frikandel 2.1.0 → 2.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 0eb78e7fc8890e920f675060d65d1305ab310caa
-  data.tar.gz: dfe7532de11f1b0e4deacd6b5d9476256a6cfb22
+SHA256:
+  metadata.gz: a857451a8180dae2842702e657035f3ca0d832fe79ba4846bbafc634ee6c542a
+  data.tar.gz: ef1f626c20166d465e63b4ca36563c4bc6dc2eec54b7be4140adcb7b3fc04d05
 SHA512:
-  metadata.gz: c9f94142388dd71adff1c529b0b43c6216f4f4819afca102cedbc523693ddd253b54dad9642c44229ea25ba730b44c08b1769a560eefdd6ae08aa5cd81c8f54c
-  data.tar.gz: 5723a7adfe0d66d77e4a9a37749f337536a21a8c5bb24109c51b4bb1089ff6e58766b8c51d8f9f07586a8caf88a5c37106c6ba6210ebfc40c6cd7dda34b8d98e
+  metadata.gz: b1a0eb96d67790766871a4615e31d7c40c4181ce643d9fd1a4cb92ac43c28ca07700a8ef6d44a739e477d973377dabcceeec05182204d0dda4c79a5aaba167e7
+  data.tar.gz: b0d089434e1f9910bdd1ac8f14c83e3599f020d4a881d47ee19a4b06dc3e5e8def9f4fd475f7a0d6de0688d794e089bbb342fa140071fdca466eb4458030475f

data/.travis.yml

@@ -1,16 +1,25 @@
 language: ruby
 rvm:
-  - "1.9.3"
-  - "2.0.0"
-  - "2.1.1"
+  - 2.4
+  - 2.5
+  - 2.6
+  - 2.7
   - ruby-head
-  - jruby-19mode
+  - jruby
+  - truffleruby
 gemfile:
-  - Gemfile.rails-3.2.x
-  - Gemfile.rails-4.0.x
-  - Gemfile.rails-4.1.x
+  - Gemfile.rails-5.2.x
+  - Gemfile.rails-6.0.x
   - Gemfile.rails-head
+before_install:
+  - gem update --system
+  - gem install bundler
 matrix:
   allow_failures:
     - rvm: ruby-head
     - gemfile: Gemfile.rails-head
+  exclude:
+    - rvm: 2.4
+      gemfile: Gemfile.rails-6.0.x
+    - rvm: 2.4
+      gemfile: Gemfile.rails-head

data/{Gemfile.rails-3.2.x → Gemfile.rails-5.2.x}

@@ -3,4 +3,4 @@ source 'https://rubygems.org'
 # Specify your gem's dependencies in frikandel.gemspec
 gemspec
 
-gem 'rails', '~> 3.2.0'
+gem 'rails', '~> 5.2.0'

data/{Gemfile.rails-4.0.x → Gemfile.rails-6.0.x}

@@ -3,4 +3,4 @@ source 'https://rubygems.org'
 # Specify your gem's dependencies in frikandel.gemspec
 gemspec
 
-gem 'rails', '~> 4.0.0'
+gem 'rails', '~> 6.0.0'

data/README.md

@@ -1,7 +1,8 @@
 # Frikandel
-[![Gem Version](https://badge.fury.io/rb/frikandel.png)](http://badge.fury.io/rb/frikandel) 
+[![Gem Version](https://badge.fury.io/rb/frikandel.png)](http://badge.fury.io/rb/frikandel)
 [![Build Status](https://api.travis-ci.org/taktsoft/frikandel.png)](https://travis-ci.org/taktsoft/frikandel)
 [![Code Climate](https://codeclimate.com/github/taktsoft/frikandel.png)](https://codeclimate.com/github/taktsoft/frikandel)
+[![Dependency Status](https://gemnasium.com/taktsoft/frikandel.svg)](https://gemnasium.com/taktsoft/frikandel)
 
 This gem aims to improve the security of your rails application. It allows you to add a TTL (Time To Live) to the session cookie and allows you to bind the session to an IP address.
 
@@ -99,9 +100,13 @@ end
 
 To run the test suite with different rails version by selecting the corresponding gemfile. You can use this one liners:
 
-    $ BUNDLE_GEMFILE=Gemfile.rails-3.2.x bundle update && bundle exec rake spec
-    $ BUNDLE_GEMFILE=Gemfile.rails-4.0.x bundle update && bundle exec rake spec
-    $ BUNDLE_GEMFILE=Gemfile.rails-4.1.x bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-3.2.x && bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-4.0.x && bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-4.1.x && bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-4.2.x && bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-5.0.x && bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-5.1.x && bundle update && bundle exec rake spec
+    $ export BUNDLE_GEMFILE=Gemfile.rails-5.2.x && bundle update && bundle exec rake spec
 
 ## Contributing
 1. Fork it

data/frikandel.gemspec

@@ -18,14 +18,18 @@ Gem::Specification.new do |spec|
   spec.test_files    = Dir["spec/**/*"]
   spec.require_paths = ["lib"]
 
-  spec.add_development_dependency "bundler", "~> 1.5"
+  spec.required_ruby_version     = '>= 1.9.3'
+  spec.required_rubygems_version = ">= 1.3.6"
+
+  spec.add_development_dependency "bundler"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "sqlite3" unless RUBY_PLATFORM == 'java'
   spec.add_development_dependency "jdbc-sqlite3" if RUBY_PLATFORM == 'java'
   spec.add_development_dependency "activerecord-jdbcsqlite3-adapter" if RUBY_PLATFORM == 'java'
-  spec.add_development_dependency "rspec-rails"
+  spec.add_development_dependency "rspec-rails", "> 3.0"
   spec.add_development_dependency "guard-rspec"
   spec.add_development_dependency "pry"
+  spec.add_development_dependency "test-unit"
 
-  spec.add_dependency "rails", [">= 3.2.0", "< 5.0"]
+  spec.add_dependency "rails", ">= 3.2.0"
 end

data/lib/frikandel/bind_session_to_ip_address.rb

@@ -1,9 +1,14 @@
 module Frikandel
   module BindSessionToIpAddress
     extend ActiveSupport::Concern
+    include SessionInvalidation
 
     included do
-      append_before_filter :validate_session_ip_address
+      if respond_to?(:before_action)
+        append_before_action :validate_session_ip_address
+      else
+        append_before_filter :validate_session_ip_address
+      end
     end
 
   private

data/lib/frikandel/limit_session_lifetime.rb

@@ -4,7 +4,11 @@ module Frikandel
     include SessionInvalidation
 
     included do
-      append_before_filter :validate_session_timestamp
+      if respond_to?(:before_action)
+        append_before_action :validate_session_timestamp
+      else
+        append_before_filter :validate_session_timestamp
+      end
     end
 
   private

data/lib/frikandel/version.rb

@@ -1,3 +1,3 @@
 module Frikandel
-  VERSION = "2.1.0"
+  VERSION = "2.3.0"
 end

data/spec/controllers/bind_session_to_ip_address_controller_spec.rb

@@ -1,14 +1,22 @@
-require "spec_helper"
+require "rails_helper"
 require "support/application_controller"
 
 
 class BindSessionToIpAddressController < ApplicationController
   include Frikandel::BindSessionToIpAddress
 
-  before_filter :flash_alert_and_redirect_home, only: [:redirect_home]
+  if respond_to?(:before_action)
+    before_action :flash_alert_and_redirect_home, only: [:redirect_home]
+  else
+    before_filter :flash_alert_and_redirect_home, only: [:redirect_home]
+  end
 
   def home
-    render text: "bind test"
+    if Rails::VERSION::MAJOR >= 5
+      render plain: "bind test"
+    else
+      render text: "bind test"
+    end
   end
 
   def redirect_home
@@ -23,7 +31,7 @@ protected
 end
 
 
-describe BindSessionToIpAddressController do
+RSpec.describe BindSessionToIpAddressController do
   context "requests" do
     it "writes current ip address to session" do
       expect(session[:ip_address]).to be_nil
@@ -40,13 +48,13 @@ describe BindSessionToIpAddressController do
 
       expect(session[:ip_address]).to eql("0.0.0.0")
 
-      flash.should_not be_empty
-      flash[:alert].should eql("alert test")
+      expect(flash).not_to be_empty
+      expect(flash[:alert]).to eql("alert test")
     end
 
     it "raises an exception if session address and current ip address don't match" do
       session[:ip_address] = "1.2.3.4"
-      controller.should_receive(:on_invalid_session)
+      expect(controller).to receive(:on_invalid_session)
 
       get :home
     end
@@ -59,21 +67,21 @@ describe BindSessionToIpAddressController do
         session[:ttl] = "SomeTTL"
         session[:max_ttl] = "SomeMaxTTL"
 
-        controller.should_receive(:reset_session).and_call_original
-        controller.should_receive(:persist_session_ip_address).and_call_original
+        expect(controller).to receive(:reset_session).and_call_original
+        expect(controller).to receive(:persist_session_ip_address).and_call_original
         get :home
 
-        session[:user_id].should be_blank
-        session[:ip_address].should be_present
-        session[:ip_address].should eql("0.0.0.0")
-        session[:ttl].should be_blank
-        session[:max_ttl].should be_blank
+        expect(session[:user_id]).to be_blank
+        expect(session[:ip_address]).to be_present
+        expect(session[:ip_address]).to eql("0.0.0.0")
+        expect(session[:ttl]).to be_blank
+        expect(session[:max_ttl]).to be_blank
       end
 
       it "allows the request to be rendered as normal" do
         get :home
 
-        response.body.should eql("bind test")
+        expect(response.body).to eql("bind test")
       end
     end
   end
@@ -83,8 +91,8 @@ describe BindSessionToIpAddressController do
     it "calls on_invalid_session if ip address doesn't match with current" do
       session[:ip_address] = "1.3.3.7"
 
-      controller.should_receive(:ip_address_match_with_current?).and_return(false)
-      controller.should_receive(:on_invalid_session)
+      expect(controller).to receive(:ip_address_match_with_current?).and_return(false)
+      expect(controller).to receive(:on_invalid_session)
 
       controller.send(:validate_session_ip_address)
     end
@@ -92,8 +100,8 @@ describe BindSessionToIpAddressController do
     it "calls reset_session if ip address isn't persisted in session" do
       session.delete(:ip_address)
 
-      controller.should_not_receive(:ip_address_match_with_current?)
-      controller.should_receive(:reset_session)
+      expect(controller).not_to receive(:ip_address_match_with_current?)
+      expect(controller).to receive(:reset_session)
 
       controller.send(:validate_session_ip_address)
     end
@@ -101,8 +109,8 @@ describe BindSessionToIpAddressController do
     it "calls persist_session_ip_address if validation passes" do
       session[:ip_address] = "1.3.3.7"
 
-      controller.should_receive(:ip_address_match_with_current?).and_return(true)
-      controller.should_receive(:persist_session_ip_address)
+      expect(controller).to receive(:ip_address_match_with_current?).and_return(true)
+      expect(controller).to receive(:persist_session_ip_address)
 
       controller.send(:validate_session_ip_address)
     end
@@ -112,7 +120,7 @@ describe BindSessionToIpAddressController do
   context ".persist_session_ip_address" do
     it "sets the current ip address in session on key ip_address" do
       expect {
-        controller.should_receive(:current_ip_address).and_return("1.3.3.7")
+        expect(controller).to receive(:current_ip_address).and_return("1.3.3.7")
         controller.send(:persist_session_ip_address)
       }.to change {
         session[:ip_address]
@@ -123,31 +131,31 @@ describe BindSessionToIpAddressController do
 
   context ".current_ip_address" do
     it "returns the remote_ip from request" do
-      request.should_receive(:remote_ip).and_return(:request_remote_ip)
+      expect(request).to receive(:remote_ip).and_return(:request_remote_ip)
 
-      controller.send(:current_ip_address).should eql(:request_remote_ip)
+      expect(controller.send(:current_ip_address)).to eql(:request_remote_ip)
     end
   end
 
 
   context ".ip_address_match_with_current?" do
     it "compares ip address from session with the current ip address" do
-      controller.stub(:current_ip_address).and_return("1.3.3.7")
+      allow(controller).to receive(:current_ip_address).and_return("1.3.3.7")
 
       session[:ip_address] = "1.3.3.7"
 
-      controller.send(:ip_address_match_with_current?).should be_true
+      expect(controller.send(:ip_address_match_with_current?)).to be_truthy
 
       session[:ip_address] = "7.3.3.1"
 
-      controller.send(:ip_address_match_with_current?).should be_false
+      expect(controller.send(:ip_address_match_with_current?)).to be_falsey
     end
   end
 
 
   context ".reset_session" do
     it "calls persist_session_ip_address" do
-      controller.should_receive(:persist_session_ip_address).and_call_original
+      expect(controller).to receive(:persist_session_ip_address).and_call_original
       controller.send(:reset_session)
     end
   end

data/spec/controllers/combined_controller_spec.rb

@@ -1,4 +1,4 @@
-require "spec_helper"
+require "rails_helper"
 require "support/application_controller"
 
 
@@ -6,10 +6,18 @@ class CombinedController < ApplicationController
   include Frikandel::LimitSessionLifetime
   include Frikandel::BindSessionToIpAddress
 
-  before_filter :flash_alert_and_redirect_home, only: [:redirect_home]
+  if respond_to?(:before_action)
+    before_action :flash_alert_and_redirect_home, only: [:redirect_home]
+  else
+    before_filter :flash_alert_and_redirect_home, only: [:redirect_home]
+  end
 
   def home
-    render text: "combined test"
+    if Rails::VERSION::MAJOR >= 5
+      render plain: "combined test"
+    else
+      render text: "combined test"
+    end
   end
 
   def redirect_home
@@ -24,38 +32,38 @@ protected
 end
 
 
-describe CombinedController do
+RSpec.describe CombinedController do
   context "ttl nor ip isn't present in session" do
     it "resets the session and persists ip address, ttl & max_ttl" do
       session[:user_id] = 4337
 
       get :home
 
-      session[:user_id].should be_blank
-      session[:ip_address].should be_present
-      session[:ttl].should be_present
-      session[:max_ttl].should be_present
+      expect(session[:user_id]).to be_blank
+      expect(session[:ip_address]).to be_present
+      expect(session[:ttl]).to be_present
+      expect(session[:max_ttl]).to be_present
     end
 
     it "allows the request to be rendered as normal" do
       get :home
 
-      response.body.should eql("combined test")
+      expect(response.body).to eql("combined test")
     end
 
     it "persists ttl, max_ttl and ip even on redirect in another before filter" do
-      session[:ip_address].should be_nil
-      session[:ttl].should be_nil
-      session[:max_ttl].should be_nil
+      expect(session[:ip_address]).to be_nil
+      expect(session[:ttl]).to be_nil
+      expect(session[:max_ttl]).to be_nil
 
       simulate_redirect!(:redirect_home, :home)
 
-      session[:ip_address].should be_present
-      session[:ttl].should be_present
-      session[:max_ttl].should be_present
+      expect(session[:ip_address]).to be_present
+      expect(session[:ttl]).to be_present
+      expect(session[:max_ttl]).to be_present
 
-      flash.should_not be_empty
-      flash[:alert].should eql("alert test")
+      expect(flash).not_to be_empty
+      expect(flash[:alert]).to eql("alert test")
     end
   end
 
@@ -68,12 +76,12 @@ describe CombinedController do
 
       get :home
 
-      session[:user_id].should be_blank
-      session[:ip_address].should be_present
-      session[:ttl].should be_present
-      session[:ttl].should_not eql(last_ttl)
-      session[:max_ttl].should be_present
-      session[:max_ttl].should_not eql(last_max_ttl)
+      expect(session[:user_id]).to be_blank
+      expect(session[:ip_address]).to be_present
+      expect(session[:ttl]).to be_present
+      expect(session[:ttl]).not_to eql(last_ttl)
+      expect(session[:max_ttl]).to be_present
+      expect(session[:max_ttl]).not_to eql(last_max_ttl)
     end
 
     it "resets the session and persists ip address, ttl & max_ttl if ttl is missing" do
@@ -83,12 +91,12 @@ describe CombinedController do
 
       get :home
 
-      session[:user_id].should be_blank
-      session[:ip_address].should be_present
-      session[:ip_address].should eql("0.0.0.0")
-      session[:ttl].should be_present
-      session[:max_ttl].should be_present
-      session[:max_ttl].should_not eql(last_max_ttl)
+      expect(session[:user_id]).to be_blank
+      expect(session[:ip_address]).to be_present
+      expect(session[:ip_address]).to eql("0.0.0.0")
+      expect(session[:ttl]).to be_present
+      expect(session[:max_ttl]).to be_present
+      expect(session[:max_ttl]).not_to eql(last_max_ttl)
     end
 
     it "resets the session and persists ip address, ttl & max_ttl if max_ttl is missing" do
@@ -98,12 +106,12 @@ describe CombinedController do
 
       get :home
 
-      session[:user_id].should be_blank
-      session[:ip_address].should be_present
-      session[:ip_address].should eql("0.0.0.0")
-      session[:ttl].should be_present
-      session[:ttl].should_not eql(last_ttl)
-      session[:max_ttl].should be_present
+      expect(session[:user_id]).to be_blank
+      expect(session[:ip_address]).to be_present
+      expect(session[:ip_address]).to eql("0.0.0.0")
+      expect(session[:ttl]).to be_present
+      expect(session[:ttl]).not_to eql(last_ttl)
+      expect(session[:max_ttl]).to be_present
     end
   end
 end

data/spec/controllers/customized_on_invalid_session_controller_spec.rb

@@ -1,6 +1,7 @@
-require "spec_helper"
+require "rails_helper"
 require "support/application_controller"
 
+
 class SessionInvalidError < StandardError; end
 
 class CustomizedOnInvalidSessionController < ApplicationController
@@ -12,8 +13,8 @@ class CustomizedOnInvalidSessionController < ApplicationController
   alias my_on_invalid_session on_invalid_session
 end
 
-describe CustomizedOnInvalidSessionController do
 
+RSpec.describe CustomizedOnInvalidSessionController do
   it "uses the overwritten on_invalid_cookie function" do
     get :home
     request.session[:max_ttl] = 1.minute.ago