db2_session 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: '039f272c992e4e9b8607c4bff79e97bd7dda2a00d9b7107179243924dd5939fc'
+  data.tar.gz: 10d194bbcdb32e25053e8b9f4d80f8d6e566a6d051a2f71ac7380178672b884a
+SHA512:
+  metadata.gz: a1d040ffb51ab21b8f82ecb4acee30466a0afe9b7d0adf3d2a9c0ac8ed3ea891a5eba5f838ca7852ebdf750064c8777e2e3440d0a2e012a14cd8e84f766edb7c
+  data.tar.gz: 5cb62c6e9733c5f34894561f68272c39f187f8a8bf121282ae283eb8c9f6b3f25cd67e7d114209f3065e84b36c2e714cdc98c5abfc8d1a9379de8b3f78bdb954

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2021 yohanes_o_lumentut
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,186 @@
+# Db2Session
+
+[![Gem Version](https://badge.fury.io/rb/db2_session.svg)](https://badge.fury.io/rb/db2_session)
+
+A Rails 5 & Rails 6 plugin for managing queries by sessions of authenticated db2 (i-series) multi-users on a remote db2 server.
+
+## Installation
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'db2_session'
+```
+
+And then execute:
+```bash
+$ bundle
+```
+
+Or install it yourself as:
+```bash
+$ gem install db2_session
+```
+## Usage
+This plugin highly depends on [Db2Query](https://github.com/yohaneslumentut/db2_query). Where **Db2Query** is responsible to manage database queries and **Db2Session** is only responsible to manage user sessions in the controllers of each query.
+
+Note: Please do the Db2Query [**Installation**](https://github.com/yohaneslumentut/db2_query#1-installation) & [**Initialization**](https://github.com/yohaneslumentut/db2_query#2-initialization) steps before move to the next section.
+
+Rules:
+> 1. **Queries** have to extend ApplicationQuery, an abstract query, which inherit all attributes and methods required from Db2Session::ApplicationQuery
+> 2. **Controllers** have to extend Db2Controller, an abstract controller, which inherit all attributes and methods required from Db2Session::ApplicationController 
+
+### Mount Engine Authentication Path
+To be able to use the **authentication** path, mount the engine at your application `config/routes.rb`
+```ruby
+Rails.application.routes.draw do
+  mount Db2Session::Engine => "/db2_session"
+  ...
+end
+```
+The `db2_session/login` and `db2_session/logout` path is now available at `rails routes`
+
+```bash
+$ rails routes
+     Prefix Verb URI Pattern           Controller#Action
+db2_session      /db2_session          Db2Session::Engine
+...
+Routes for Db2Session::Engine:
+      login POST /login(.:format)      db2_session/sessions#new
+     logout GET  /logout(.:format)     db2_session/sessions#delete
+...
+```
+
+### Query By User Session
+**Db2Query** use only one user which is hardcoded at `config/db2query.yml`. Here, at Db2Session query, multi-user can make requests and queries by using their own db2 credential that is securely attached at connection client instance. The plugin will assign the connection to the related user on each request based on an attached token that was created during the `login` process.
+
+Create an abstract query, here we use `ApplicationQuery` that extend `Db2Session::ApplicationQuery`. All of your query class have to extend this class. 
+
+```ruby
+class ApplicationQuery < Db2Session::ApplicationQuery
+  def self.inherited(subclass)
+    subclass.define_query_definitions
+  end
+end
+```
+
+Then create a `Db2ConnectionQuery` that inherit from `ApplicationQUery`
+
+```bash
+$ rails g query connection --defines status
+```
+```ruby
+# app/queries/db2_connection_query.rb
+class Db2ConnectionQuery < ApplicationQuery
+  def status_sql
+    "SELECT 1 AS CONNECTED FROM SYSIBM.SYSDUMMY1"
+  end
+end
+```
+Update the definitions:
+```ruby
+# app/queries/definitions/db2_connection_query_definitions.rb
+module Definitions
+  class Db2ConnectionQueryDefinitions < Db2Query::Definitions
+    def describe
+      query_definition :status do |c|
+        c.connected :boolean
+      end
+    end
+  end
+end
+
+```
+
+### Session Controller
+
+Next, create a `Db2Controller` as a base controller and `Db2ConnectionController` that extend `Db2Controller`  where we can render `Db2ConnectionQuery.status`.
+
+```ruby
+# app/controllers/db2_controller.rb
+class Db2Controller < Db2Session::ApplicationController
+end
+
+# app/controllers/db2_connection_controller.rb
+class Db2ConnectionController < Db2Controller
+  def index
+    status = Db2ConnectionQuery.status
+    render json: {
+      data: {
+        user: Db2ConnectionQuery.connection.userid,
+        trx_time: Db2ConnectionQuery.connection.trx_time,
+        connected: status.connected
+      }
+    }
+  end
+end
+```
+Add the route at `config/routes`:
+```ruby
+Rails.application.routes.draw do
+  mount Db2Session::Engine => "/db2_session"
+  get "/db2_connection", to: "db2_connection#index"
+end
+
+```
+
+Then check whether the `db2_connection_path` already listed at application routes. 
+```bash
+$ rails routes
+         Prefix Verb URI Pattern               Controller#Action
+    db2_session      /db2_session              Db2Session::Engine
+ db2_connection GET  /db2_connection(.:format) db2_connection#index
+
+Routes for Db2Session::Engine:
+          login POST /login(.:format)          db2_session/sessions#new
+         logout GET  /logout(.:format)         db2_session/sessions#delete
+```
+
+### Authenticate a Request
+
+First, run your development server
+```bash
+$ rails s
+```
+Post a login request with Db2 `userid` and `password` data to get a token.
+
+```bash
+$ curl -XPOST -i -H "Content-Type: application/json" -d '{ "userid": "YOHANES", "password": "XXXXXX" }' http://localhost:3000/db2_session/login
+```
+The installation success if you see response as follow:
+```bash
+HTTP/1.1 200 OK 
+X-Frame-Options: SAMEORIGIN
+X-Xss-Protection: 1; mode=block
+X-Content-Type-Options: nosniff
+X-Download-Options: noopen
+X-Permitted-Cross-Domain-Policies: none
+Referrer-Policy: strict-origin-when-cross-origin
+Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fa2V5Ijo0NzM0Mzg2MTIzNTE2MH19.KW5NZo43WT47QiKrXvVyRd2kovY1Y53fSabU2BIx5nc
+Content-Type: application/json; charset=utf-8
+Vary: Accept
+Etag: W/"883b4f34583e448cb88bf7c2146dc445"
+Cache-Control: max-age=0, private, must-revalidate
+X-Request-Id: 9411f926-404d-4b6c-9b4e-349b02560cfa
+X-Runtime: 0.259895
+Server: WEBrick/1.4.2 (Ruby/2.6.4/2019-08-28)
+Date: Fri, 13 Aug 2021 04:58:15 GMT
+Content-Length: 35
+Connection: Keep-Alive
+
+{"message":"YOHANES are logged in."}
+```
+Copy the Authorization Bearer token, and use it to check connection status.
+```bash
+$ curl -XGET -H "Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb25fa2V5Ijo0NzM0Mzg2MTIzNTE2MH19.KW5NZo43WT47QiKrXvVyRd2kovY1Y53fSabU2BIx5nc" -H "Content-Type: application/json" http://localhost:3000/db2_connection
+```
+Note: Replace the token with your own token that generated during login process.
+
+Then the response will be as follow:
+```ruby
+ {"data":{"user":"YOHANES","trx_time":14556.481167844,"connected":true}}
+```
+
+Now the token can be use on each request to your application.
+
+## License
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+require "bundler/setup"
+
+APP_RAKEFILE = File.expand_path("test/dummy/Rakefile", __dir__)
+load "rails/tasks/engine.rake"
+
+load "rails/tasks/statistics.rake"
+
+require "bundler/gem_tasks"
+
+require "rake/testtask"
+
+Rake::TestTask.new(:test) do |t|
+  t.libs << "test"
+  t.pattern = "test/**/*_test.rb"
+  t.verbose = false
+end
+
+task default: :test

data/app/controllers/db2_session/application_controller.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Db2Session
+  class ApplicationController < ActionController::API
+    include Db2Session::Manager
+    around_action :authenticate!
+  end
+end

data/app/controllers/db2_session/sessions_controller.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Db2Session
+  class SessionsController < ApplicationController
+    skip_around_action :authenticate!, only: [:new]
+    before_action :flush_idling_connections!, only: [:new]
+
+    def new
+      connection = create_new_connection
+      response.set_header("Authorization", "Bearer #{token(connection.object_id)}")
+      render json: { message: "#{params[:userid]} are logged in." }
+    rescue Db2Query::ConnectionError => e
+      render json: { message: e.message }, status: :unauthorized
+    end
+
+    def delete
+      request_key.tap do |key|
+        connection = sessions.fetch(key)
+        connection.disconnect!
+        sessions.delete_pair(key, connection)
+      end
+      render json: { message: "You are logged out." }, status: :ok
+    end
+  end
+end

data/app/queries/db2_session/application_query.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module Db2Session
+  class ApplicationQuery
+    include Db2Query::Config
+    include Db2Query::Helper
+    include Db2Query::DbConnection
+    include Db2Query::FieldType
+    include Db2Query::Core
+
+    def self.establish_connection
+      load_database_configurations
+    end
+
+    def self.connection
+      Thread.current[:connection]
+    end
+  end
+end

data/config/routes.rb

@@ -0,0 +1,6 @@
+# frozen_string_literal: true
+
+Db2Session::Engine.routes.draw do
+  post "/login", to: "sessions#new"
+  get "/logout", to: "sessions#delete"
+end

data/lib/db2_session.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+require "db2_query"
+require "jwt"
+require "securerandom"
+require "db2_session/engine"
+
+module Db2Session
+  autoload :Version, "db2_session/version"
+  autoload :Connection, "db2_session/connection"
+  autoload :DbClient, "db2_session/db_client"
+  autoload :Manager, "db2_session/manager"
+end

data/lib/db2_session/connection.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Db2Session
+  class Connection < Db2Query::Connection
+    attr_accessor :trx_time, :userid
+
+    def initialize(config, userid, password)
+      super(config)
+      @userid = userid
+      singleton_class.define_method(:new_dbclient) do
+        DbClient.new(config, userid, password)
+      end
+      verify_db_connection
+    end
+
+    def create_connection_pool
+      synchronize do
+        return @connection_pool if @connection_pool
+        @connection_pool = Pool.new(pool_config) { new_dbclient }
+      end
+    end
+
+    private
+      def verify_db_connection
+        with { |conn| true }
+      end
+  end
+end

data/lib/db2_session/db_client.rb

@@ -0,0 +1,33 @@
+# frozen_string_literal: true
+
+module Db2Session
+  class DbClient < Db2Query::DbClient
+    def initialize(config, userid, password)
+      @dsn = config[:dsn]
+      @idle_time_limit = config[:idle] || 5
+      define_authenticated_client(userid, password)
+      @client = authenticated_client
+      @last_transaction = Time.now
+    end
+
+    def define_authenticated_client(userid, password)
+      singleton_class.define_method(:authenticated_client) do
+        new_client(userid, password)
+      end
+    end
+
+    def new_client(userid, password)
+      ODBC.connect(dsn, userid, password).tap do |odbc_conn|
+        odbc_conn.use_time = true
+        odbc_conn.use_utc = is_utc?
+      end
+    rescue ::ODBC::Error => e
+      raise Db2Query::ConnectionError.new(e.message)
+    end
+
+    def reconnect!
+      disconnect!
+      @client = authenticated_client
+    end
+  end
+end

data/lib/db2_session/engine.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Db2Session
+  class Engine < ::Rails::Engine
+    isolate_namespace Db2Session
+    config.generators.api_only = true
+  end
+end

data/lib/db2_session/manager.rb

@@ -0,0 +1,75 @@
+# frozen_string_literal: true
+
+module Db2Session
+  module Manager
+    mattr_reader :sessions
+    @@sessions = Concurrent::Map.new
+
+    mattr_reader :hmac_secret
+    @@hmac_secret = SecureRandom.hex(64)
+
+    def db2_config
+      Db2Query::Base.config
+    end
+
+    def authenticate!
+      Thread.current[:connection] = current_connection
+      yield
+    rescue Exception => e
+      render json: { message: e.message }, status: :unauthorized
+    ensure
+      Thread.current[:connection] = nil
+    end
+
+    def create_new_connection
+      new_session_connection.tap do |connection|
+        sessions.fetch_or_store(connection.object_id, connection)
+      end
+    end
+
+    def flush_idling_connections!
+      sessions.each_pair do |key, conn|
+        sessions.delete_pair(key, conn) if idle_connection?(conn)
+      end
+    end
+
+    private
+      def payload(key)
+        { data: { session_key: key } }
+      end
+
+      def token(key)
+        JWT.encode payload(key), hmac_secret, "HS256"
+      end
+
+      def request_token
+        request.authorization.split(" ").last
+      end
+
+      def decoded_token
+        JWT.decode request_token, hmac_secret, true, { algorithm: "HS256" }
+      end
+
+      def request_key
+        decoded_token.first["data"].transform_keys(&:to_sym)[:session_key]
+      end
+
+      def idle_connection?(conn)
+        current_time - conn.trx_time > 30 * 60
+      end
+
+      def new_session_connection
+        Db2Session::Connection.new(db2_config, params[:userid], params[:password])
+      end
+
+      def current_time
+        Process.clock_gettime(Process::CLOCK_MONOTONIC)
+      end
+
+      def current_connection
+        sessions.fetch(request_key).tap do |conn|
+          conn.trx_time = current_time
+        end
+      end
+  end
+end

data/lib/db2_session/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Db2Session
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,200 @@
+--- !ruby/object:Gem::Specification
+name: db2_session
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- yohanes_o_lumentut
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2021-08-13 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: tty-progressbar
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: faker
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: db2_query
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.2
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 0.3.2
+- !ruby/object:Gem::Dependency
+  name: jwt
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: securerandom
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description: A Rails 5 & Rails 6 plugin for handling Db2 API request by using JWT
+  token.
+email:
+- yohanes.lumentut@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.md
+- Rakefile
+- app/controllers/db2_session/application_controller.rb
+- app/controllers/db2_session/sessions_controller.rb
+- app/queries/db2_session/application_query.rb
+- config/routes.rb
+- lib/db2_session.rb
+- lib/db2_session/connection.rb
+- lib/db2_session/db_client.rb
+- lib/db2_session/engine.rb
+- lib/db2_session/manager.rb
+- lib/db2_session/version.rb
+homepage: https://github.com/yohaneslumentut/db2_session
+licenses:
+- MIT
+metadata:
+  homepage_uri: https://github.com/yohaneslumentut/db2_session
+  source_code_uri: https://github.com/yohaneslumentut/db2_session
+  changelog_uri: https://github.com/yohaneslumentut/db2_session
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.0.3
+signing_key: 
+specification_version: 4
+summary: Rails Db2 API session manager plugin
+test_files: []