse.perform!(cookie)
|
64
|
+
brevio_session = Redis.get(redis_key)
|
65
|
+
raise NilSession if brevio_session.nil?
|
66
|
+
[brevio_session.with_indifferent_access, redis_key]
|
67
|
+
rescue RuntimeError => e
|
68
|
+
brevio_config.logger.error "[brevio-session] --- 💣 Couldn't fetch Brevio session 💣 ---"
|
69
|
+
brevio_config.logger.error "[brevio-session] #{e.message}"
|
70
|
+
nil
|
71
|
+
end
|
72
|
+
|
73
|
+
# Refreshes the Brevio session cookie, avoding its expiry. This is helpful to
|
74
|
+
# ensure the user stays logged in through interacting with the application.
|
75
|
+
#
|
76
|
+
def refresh_session(redis_key)
|
77
|
+
brevio_config.logger.info '[brevio-session] Refreshing Brevio session' if brevio_config.debug?
|
78
|
+
cookies[brevio_config.session_cookie] = {
|
79
|
+
value: request.cookie_jar[brevio_config.session_cookie],
|
80
|
+
domain: :all,
|
81
|
+
expires: brevio_config.session_expire,
|
82
|
+
httponly: true,
|
83
|
+
secure: true
|
84
|
+
}
|
85
|
+
Redis.expire(redis_key, brevio_config.session_expire)
|
86
|
+
rescue RuntimeError => e
|
87
|
+
brevio_config.logger.error "[brevio-session] --- 💣 Couldn't refresh Brevio session 💣 ---"
|
88
|
+
brevio_config.logger.error "[brevio-session] #{e.message}"
|
89
|
+
end
|
90
|
+
|
91
|
+
end
|
92
|
+
end
|
data/lib/brevio/session.rb
CHANGED
@@ -1,101 +1,14 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'active_support/concern'
|
4
|
-
|
5
3
|
module Brevio::Session
|
6
|
-
extend
|
7
|
-
|
8
|
-
#
|
9
|
-
#
|
10
|
-
#
|
11
|
-
#
|
12
|
-
#
|
13
|
-
|
14
|
-
|
15
|
-
included do
|
16
|
-
unless self <= ActionController::Base || instance_methods.include?(:session)
|
17
|
-
raise 'Included Brevio::Session outside of controller'
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
# Fetches the Brevio session from Redis, based on the encrypted key stored in the client's cookie.
|
22
|
-
# Returns *nil* if there's no session present.
|
23
|
-
#
|
24
|
-
def fetch_brevio_session
|
25
|
-
brevio_session, redis_key = fetch_session
|
26
|
-
return nil if brevio_session.nil?
|
27
|
-
if brevio_config.debug?
|
28
|
-
brevio_config.logger.info "[brevio-session] Found session #{brevio_session.inspect}"
|
29
|
-
end
|
30
|
-
refresh_session(redis_key) unless params.transform_keys(&:underscore)[:no_session].present?
|
31
|
-
brevio_session
|
32
|
-
rescue RuntimeError => e
|
33
|
-
brevio_config.logger.error "[brevio-session] #{e.message}"
|
34
|
-
nil
|
35
|
-
end
|
36
|
-
|
37
|
-
# Calls the above function, but raises an exception if the session isn't present.
|
38
|
-
def fetch_brevio_session!
|
39
|
-
brevio_session, redis_key = fetch_session
|
40
|
-
raise NilSession, 'Brevio session was nil' if brevio_session.nil?
|
41
|
-
refresh_session(redis_key) unless params.transform_keys(&:underscore)[:no_session].present?
|
42
|
-
brevio_session
|
43
|
-
end
|
44
|
-
|
45
|
-
# Returns a boolean flag indicating whether the current client has a Brevio session cookie set,
|
46
|
-
# and whether this cookie contains a user ID.
|
47
|
-
#
|
48
|
-
def brevio_logged_in?
|
49
|
-
brevio_session, _ = fetch_session
|
50
|
-
brevio_session&.dig(:user_id).present?
|
51
|
-
end
|
52
|
-
|
53
|
-
private
|
54
|
-
|
55
|
-
def brevio_config
|
56
|
-
Config.config
|
57
|
-
end
|
58
|
-
|
59
|
-
def fetch_session
|
60
|
-
brevio_config.logger.info '[brevio-session] Fetching Brevio session'
|
61
|
-
cookie = request.cookie_jar[brevio_config.session_cookie]
|
62
|
-
redis_key = Cookies::Parse.perform!(cookie)
|
63
|
-
brevio_session = Redis.get(redis_key)
|
64
|
-
raise NilSession if brevio_session.nil?
|
65
|
-
[brevio_session.with_indifferent_access, redis_key]
|
66
|
-
rescue RuntimeError => e
|
67
|
-
brevio_config.logger.error "[brevio-session] --- 💣 Couldn't fetch Brevio session 💣 ---"
|
68
|
-
brevio_config.logger.error "[brevio-session] #{e.message}"
|
69
|
-
nil
|
70
|
-
end
|
71
|
-
|
72
|
-
# Refreshes the Brevio session cookie, avoding its expiry. This is helpful to
|
73
|
-
# ensure the user stays logged in through interacting with the application.
|
74
|
-
#
|
75
|
-
def refresh_session(redis_key)
|
76
|
-
brevio_config.logger.info '[brevio-session] Refreshing Brevio session' if brevio_config.debug?
|
77
|
-
cookies[brevio_config.session_cookie] = {
|
78
|
-
value: request.cookie_jar[brevio_config.session_cookie],
|
79
|
-
domain: :all,
|
80
|
-
expires: brevio_config.session_expire,
|
81
|
-
httponly: true,
|
82
|
-
secure: true
|
83
|
-
}
|
84
|
-
Redis.expire(redis_key, brevio_config.session_expire)
|
85
|
-
rescue RuntimeError => e
|
86
|
-
brevio_config.logger.error "[brevio-session] --- 💣 Couldn't refresh Brevio session 💣 ---"
|
87
|
-
brevio_config.logger.error "[brevio-session] #{e.message}"
|
88
|
-
end
|
89
|
-
|
90
|
-
class << self
|
91
|
-
# Function used to fetch the current audit company session for a given Brevio ID.
|
92
|
-
# This session contains information about an audit company shared by any number of
|
93
|
-
# users. If the audit company has been updated in ID (e.g. changed logo or name), the
|
94
|
-
# database record of the local service (e.g. Confirm/Sign) will fetch the updates if
|
95
|
-
# the timestamp in this session is greater than their own local timestamps.
|
96
|
-
#
|
97
|
-
def audit_company_updated_at(brevio_id)
|
98
|
-
Config.config.redis.get("#{Config::Redis::Prefixes::AUDIT_COMPANY}:#{brevio_id}")
|
99
|
-
end
|
4
|
+
extend self
|
5
|
+
# Function used to fetch the current audit company session for a given Brevio ID.
|
6
|
+
# This session contains information about an audit company shared by any number of
|
7
|
+
# users. If the audit company has been updated in ID (e.g. changed logo or name), the
|
8
|
+
# database record of the local service (e.g. Confirm/Sign) will fetch the updates if
|
9
|
+
# the timestamp in this session is greater than their own local timestamps.
|
10
|
+
#
|
11
|
+
def audit_company_updated_at(brevio_id)
|
12
|
+
Config.config.redis.get("#{Config::Redis::Prefixes::AUDIT_COMPANY}:#{brevio_id}")
|
100
13
|
end
|
101
14
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brevio-session
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Brevio AS
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-10-03 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -78,14 +78,14 @@ dependencies:
|
|
78
78
|
requirements:
|
79
79
|
- - "~>"
|
80
80
|
- !ruby/object:Gem::Version
|
81
|
-
version: '
|
81
|
+
version: '4.8'
|
82
82
|
type: :runtime
|
83
83
|
prerelease: false
|
84
84
|
version_requirements: !ruby/object:Gem::Requirement
|
85
85
|
requirements:
|
86
86
|
- - "~>"
|
87
87
|
- !ruby/object:Gem::Version
|
88
|
-
version: '
|
88
|
+
version: '4.8'
|
89
89
|
- !ruby/object:Gem::Dependency
|
90
90
|
name: zeitwerk
|
91
91
|
requirement: !ruby/object:Gem::Requirement
|
@@ -121,6 +121,7 @@ files:
|
|
121
121
|
- lib/brevio/session/cookies/parse.rb
|
122
122
|
- lib/brevio/session/redis.rb
|
123
123
|
- lib/brevio/session/testing.rb
|
124
|
+
- lib/brevio/session/with_session_login.rb
|
124
125
|
- lib/brevio_session.rb
|
125
126
|
homepage: https://github.com/team-brevio/brevio-session
|
126
127
|
licenses:
|