ixtlan-session-timeout 0.1.1 → 0.2.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/MIT-LICENSE +20 -0
  2. data/lib/ixtlan/sessions/railtie.rb +2 -1
  3. data/lib/ixtlan/sessions/timeout.rb +14 -8
  4. data/spec/timeout_spec.rb +19 -5
  5. metadata +7 -7
data/MIT-LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright (c) 2008 Kristian Meier
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/lib/ixtlan/sessions/railtie.rb CHANGED
@@ -9,11 +9,12 @@ module Ixtlan
9
9
  app.config.class.class_eval do
10
10
  attr_accessor :idle_session_timeout
11
11
  end
12
- app.config.idle_session_timeout = 5 #minutes
12
+ app.config.idle_session_timeout = 15 #minutes
13
13
  end
14
14
 
15
15
  config.after_initialize do |app|
16
16
  ::ActionController::Base.send(:include, Ixtlan::Sessions::Timeout)
17
+ ::ActionController::Base.send(:before_filter, :check_session)
17
18
  end
18
19
  end
19
20
  end
data/lib/ixtlan/sessions/timeout.rb CHANGED
@@ -23,21 +23,24 @@ module Ixtlan
23
23
  session_timeout
24
24
  return false
25
25
  end
26
-
26
+
27
+ unless respond_to? :logged_in?
28
+ def logged_in?
29
+ respond_to?(:current_user) && send(:current_user)
30
+ end
31
+ end
32
+
27
33
  protected
28
34
 
29
35
  def check_session_expiry
30
- puts "- - - -"
31
- p session[:expires_at].asctime if session[:expires_at]
32
- p DateTime.now.asctime
33
- p ( session[:expires_at] && session[:expires_at] < DateTime.now)
36
+ return true unless logged_in?
34
37
  if session[:expires_at] && session[:expires_at] < DateTime.now
35
38
  # Session has expired.
36
39
  session_log("session timeout")
37
40
  expire_session
38
41
  else
39
42
  # Assign a new expiry time
40
- session[:expires_at] = session_idle_timeout.minutes.from_now
43
+ session[:expires_at] = idle_session_timeout.minutes.from_now
41
44
  return true
42
45
  end
43
46
  end
@@ -45,6 +48,7 @@ p ( session[:expires_at] && session[:expires_at] < DateTime.now)
45
48
  # IP binding is not very useful in the wild since some ISP use
46
49
  # a different IP for each request, i.e. the session uses many IPs
47
50
  def check_session_ip_binding
51
+ return true unless logged_in?
48
52
  if !session[:session_ip].nil? && session[:session_ip] != request.headers['REMOTE_ADDR']
49
53
  # client IP has changed
50
54
  session_log("IP changed from #{session[:session_ip]} to #{request.headers['REMOTE_ADDR']}")
@@ -57,10 +61,12 @@ p ( session[:expires_at] && session[:expires_at] < DateTime.now)
57
61
  end
58
62
 
59
63
  def check_session
64
+ return true unless logged_in?
60
65
  check_session_browser_signature && check_session_expiry
61
66
  end
62
67
 
63
68
  def check_session_browser_signature
69
+ return true unless logged_in?
64
70
  if !session[:session_browser_signature].nil? and session[:session_browser_signature] != retrieve_browser_signature
65
71
  # browser signature has changed
66
72
  session_log("browser signature changed from #{session[:session_browser_signature]} to #{retrieve_browser_signature}")
@@ -90,8 +96,8 @@ p ( session[:expires_at] && session[:expires_at] < DateTime.now)
90
96
  end
91
97
  end
92
98
 
93
- def session_idle_timeout
94
- Rails.configuration.session_idle_timeout
99
+ def idle_session_timeout
100
+ Rails.configuration.idle_session_timeout
95
101
  end
96
102
  end
97
103
  end
data/spec/timeout_spec.rb CHANGED
@@ -4,6 +4,8 @@ require 'date'
4
4
 
5
5
  class Controller
6
6
 
7
+ attr_accessor :current_user
8
+
7
9
  def logger
8
10
  @logger ||= Logger.new(STDOUT)
9
11
  end
@@ -52,7 +54,7 @@ class Rails
52
54
  self
53
55
  end
54
56
 
55
- def self.session_idle_timeout(val = nil)
57
+ def self.idle_session_timeout(val = nil)
56
58
  @val = MyDate.new(val) if val
57
59
  @val
58
60
  end
@@ -84,6 +86,7 @@ describe Ixtlan::Sessions::Timeout do
84
86
 
85
87
  before :each do
86
88
  @controller.session.clear
89
+ @controller.current_user = Object.new
87
90
  end
88
91
 
89
92
  it "should keep session when staying on same remote IP" do
@@ -107,7 +110,7 @@ describe Ixtlan::Sessions::Timeout do
107
110
  end
108
111
 
109
112
  it "should keep session if idle timeout is in the future" do
110
- Rails.configuration.session_idle_timeout(1)
113
+ Rails.configuration.idle_session_timeout(1)
111
114
  @controller.session.size.should == 0
112
115
  @controller.send(:check_session_expiry).should be_true
113
116
  @controller.session.size.should == 1
@@ -116,7 +119,7 @@ describe Ixtlan::Sessions::Timeout do
116
119
  end
117
120
 
118
121
  it "should kill session if idle timeout is in the past" do
119
- Rails.configuration.session_idle_timeout(-1)
122
+ Rails.configuration.idle_session_timeout(-1)
120
123
  @controller.session.size.should == 0
121
124
  # first the session has not expiration_date so it will be set
122
125
  @controller.send(:check_session_expiry).should be_true
@@ -126,9 +129,20 @@ describe Ixtlan::Sessions::Timeout do
126
129
  @controller.session.size.should == 0
127
130
  end
128
131
 
129
- it "should use the controller session_idle_timeout if overwritten" do
132
+ it "should leave session along if there is no current_user" do
133
+ @controller.current_user = nil
134
+ @controller.session.size.should == 0
135
+ @controller.send(:check_session_expiry).should be_true
136
+ @controller.session.size.should == 0
137
+ @controller.send(:check_session_browser_signature).should be_true
138
+ @controller.session.size.should == 0
139
+ @controller.send(:check_session_ip_binding).should be_true
140
+ @controller.session.size.should == 0
141
+ end
142
+
143
+ it "should use the controller idle_session_timeout if overwritten" do
130
144
  @controller.class.class_eval do
131
- def session_idle_timeout
145
+ def idle_session_timeout
132
146
  MyDate.new(1)
133
147
  end
134
148
  end
metadata CHANGED
@@ -4,9 +4,9 @@ version: !ruby/object:Gem::Version
4
4
  prerelease: false
5
5
  segments:
6
6
  - 0
7
- - 1
8
- - 1
9
- version: 0.1.1
7
+ - 2
8
+ - 0
9
+ version: 0.2.0
10
10
  platform: ruby
11
11
  authors:
12
12
  - mkristian
@@ -14,7 +14,7 @@ autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
16
 
17
- date: 2011-03-22 00:00:00 +05:30
17
+ date: 2011-04-03 00:00:00 +05:30
18
18
  default_executable:
19
19
  dependencies:
20
20
  - !ruby/object:Gem::Dependency
@@ -55,6 +55,7 @@ extensions: []
55
55
  extra_rdoc_files: []
56
56
 
57
57
  files:
58
+ - MIT-LICENSE
58
59
  - lib/ixtlan-session-timeout.rb
59
60
  - lib/ixtlan/sessions/timeout.rb
60
61
  - lib/ixtlan/sessions/railtie.rb
@@ -64,9 +65,8 @@ homepage: http://github.com/mkristian/ixtlan-session-timeout
64
65
  licenses:
65
66
  - MIT-LICENSE
66
67
  post_install_message:
67
- rdoc_options:
68
- - --main
69
- - README.textile
68
+ rdoc_options: []
69
+
70
70
  require_paths:
71
71
  - lib
72
72
  required_ruby_version: !ruby/object:Gem::Requirement