encrypted_cookie_store-instructure 1.0.1 → 1.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (3) hide show
  1. data/encrypted_cookie_store-instructure.gemspec +1 -1
  2. data/lib/encrypted_cookie_store.rb +7 -5
  3. metadata +3 -3
data/encrypted_cookie_store-instructure.gemspec CHANGED
@@ -1,6 +1,6 @@
1
1
  Gem::Specification.new do |s|
2
2
  s.name = %q{encrypted_cookie_store-instructure}
3
- s.version = "1.0.1"
3
+ s.version = "1.0.2"
4
4
 
5
5
  s.authors = ["Cody"]
6
6
  s.date = %q{2012-05-11}
data/lib/encrypted_cookie_store.rb CHANGED
@@ -17,7 +17,7 @@ class EncryptedCookieStore < ActionController::Session::CookieStore
17
17
  @compress = options[:compress]
18
18
  @compress = true if @compress.nil?
19
19
  @data_cipher = OpenSSL::Cipher::Cipher.new(EncryptedCookieStore.data_cipher_type)
20
- @expire_after = options[:expire_after].freeze
20
+ @options = options
21
21
  options[:refresh_interval] ||= 5.minutes
22
22
  super(app, options)
23
23
  end
@@ -35,6 +35,8 @@ class EncryptedCookieStore < ActionController::Session::CookieStore
35
35
  options = env[ENV_SESSION_OPTIONS_KEY]
36
36
  request = ActionController::Request.new(env)
37
37
 
38
+ @options[:expire_after] = options[:expire_after] || @options[:expire_after]
39
+
38
40
  if !(options[:secure] && !request.ssl?) && (!session_data.is_a?(ActionController::Session::AbstractStore::SessionHash) || session_data.loaded? || options[:expire_after])
39
41
  session_data.send(:load!) if session_data.is_a?(ActionController::Session::AbstractStore::SessionHash) && !session_data.loaded?
40
42
 
@@ -76,11 +78,11 @@ private
76
78
  compressed_session_data = session_data
77
79
  end
78
80
  encrypted_session_data = @data_cipher.update(compressed_session_data) << @data_cipher.final
79
- timestamp = Time.now.utc.to_i if @expire_after
81
+ timestamp = Time.now.utc.to_i if @options[:expire_after]
80
82
  digest = OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new(@digest), secret, session_data + timestamp.to_s)
81
83
 
82
84
  result = "#{base64(iv)}#{compressed_session_data == session_data ? '.' : ' '}#{base64(encrypted_session_data)}.#{base64(digest)}"
83
- result << ".#{base64([timestamp].pack('N'))}" if @expire_after
85
+ result << ".#{base64([timestamp].pack('N'))}" if @options[:expire_after]
84
86
  result
85
87
  end
86
88
 
@@ -100,9 +102,9 @@ private
100
102
  session_data = @data_cipher.update(encrypted_session_data) << @data_cipher.final
101
103
  session_data = inflate(session_data) if compressed
102
104
  return [nil, nil, nil] unless digest == OpenSSL::HMAC.digest(OpenSSL::Digest::Digest.new(@digest), secret, session_data + timestamp.to_s)
103
- if @expire_after
105
+ if @options[:expire_after]
104
106
  return [nil, nil, nil] unless timestamp
105
- return [nil, nil, timestamp] unless Time.now.utc.to_i - timestamp < @expire_after
107
+ return [nil, nil, timestamp] unless Time.now.utc.to_i - timestamp < @options[:expire_after]
106
108
  end
107
109
  [Marshal.load(session_data), session_data, timestamp]
108
110
  else
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: encrypted_cookie_store-instructure
3
3
  version: !ruby/object:Gem::Version
4
- hash: 21
4
+ hash: 19
5
5
  prerelease:
6
6
  segments:
7
7
  - 1
8
8
  - 0
9
- - 1
10
- version: 1.0.1
9
+ - 2
10
+ version: 1.0.2
11
11
  platform: ruby
12
12
  authors:
13
13
  - Cody