frikandel 2.1.0 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/.travis.yml +16 -7
- data/{Gemfile.rails-3.2.x → Gemfile.rails-5.2.x} +1 -1
- data/{Gemfile.rails-4.0.x → Gemfile.rails-6.0.x} +1 -1
- data/README.md +9 -4
- data/frikandel.gemspec +7 -3
- data/lib/frikandel/bind_session_to_ip_address.rb +6 -1
- data/lib/frikandel/limit_session_lifetime.rb +5 -1
- data/lib/frikandel/version.rb +1 -1
- data/spec/controllers/bind_session_to_ip_address_controller_spec.rb +36 -28
- data/spec/controllers/combined_controller_spec.rb +43 -35
- data/spec/controllers/customized_on_invalid_session_controller_spec.rb +3 -2
- data/spec/controllers/limit_session_lifetime_controller_spec.rb +78 -70
- data/spec/dummy/app/assets/config/manifest.js +3 -0
- data/spec/dummy/config/application.rb +2 -0
- data/spec/dummy/config/environments/test.rb +7 -2
- data/spec/dummy/log/test.log +1948 -2180
- data/spec/lib/frikandel/configuration_spec.rb +17 -17
- data/spec/rails_helper.rb +76 -0
- data/spec/spec_helper.rb +88 -24
- data/spec/support/application_controller.rb +6 -1
- metadata +59 -49
- data/Gemfile.rails-4.1.x +0 -6
@@ -1,14 +1,22 @@
|
|
1
|
-
require "
|
1
|
+
require "rails_helper"
|
2
2
|
require "support/application_controller"
|
3
3
|
|
4
4
|
|
5
5
|
class LimitSessionLifetimeController < ApplicationController
|
6
6
|
include Frikandel::LimitSessionLifetime
|
7
7
|
|
8
|
-
|
8
|
+
if respond_to?(:before_action)
|
9
|
+
before_action :flash_alert_and_redirect_home, only: [:redirect_home]
|
10
|
+
else
|
11
|
+
before_filter :flash_alert_and_redirect_home, only: [:redirect_home]
|
12
|
+
end
|
9
13
|
|
10
14
|
def home
|
11
|
-
|
15
|
+
if Rails::VERSION::MAJOR >= 5
|
16
|
+
render plain: "ttl test"
|
17
|
+
else
|
18
|
+
render text: "ttl test"
|
19
|
+
end
|
12
20
|
end
|
13
21
|
|
14
22
|
def redirect_home
|
@@ -24,7 +32,7 @@ protected
|
|
24
32
|
end
|
25
33
|
|
26
34
|
|
27
|
-
describe LimitSessionLifetimeController do
|
35
|
+
RSpec.describe LimitSessionLifetimeController do
|
28
36
|
context "requests" do
|
29
37
|
it "writes ttl and max_ttl to session" do
|
30
38
|
expect(session[:ttl]).to be_nil
|
@@ -45,8 +53,8 @@ describe LimitSessionLifetimeController do
|
|
45
53
|
expect(session[:ttl]).to be_a(Time)
|
46
54
|
expect(session[:max_ttl]).to be_a(Time)
|
47
55
|
|
48
|
-
flash.
|
49
|
-
flash[:alert].
|
56
|
+
expect(flash).not_to be_empty
|
57
|
+
expect(flash[:alert]).to eql("alert test")
|
50
58
|
end
|
51
59
|
|
52
60
|
it "holds the session for at least .1 seconds" do
|
@@ -57,8 +65,8 @@ describe LimitSessionLifetimeController do
|
|
57
65
|
|
58
66
|
get :home
|
59
67
|
|
60
|
-
session[:user_id].
|
61
|
-
session[:user_id].
|
68
|
+
expect(session[:user_id]).to be_present
|
69
|
+
expect(session[:user_id]).to eq 1337
|
62
70
|
end
|
63
71
|
|
64
72
|
it "destroys the session after SESSION_TTL" do
|
@@ -69,7 +77,7 @@ describe LimitSessionLifetimeController do
|
|
69
77
|
|
70
78
|
get :home
|
71
79
|
|
72
|
-
session[:user_id].
|
80
|
+
expect(session[:user_id]).to be_blank
|
73
81
|
end
|
74
82
|
|
75
83
|
it "destroys the session after SESSION_MAX_TTL" do
|
@@ -80,7 +88,7 @@ describe LimitSessionLifetimeController do
|
|
80
88
|
|
81
89
|
get :home
|
82
90
|
|
83
|
-
session[:user_id].
|
91
|
+
expect(session[:user_id]).to be_blank
|
84
92
|
end
|
85
93
|
|
86
94
|
it "is configurable" do
|
@@ -92,7 +100,7 @@ describe LimitSessionLifetimeController do
|
|
92
100
|
|
93
101
|
get :home
|
94
102
|
|
95
|
-
session[:user_id].
|
103
|
+
expect(session[:user_id]).to be_blank
|
96
104
|
end
|
97
105
|
|
98
106
|
|
@@ -103,17 +111,17 @@ describe LimitSessionLifetimeController do
|
|
103
111
|
session.delete(:ttl)
|
104
112
|
session[:max_ttl] = "SomeMaxTTL"
|
105
113
|
|
106
|
-
controller.
|
107
|
-
controller.
|
114
|
+
expect(controller).to receive(:reset_session).and_call_original
|
115
|
+
expect(controller).to receive(:persist_session_timestamp).and_call_original
|
108
116
|
get :home
|
109
117
|
|
110
|
-
session[:user_id].
|
111
|
-
session[:ip_address].
|
112
|
-
session[:ttl].
|
113
|
-
session[:ttl].
|
114
|
-
session[:max_ttl].
|
115
|
-
session[:max_ttl].
|
116
|
-
session[:max_ttl].
|
118
|
+
expect(session[:user_id]).to be_blank
|
119
|
+
expect(session[:ip_address]).to be_blank
|
120
|
+
expect(session[:ttl]).to be_present
|
121
|
+
expect(session[:ttl]).to be_a(Time)
|
122
|
+
expect(session[:max_ttl]).to be_present
|
123
|
+
expect(session[:max_ttl]).not_to eql("SomeMaxTTL")
|
124
|
+
expect(session[:max_ttl]).to be_a(Time)
|
117
125
|
end
|
118
126
|
|
119
127
|
it "allows the request to be rendered as normal" do
|
@@ -122,7 +130,7 @@ describe LimitSessionLifetimeController do
|
|
122
130
|
|
123
131
|
get :home
|
124
132
|
|
125
|
-
response.body.
|
133
|
+
expect(response.body).to eql("ttl test")
|
126
134
|
end
|
127
135
|
end
|
128
136
|
|
@@ -134,17 +142,17 @@ describe LimitSessionLifetimeController do
|
|
134
142
|
session[:ttl] = "SomeTTL"
|
135
143
|
session.delete(:max_ttl)
|
136
144
|
|
137
|
-
controller.
|
138
|
-
controller.
|
145
|
+
expect(controller).to receive(:reset_session).and_call_original
|
146
|
+
expect(controller).to receive(:persist_session_timestamp).and_call_original
|
139
147
|
get :home
|
140
148
|
|
141
|
-
session[:user_id].
|
142
|
-
session[:ip_address].
|
143
|
-
session[:ttl].
|
144
|
-
session[:ttl].
|
145
|
-
session[:ttl].
|
146
|
-
session[:max_ttl].
|
147
|
-
session[:max_ttl].
|
149
|
+
expect(session[:user_id]).to be_blank
|
150
|
+
expect(session[:ip_address]).to be_blank
|
151
|
+
expect(session[:ttl]).to be_present
|
152
|
+
expect(session[:ttl]).not_to eql("SomeTTL")
|
153
|
+
expect(session[:ttl]).to be_a(Time)
|
154
|
+
expect(session[:max_ttl]).to be_present
|
155
|
+
expect(session[:max_ttl]).to be_a(Time)
|
148
156
|
end
|
149
157
|
|
150
158
|
it "allows the request to be rendered as normal" do
|
@@ -153,7 +161,7 @@ describe LimitSessionLifetimeController do
|
|
153
161
|
|
154
162
|
get :home
|
155
163
|
|
156
|
-
response.body.
|
164
|
+
expect(response.body).to eql("ttl test")
|
157
165
|
end
|
158
166
|
end
|
159
167
|
|
@@ -165,16 +173,16 @@ describe LimitSessionLifetimeController do
|
|
165
173
|
session.delete(:ttl)
|
166
174
|
session.delete(:max_ttl)
|
167
175
|
|
168
|
-
controller.
|
169
|
-
controller.
|
176
|
+
expect(controller).to receive(:reset_session).and_call_original
|
177
|
+
expect(controller).to receive(:persist_session_timestamp).and_call_original
|
170
178
|
get :home
|
171
179
|
|
172
|
-
session[:user_id].
|
173
|
-
session[:ip_address].
|
174
|
-
session[:ttl].
|
175
|
-
session[:ttl].
|
176
|
-
session[:max_ttl].
|
177
|
-
session[:max_ttl].
|
180
|
+
expect(session[:user_id]).to be_blank
|
181
|
+
expect(session[:ip_address]).to be_blank
|
182
|
+
expect(session[:ttl]).to be_present
|
183
|
+
expect(session[:ttl]).to be_a(Time)
|
184
|
+
expect(session[:max_ttl]).to be_present
|
185
|
+
expect(session[:max_ttl]).to be_a(Time)
|
178
186
|
end
|
179
187
|
|
180
188
|
it "allows the request to be rendered as normal" do
|
@@ -183,7 +191,7 @@ describe LimitSessionLifetimeController do
|
|
183
191
|
|
184
192
|
get :home
|
185
193
|
|
186
|
-
response.body.
|
194
|
+
expect(response.body).to eql("ttl test")
|
187
195
|
end
|
188
196
|
end
|
189
197
|
end
|
@@ -194,10 +202,10 @@ describe LimitSessionLifetimeController do
|
|
194
202
|
session[:ttl] = "SomeTTL"
|
195
203
|
session[:max_ttl] = "SomeMaxTTL"
|
196
204
|
|
197
|
-
controller.
|
198
|
-
controller.
|
205
|
+
expect(controller).to receive(:reached_ttl?).and_return(true)
|
206
|
+
allow(controller).to receive(:reached_max_ttl?).and_return(false)
|
199
207
|
|
200
|
-
controller.
|
208
|
+
expect(controller).to receive(:on_invalid_session)
|
201
209
|
|
202
210
|
controller.send(:validate_session_timestamp)
|
203
211
|
end
|
@@ -206,10 +214,10 @@ describe LimitSessionLifetimeController do
|
|
206
214
|
session[:ttl] = "SomeTTL"
|
207
215
|
session[:max_ttl] = "SomeMaxTTL"
|
208
216
|
|
209
|
-
controller.
|
210
|
-
controller.
|
217
|
+
allow(controller).to receive(:reached_ttl?).and_return(false)
|
218
|
+
expect(controller).to receive(:reached_max_ttl?).and_return(true)
|
211
219
|
|
212
|
-
controller.
|
220
|
+
expect(controller).to receive(:on_invalid_session)
|
213
221
|
|
214
222
|
controller.send(:validate_session_timestamp)
|
215
223
|
end
|
@@ -218,10 +226,10 @@ describe LimitSessionLifetimeController do
|
|
218
226
|
session[:ttl] = "SomeTTL"
|
219
227
|
session[:max_ttl] = "SomeMaxTTL"
|
220
228
|
|
221
|
-
controller.
|
222
|
-
controller.
|
229
|
+
allow(controller).to receive(:reached_ttl?).and_return(true)
|
230
|
+
allow(controller).to receive(:reached_max_ttl?).and_return(true)
|
223
231
|
|
224
|
-
controller.
|
232
|
+
expect(controller).to receive(:on_invalid_session)
|
225
233
|
|
226
234
|
controller.send(:validate_session_timestamp)
|
227
235
|
end
|
@@ -230,7 +238,7 @@ describe LimitSessionLifetimeController do
|
|
230
238
|
session.delete(:ttl)
|
231
239
|
session[:max_ttl] = "SomeMaxTTL"
|
232
240
|
|
233
|
-
controller.
|
241
|
+
expect(controller).to receive(:reset_session)
|
234
242
|
|
235
243
|
controller.send(:validate_session_timestamp)
|
236
244
|
end
|
@@ -239,7 +247,7 @@ describe LimitSessionLifetimeController do
|
|
239
247
|
session[:ttl] = "SomeTTL"
|
240
248
|
session.delete(:max_ttl)
|
241
249
|
|
242
|
-
controller.
|
250
|
+
expect(controller).to receive(:persist_session_timestamp)
|
243
251
|
|
244
252
|
controller.send(:validate_session_timestamp)
|
245
253
|
end
|
@@ -248,7 +256,7 @@ describe LimitSessionLifetimeController do
|
|
248
256
|
session.delete(:ttl)
|
249
257
|
session.delete(:max_ttl)
|
250
258
|
|
251
|
-
controller.
|
259
|
+
expect(controller).to receive(:persist_session_timestamp)
|
252
260
|
|
253
261
|
controller.send(:validate_session_timestamp)
|
254
262
|
end
|
@@ -257,10 +265,10 @@ describe LimitSessionLifetimeController do
|
|
257
265
|
session[:ttl] = "SomeTTL"
|
258
266
|
session[:max_ttl] = "SomeMaxTTL"
|
259
267
|
|
260
|
-
controller.
|
261
|
-
controller.
|
268
|
+
allow(controller).to receive(:reached_ttl?).and_return(false)
|
269
|
+
allow(controller).to receive(:reached_max_ttl?).and_return(false)
|
262
270
|
|
263
|
-
controller.
|
271
|
+
expect(controller).to receive(:persist_session_timestamp)
|
264
272
|
|
265
273
|
controller.send(:validate_session_timestamp)
|
266
274
|
end
|
@@ -270,29 +278,29 @@ describe LimitSessionLifetimeController do
|
|
270
278
|
context ".reached_ttl?" do
|
271
279
|
it "returns true if persisted ttl is less than configured ttl seconds ago" do
|
272
280
|
current_time = Time.now
|
273
|
-
Time.
|
281
|
+
allow(Time).to receive(:now).and_return(current_time)
|
274
282
|
|
275
283
|
session[:ttl] = current_time.ago(Frikandel::Configuration.ttl + 1)
|
276
284
|
|
277
|
-
controller.send(:reached_ttl?).
|
285
|
+
expect(controller.send(:reached_ttl?)).to be_truthy
|
278
286
|
end
|
279
287
|
|
280
288
|
it "returns false if persisted ttl is equal to configured ttl seconds ago" do
|
281
289
|
current_time = Time.now
|
282
|
-
Time.
|
290
|
+
allow(Time).to receive(:now).and_return(current_time)
|
283
291
|
|
284
292
|
session[:ttl] = current_time.ago(Frikandel::Configuration.ttl)
|
285
293
|
|
286
|
-
controller.send(:reached_ttl?).
|
294
|
+
expect(controller.send(:reached_ttl?)).to be_falsey
|
287
295
|
end
|
288
296
|
|
289
297
|
it "returns false if persisted ttl is greater than configured ttl seconds ago" do
|
290
298
|
current_time = Time.now
|
291
|
-
Time.
|
299
|
+
allow(Time).to receive(:now).and_return(current_time)
|
292
300
|
|
293
301
|
session[:ttl] = current_time.ago(Frikandel::Configuration.ttl - 1)
|
294
302
|
|
295
|
-
controller.send(:reached_ttl?).
|
303
|
+
expect(controller.send(:reached_ttl?)).to be_falsey
|
296
304
|
end
|
297
305
|
end
|
298
306
|
|
@@ -300,29 +308,29 @@ describe LimitSessionLifetimeController do
|
|
300
308
|
context ".reached_max_ttl?" do
|
301
309
|
it "returns true if persisted max_ttl is less than current time" do
|
302
310
|
current_time = Time.now
|
303
|
-
Time.
|
311
|
+
allow(Time).to receive(:now).and_return(current_time)
|
304
312
|
|
305
313
|
session[:max_ttl] = current_time.ago(1)
|
306
314
|
|
307
|
-
controller.send(:reached_max_ttl?).
|
315
|
+
expect(controller.send(:reached_max_ttl?)).to be_truthy
|
308
316
|
end
|
309
317
|
|
310
318
|
it "returns false if persisted max_ttl is equal to current time" do
|
311
319
|
current_time = Time.now
|
312
|
-
Time.
|
320
|
+
allow(Time).to receive(:now).and_return(current_time)
|
313
321
|
|
314
322
|
session[:max_ttl] = current_time
|
315
323
|
|
316
|
-
controller.send(:reached_max_ttl?).
|
324
|
+
expect(controller.send(:reached_max_ttl?)).to be_falsey
|
317
325
|
end
|
318
326
|
|
319
327
|
it "returns false if persisted max_ttl is greater than current time" do
|
320
328
|
current_time = Time.now
|
321
|
-
Time.
|
329
|
+
allow(Time).to receive(:now).and_return(current_time)
|
322
330
|
|
323
331
|
session[:max_ttl] = current_time.since(1)
|
324
332
|
|
325
|
-
controller.send(:reached_max_ttl?).
|
333
|
+
expect(controller.send(:reached_max_ttl?)).to be_falsey
|
326
334
|
end
|
327
335
|
end
|
328
336
|
|
@@ -330,7 +338,7 @@ describe LimitSessionLifetimeController do
|
|
330
338
|
context ".persist_session_timestamp" do
|
331
339
|
it "sets ttl to current time" do
|
332
340
|
current_time = Time.now
|
333
|
-
Time.
|
341
|
+
allow(Time).to receive(:now).and_return(current_time)
|
334
342
|
|
335
343
|
expect {
|
336
344
|
controller.send(:persist_session_timestamp)
|
@@ -342,7 +350,7 @@ describe LimitSessionLifetimeController do
|
|
342
350
|
it "sets max_ttl to configured max_ttl seconds in future if it's blank" do
|
343
351
|
current_time = Time.now
|
344
352
|
max_ttl_time = current_time.since(Frikandel::Configuration.max_ttl)
|
345
|
-
Time.
|
353
|
+
allow(Time).to receive(:now).and_return(current_time)
|
346
354
|
|
347
355
|
expect {
|
348
356
|
controller.send(:persist_session_timestamp)
|
@@ -365,7 +373,7 @@ describe LimitSessionLifetimeController do
|
|
365
373
|
|
366
374
|
context ".reset_session" do
|
367
375
|
it "calls persist_session_timestamp" do
|
368
|
-
controller.
|
376
|
+
expect(controller).to receive(:persist_session_timestamp).and_call_original
|
369
377
|
controller.send(:reset_session)
|
370
378
|
end
|
371
379
|
end
|
@@ -11,6 +11,8 @@ Bundler.require(*Rails.groups)
|
|
11
11
|
require "frikandel"
|
12
12
|
|
13
13
|
module Dummy
|
14
|
+
RAILS_GEM_VERSION = Gem::Version.new(Rails::VERSION::STRING).freeze
|
15
|
+
|
14
16
|
class Application < Rails::Application
|
15
17
|
# Settings in config/environments/* take precedence over those specified here.
|
16
18
|
# Application configuration should go into files in config/initializers
|
@@ -13,8 +13,13 @@ Dummy::Application.configure do
|
|
13
13
|
config.eager_load = false
|
14
14
|
|
15
15
|
# Configure static asset server for tests with Cache-Control for performance.
|
16
|
-
|
17
|
-
|
16
|
+
if Dummy::RAILS_GEM_VERSION < Gem::Version.new('5.0.0')
|
17
|
+
config.serve_static_assets = true
|
18
|
+
config.static_cache_control = "public, max-age=3600"
|
19
|
+
else
|
20
|
+
config.public_file_server.enabled = true
|
21
|
+
config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
|
22
|
+
end
|
18
23
|
|
19
24
|
# Show full error reports and disable caching.
|
20
25
|
config.consider_all_requests_local = true
|