has_global_session 0.8.10 → 0.9.0

data/has_global_session.gemspec

@@ -7,7 +7,7 @@ spec = Gem::Specification.new do |s|
   s.required_ruby_version = Gem::Requirement.new(">= 1.8.7")
 
   s.name    = 'has_global_session'
-  s.version = '0.8.10'
+  s.version = '0.9.0'
   s.date    = '2010-07-01'
 
   s.authors = ['Tony Spataro']
@@ -27,11 +27,11 @@ spec = Gem::Specification.new do |s|
   basedir = File.dirname(__FILE__)
   candidates = ['has_global_session.gemspec', 'init.rb', 'MIT-LICENSE', 'README.rdoc'] +
             Dir['lib/**/*'] +
-            Dir['rails/**/*']
+            Dir['rails/**/*'] +
+            Dir['rails_generators/**/*']
   s.files = candidates.sort
 end
 
 if $PROGRAM_NAME == __FILE__
-   Gem.manage_gems if Gem::RubyGemsVersion.to_f < 1.0
    Gem::Builder.new(spec).build
 end

data/lib/has_global_session/global_session.rb

@@ -7,7 +7,7 @@ require 'uuidtools'
 
 module HasGlobalSession 
   class GlobalSession
-    attr_reader :id, :authority, :created_at, :expired_at
+    attr_reader :id, :authority, :created_at, :expired_at, :directory
 
     def initialize(directory, cookie=nil)
       @schema_signed   = Set.new((Configuration['attributes']['signed']))
@@ -189,13 +189,6 @@ module HasGlobalSession
       @insecure   = insecure
       @signature  = signature
       @cookie     = cookie
-
-      #Auto-renew session if needed
-      renew = Configuration['renew']
-      if @directory.local_authority_name &&
-         renew && @expired_at < renew.to_i.minutes.from_now.utc
-        renew!
-      end
     end
 
     def create_from_scratch

data/lib/has_global_session/rails/action_controller_instance_methods.rb

@@ -0,0 +1,127 @@
+module HasGlobalSession
+  module Rails
+    module ActionControllerInstanceMethods
+      def self.included(base)
+        if Configuration['integrated']
+          base.alias_method_chain :session, :global_session
+        end
+
+        base.before_filter :global_session_read_cookie
+        base.before_filter :global_session_auto_renew
+        base.after_filter  :global_session_update_cookie
+      end
+
+      def global_session
+        @global_session
+      end
+
+      def session_with_global_session
+        if global_session
+          unless @integrated_session && (@integrated_session.global == @global_session)
+            @integrated_session =
+              IntegratedSession.new(session_without_global_session, global_session)
+          end
+          return @integrated_session
+        else
+          return session_without_global_session
+        end
+      end
+
+      def global_session_read_cookie
+        directory   = global_session_create_directory
+        cookie_name = Configuration['cookie']['name']
+        cookie      = cookies[cookie_name]
+
+        begin
+          #unserialize the global session from the cookie, or
+          #initialize a new global session if cookie == nil
+          @global_session = GlobalSession.new(directory, cookie)
+          return true
+        rescue Exception => e
+          #silently recover from any error by initializing a new global session
+          @global_session = GlobalSession.new(directory)
+          #give the Rails app a chance to handle the exception
+          #unless it's an ExpiredSession, which we handle transparently
+          raise e unless e.is_a?(ExpiredSession)
+        end
+      end
+
+      def global_session_auto_renew
+        #Auto-renew session if needed
+        renew = Configuration['renew']
+        if @global_session.directory.local_authority_name && renew &&
+           @global_session.expired_at < renew.to_i.minutes.from_now.utc
+          @global_session.renew!
+        end        
+      end
+
+      def global_session_update_cookie
+        name   = Configuration['cookie']['name']
+        domain = Configuration['cookie']['domain']
+
+        begin
+          if @global_session && @global_session.valid?
+            value   = @global_session.to_s
+            expires = Configuration['ephemeral'] ? nil : @global_session.expired_at
+
+            unless (cookies[name] == value)
+              #Update the cookie only if its value has changed
+              cookies[name] = {:value => value, :domain=>domain, :expires=>expires}
+            end
+          else
+            #No valid session? Write an empty cookie.
+            cookies[name] = {:value=>nil, :domain=>domain, :expires=>Time.at(0)}
+          end
+        rescue Exception => e
+          #silently recover from any error by wiping the cookie
+          cookies[name] = {:value=>nil, :domain=>domain, :expires=>Time.at(0)}
+          #give the Rails app a chance to handle the exception
+          raise e
+        end
+      end
+
+      def log_processing
+        if logger && logger.info?
+          log_processing_for_request_id
+          log_processing_for_parameters
+        end
+      end
+
+      def log_processing_for_request_id
+        if global_session && global_session.id
+          session_id = global_session.id + " (#{session[:session_id]})"
+        elsif session[:session_id]
+          session_id = session[:session_id]
+        elsif request.session_options[:id]
+          session_id = request.session_options[:id]
+        end
+
+        request_id = "\n\nProcessing #{self.class.name}\##{action_name} "
+        request_id << "to #{params[:format]} " if params[:format]
+        request_id << "(for #{request_origin.split[0]}) [#{request.method.to_s.upcase}]"
+        request_id << "\n  Session ID: #{session_id}" if session_id
+
+        logger.info(request_id)
+      end
+
+      def log_processing_for_parameters
+        parameters = respond_to?(:filter_parameters) ? filter_parameters(params) : params.dup
+        parameters = parameters.except!(:controller, :action, :format, :_method)
+
+        logger.info "  Parameters: #{parameters.inspect}" unless parameters.empty?
+      end
+
+      private
+
+      def global_session_create_directory
+        if (klass = Configuration['directory'])
+          klass = klass.constantize
+        else
+          klass = Directory
+        end
+
+        return klass.new(File.join(RAILS_ROOT, 'config', 'authorities'))        
+      end
+    end
+  end
+end

data/lib/has_global_session/rails.rb

@@ -0,0 +1,4 @@
+basedir = File.dirname(__FILE__)
+
+#Require the files necessary for Rails integration
+require File.join(basedir, 'rails', 'action_controller_instance_methods')

data/lib/has_global_session.rb

@@ -12,7 +12,7 @@ require 'uuidtools'
 require 'json'
 require 'active_support'
 
-#Require our own sources
+#Require the core suite of HasGlobalSession classes and modules
 basedir = File.dirname(__FILE__)
 require File.join(basedir, 'has_global_session', 'configuration')
 require File.join(basedir, 'has_global_session', 'directory')

data/rails/init.rb

@@ -1,5 +1,6 @@
 basedir = File.expand_path(File.join(File.dirname(__FILE__), '..'))
-require File.join(basedir, 'lib', 'has_global_session')
+libdir  = File.join(basedir, 'lib')
+require File.join(libdir, 'has_global_session')
 
 config_file = File.join(RAILS_ROOT, 'config', 'global_session.yml')
 
@@ -9,14 +10,12 @@ if File.exist?(config_file)
   HasGlobalSession::Configuration.config_file = config_file
   HasGlobalSession::Configuration.environment = RAILS_ENV
   
-  require File.join(basedir, 'rails', 'action_controller_instance_methods')
+  require File.join(libdir, 'has_global_session', 'rails')
 
   # Enable ActionController integration.
   class ActionController::Base
     def self.has_global_session
-      include HasGlobalSession::ActionControllerInstanceMethods
-      before_filter :global_session_read_cookie
-      after_filter  :global_session_update_cookie
+      include HasGlobalSession::Rails::ActionControllerInstanceMethods
     end
   end
 end

data/rails_generators/global_session_authority/global_session_authority_generator.rb

@@ -0,0 +1,32 @@
+class GlobalSessionAuthorityGenerator < Rails::Generator::Base
+  def initialize(runtime_args, runtime_options = {})
+    super
+
+    @app_name  = File.basename(RAILS_ROOT)
+    @auth_name = args.shift
+    raise ArgumentError, "Must specify name for global session authority, e.g. 'mycoolapp'" unless @auth_name
+  end
+
+  def manifest
+    record do |m|
+      new_key     = OpenSSL::PKey::RSA.generate( 1024 )
+      new_public  = new_key.public_key.to_pem
+      new_private = new_key.to_pem
+
+      dest_dir = File.join(RAILS_ROOT, 'config', 'authorities')
+      FileUtils.mkdir_p(dest_dir)
+
+      File.open(File.join(dest_dir, @auth_name + ".pub"), 'w') do |f|
+        f.puts new_public
+      end
+
+      File.open(File.join(dest_dir, @auth_name + ".key"), 'w') do |f|
+        f.puts new_private
+      end
+
+      puts "***"
+      puts "*** Don't forget to delete config/authorities/#{@auth_name}.key"
+      puts "***"
+    end
+  end
+end

data/rails_generators/global_session_config/USAGE

@@ -0,0 +1,2 @@
+./script/generate global_session config <DNS domain for cookie>
+./script/generate global_session authority <name of authority>

data/rails_generators/global_session_config/global_session_config_generator.rb

@@ -0,0 +1,19 @@
+class GlobalSessionConfigGenerator < Rails::Generator::Base
+  def initialize(runtime_args, runtime_options = {})
+    super
+
+    @app_name   = File.basename(RAILS_ROOT)
+    @app_domain = args.shift
+    raise ArgumentError, "Must specify DNS domain for global session cookie, e.g. 'example.com'" unless @app_domain
+  end
+
+  def manifest
+    record do |m|
+      
+      m.template 'global_session.yml.erb',
+                 'config/global_session.yml',
+                 :assigns=>{:app_name=>@app_name,
+                            :app_domain=>@app_domain}
+    end
+  end
+end

data/rails_generators/global_session_config/templates/global_session.yml.erb

@@ -0,0 +1,51 @@
+# Common settings of the global session (that apply to all Rails environments)
+# are listed here. These may be overidden in the environment-specific section.
+common:
+  attributes:
+    # Signed attributes of the global session
+    signed:
+    - user
+    # Untrusted attributes of the global session
+    insecure:
+    - account
+  # Enable local session integration in order to use the ActionController
+  # method #session to access both local AND global session state, with
+  # global attributes always taking precedence over local attributes.
+  integrated: true
+  ephemeral: false
+  
+# Test/spec runs
+test:
+  timeout: 15 #minutes
+  renew: 5 #minutes before expiration
+  cookie:
+    name: _session_gbl
+    domain: localhost
+  #the name of the local authority (optional)
+  authority: test
+  #which authorities this app will trust
+  trust:
+  - test
+
+# Development mode
+development:
+  timeout: 60
+  renew: 15
+  cookie:
+    name: _session_gbl
+    domain: localhost
+  authority: development
+  trust:
+  - development
+  - production
+
+# Production mode
+production:
+  timeout: 60
+  renew: 15
+  cookie:
+    name: _session_gbl
+    domain: <%= app_domain %>
+  authority: production
+  trust:
+  - production

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: has_global_session
 version: !ruby/object:Gem::Version 
-  hash: 43
+  hash: 59
   prerelease: false
   segments: 
   - 0
-  - 8
-  - 10
-  version: 0.8.10
+  - 9
+  - 0
+  version: 0.9.0
 platform: ruby
 authors: 
 - Tony Spataro
@@ -117,8 +117,13 @@ files:
 - lib/has_global_session/encoding.rb
 - lib/has_global_session/global_session.rb
 - lib/has_global_session/integrated_session.rb
-- rails/action_controller_instance_methods.rb
+- lib/has_global_session/rails.rb
+- lib/has_global_session/rails/action_controller_instance_methods.rb
 - rails/init.rb
+- rails_generators/global_session_authority/global_session_authority_generator.rb
+- rails_generators/global_session_config/USAGE
+- rails_generators/global_session_config/global_session_config_generator.rb
+- rails_generators/global_session_config/templates/global_session.yml.erb
 has_rdoc: true
 homepage: http://github.com/xeger/has_global_session
 licenses: []

data/rails/action_controller_instance_methods.rb

@@ -1,106 +0,0 @@
-module HasGlobalSession
-  module ActionControllerInstanceMethods
-    def self.included(base)
-      if Configuration['integrated']
-        base.alias_method_chain :session, :global_session
-      end
-    end
-
-    def global_session
-      @global_session
-    end
-
-    def session_with_global_session
-      if global_session
-        unless @integrated_session && (@integrated_session.global == @global_session)
-          @integrated_session =
-            IntegratedSession.new(session_without_global_session, global_session)
-        end
-        return @integrated_session
-      else
-        return session_without_global_session
-      end
-    end
-
-    def global_session_read_cookie
-      if (klass = Configuration['directory'])
-        klass = klass.constantize
-      else
-        klass = Directory
-      end
-
-      directory = klass.new(File.join(RAILS_ROOT, 'config', 'authorities'))
-      cookie_name = Configuration['cookie']['name']
-      cookie      = cookies[cookie_name]
-
-      begin
-        #unserialize the global session from the cookie, or
-        #initialize a new global session if cookie == nil
-        @global_session = GlobalSession.new(directory, cookie)
-        return true
-      rescue Exception => e
-        #silently recover from any error by initializing a new global session
-        @global_session = GlobalSession.new(directory)
-        #give the Rails app a chance to handle the exception
-        #unless it's an ExpiredSession, which we handle transparently
-        raise e unless e.is_a?(ExpiredSession)
-      end
-    end
-
-    def global_session_update_cookie
-      name   = Configuration['cookie']['name']
-      domain = Configuration['cookie']['domain']
-
-      begin
-        if @global_session && @global_session.valid?
-          value   = @global_session.to_s
-          expires = Configuration['ephemeral'] ? nil : @global_session.expired_at
-          
-          unless (cookies[name] == value)
-            #Update the cookie only if its value has changed
-            cookies[name] = {:value => value, :domain=>domain, :expires=>expires}
-          end
-        else
-          #No valid session? Write an empty cookie.
-          cookies[name] = {:value=>nil, :domain=>domain, :expires=>Time.at(0)}
-        end
-      rescue Exception => e
-        #silently recover from any error by wiping the cookie
-        cookies[name] = {:value=>nil, :domain=>domain, :expires=>Time.at(0)}
-        #give the Rails app a chance to handle the exception
-        raise e
-      end
-    end
-
-    def log_processing
-      if logger && logger.info?
-        log_processing_for_request_id
-        log_processing_for_parameters
-      end
-    end
-
-    def log_processing_for_request_id()
-      if global_session && global_session.id
-        session_id = global_session.id + " (#{session[:session_id]})"
-      elsif session[:session_id]
-        session_id = session[:session_id]
-      elsif request.session_options[:id]
-        session_id = request.session_options[:id]
-      end
-
-      request_id = "\n\nProcessing #{self.class.name}\##{action_name} "
-      request_id << "to #{params[:format]} " if params[:format]
-      request_id << "(for #{request_origin.split[0]}) [#{request.method.to_s.upcase}]"
-      request_id << "\n  Session ID: #{session_id}" if session_id
-
-      logger.info(request_id)
-    end
-
-    def log_processing_for_parameters
-      parameters = respond_to?(:filter_parameters) ? filter_parameters(params) : params.dup
-      parameters = parameters.except!(:controller, :action, :format, :_method)
-
-      logger.info "  Parameters: #{parameters.inspect}" unless parameters.empty?
-    end
-  end
-end