lux-fw 0.5.36 → 0.6.2

data/lib/lux/current/current.rb

@@ -1,107 +1,196 @@
-# frozen_string_literal: true
+module Lux
+  class Current
+    # set to true if user is admin and you want him to be able to clear caches in production
+    attr_accessor :can_clear_cache
+
+    attr_accessor :session, :locale, :error
+    attr_reader   :request, :response, :nav, :var, :env, :params
+
+    def initialize env = nil, opts = {}
+      @env     = env || '/mock'
+      @env     = ::Rack::MockRequest.env_for(env) if env.is_a?(String)
+      @request = ::Rack::Request.new @env
+
+      # fix params if defined
+      if opts.keys.length > 0
+        opts = opts.to_hwia :params, :post, :method, :session, :cookies, :query_string
+
+        if opts[:post]
+          opts[:method] = 'POST'
+          opts[:params] = opts[:post]
+        end
+      end
+
+      # reset page cache
+      Thread.current[:lux] = self
 
-# we need this for command line
-Thread.current[:lux] ||= { cache: {} }
+      # overload request method
+      @request.env['REQUEST_METHOD'] = opts[:method].to_s.upcase if opts[:method]
 
-class Lux::Current
-  # set to true if user is admin and you want him to be able to clear caches in production
-  attr_accessor :can_clear_cache
+      # set cookies
+      @request.cookies.merge opts[:cookies] if opts[:cookies]
 
-  attr_accessor :session, :locale
-  attr_reader   :request, :response, :nav
+      prepare_params opts
 
-  def initialize env=nil
-    env   ||= '/mock'
-    env     = ::Rack::MockRequest.env_for(env) if env.is_a?(String)
-    request = ::Rack::Request.new env
+      # base vars
+      @files_in_use = []
+      @response     = Lux::Response.new
+      @session      = Lux::Current::Session.new @request
+      @nav          = Lux::Application::Nav.new @request
+      @var          = {}.to_hwia
 
-    # reset page cache
-    Thread.current[:lux] = { cache:{}, page: self }
+      opts[:session].or({}).each {|k,v| @session[k] = v }
+    end
+
+    def [] name
+      @var[name]
+    end
+
+    def []= name, val
+      @var[name] = val
+    end
+
+    # Full host with port
+    def host
+      "#{request.env['rack.url_scheme']}://#{request.host}:#{request.port}".sub(':80','')# rescue 'http://locahost:3000'
+    end
 
-    @files_in_use = []
-    @response     = Lux::Response.new
-    @request      = request
-    @session      = Lux::Current::Session.new request
+    # Cache data in scope of current request
+    def cache key
+      root = @var[:cache] ||= {}
+      data = root[key] # it is array ref because we want to cache nil results too
 
-    # remove empty paramsters in GET request
-    if request.request_method == 'GET'
-      for el in request.params.keys
-        request.params.delete(el) if request.params[el].blank?
+      unless data
+        data = [yield]
+        root[key] = data
       end
+
+      data[0]
     end
 
-    # indiferent access
-    request.instance_variable_set(:@params, request.params.h_wia) if request.params.keys.length > 0
+    # Set Lux.current.can_clear_cache = true in production for admins
+    def no_cache? shallow_check = false
+      check = @request.env['HTTP_CACHE_CONTROL'].to_s.downcase == 'no-cache'
+
+      if check
+        if shallow_check || Lux.env.no_cache?
+          true
+        else
+          can_clear_cache ? true : false
+        end
+      else
+        false
+      end
+    end
 
-    Lux::Current::EncryptParams.decrypt request.params
-    ap request.params if request.post? && Lux.config(:log_to_stdout)
+    # Execute action once per page
+    def once id = nil
+      id ||= Digest::SHA1.hexdigest caller[0]
 
-    @nav = Lux::Application::Nav.new request
-  end
+      @once_hash ||= {}
+      return false if @once_hash[id]
+      @once_hash[id] = true
 
-  def domain
-    host = Lux.current.request.host.split('.')
-    host_country = host.pop
-    host_name    = host.pop
-    host_name ? "#{host_name}.#{host_country}" : host_country
-  end
+      if block_given?
+        yield || true
+      else
+        true
+      end
+    end
 
-  def host
-    "#{request.env['rack.url_scheme']}://#{request.host}:#{request.port}".sub(':80','')# rescue 'http://locahost:3000'
-  end
+    # Generete unique ID par page render
+    # current.uid => "uid_123_1668273316128"
+    # current.uid(true) => 123
+    def uid num_only = false
+      Thread.current[:lux][:uid_cnt] ||= 0
+      num = Thread.current[:lux][:uid_cnt] += 1
+      num_only ? num : "uid_#{num}_#{(Time.now.to_f*1000).to_i}"
+    end
 
-  def var
-    Thread.current[:lux][:var] ||= Hashie::Mash.new
-  end
+    # Get or check current session secure token
+    def secure_token token = nil
+      generated = Crypt.sha1(self.ip)
+      token ? (generated == token) : generated
+    end
 
-  # cache data in current page
-  def cache key
-    data = Thread.current[:lux][:cache][key]
-    return data if data
-    Thread.current[:lux][:cache][key] = yield
-  end
+    def robot?
+      ua = request.env['HTTP_USER_AGENT'].to_s.downcase
+      ua.include?('wget/') || ua.include?('curl/')
+    end
 
-  # set current.can_clear_cache = true in production for admins
-  def no_cache?
-    @can_clear_cache = true if Lux.dev?
-    @can_clear_cache && @request.env['HTTP_CACHE_CONTROL'].to_s.downcase == 'no-cache' ? true : false
-  end
+    # Add to list of files in use
+    def files_in_use file = nil
+      return @files_in_use unless file
+      return unless file.class == String
 
-  def redirect *args
-    response.redirect *args
-  end
+      file = file.sub './', ''
 
-  # execute action once per page
-  def once id=nil, data=nil, &block
-    id ||= Digest::SHA1.hexdigest caller[0] if block
+      if @files_in_use.include?(file)
+        true
+      else
+        @files_in_use.push file
+        yield(file) if block_given?
+        false
+      end
+    end
 
-    @once_hash ||= {}
-    return if @once_hash[id]
-    @once_hash[id] = true
+    # Thread.new but copies env to a thread
+    def delay *args
+      if block_given?
+        lux_env = self.dup
+        Thread.new do
+          begin
+            Thread.current[:lux] = lux_env
+            Timeout::timeout(Lux.config.delay_timeout) do
+              yield *args
+            end
+          rescue => e
+            Lux.error.log e
+            Lux.log ['Lux.current.delay error: %s' % e.message, e.backtrace].join($/)
+          end
+        end
+      else
+        raise ArgumentError, 'Block not given'
+      end
+    end
 
-    block_given? ? yield : data
-  end
+    def ip
+      request.env['HTTP_CF_CONNECTING_IP'] || # will not work with cloudflare if removed
+      request.env['HTTP_X_FORWARDED_FOR'] ||
+      request.env['REMOTE_ADDR'] ||
+      '127.0.0.1'
+    end
 
-  def uid
-    Thread.current[:uid_cnt] ||= 0
-    "uid-#{Thread.current[:uid_cnt]+=1}"
-  end
+    def encrypt data, opts={}
+      opts[:password] ||= self.ip
+      opts[:ttl]      ||= 10.minutes
+      Crypt.encrypt(data, opts)
+    end
 
-  def files_in_use file=nil
-    if block_given?
-      return yield(file) unless @files_in_use.include?(file)
+    def decrypt token, opts={}
+      opts[:password] ||= self.ip
+      Crypt.decrypt(token, opts)
     end
 
-    return @files_in_use unless file
-    return unless Lux.config(:log_to_stdout)
+    # Crypt.encrypt('secret', ttl:1.hour, password:'pa$$w0rd')
+    private
+
+    def prepare_params opts
+      # patch params to support indiferent access 😈
+      # request.instance_variable_set(:@params, request.params.to_hwia) if request.params.keys.length > 0
 
-    file = file.sub './', ''
+      # merge qs if present
+      @params = (@request.params.dup || {}).to_hwia
+      @params.merge! opts[:query_string] if opts[:query_string]
+
+      # remove empty parametars in GET request
+      if request.request_method == 'GET'
+        for el in @params.keys
+          @params.delete(el) if @params[el].blank?
+        end
+      end
 
-    if @files_in_use.include?(file)
-      true
-    else
-      @files_in_use.push file
-      false
+      Lux::Current::EncryptParams.decrypt @params
     end
   end
 end

data/lib/lux/current/lib/current.rb

@@ -0,0 +1,6 @@
+class Current
+  def self.method_missing mame, *args
+    eval "def Current.#{mame} *list; Lux.current.#{mame} *list; end"
+    Current.send mame, *args
+  end
+end

data/lib/lux/current/lib/encrypt_params.rb

@@ -1,44 +1,46 @@
 # used for encrypting and decrypting data in forms
 
-module Lux::Current::EncryptParams
-  extend self
-
-  @cnt = 0
-
-  # encrypt_param('dux', 'foo')
-  # <OpenStruct name="_data_1", value="eyJ0eXAiOiJKV1QiLCJhbGciOi..."
-  def encrypt name, value
-    base = name.include?('[') ? name.split(/[\[\]]/).first(2).join('::') : name
-    base += '#%s' % value
-
-    OpenStruct.new(name: "_data_#{@cnt+=1}", value: Crypt.encrypt(base))
-  end
+module Lux
+  class Current
+    module EncryptParams
+      extend self
+
+      # encrypt_param('dux', 'foo')
+      # <OpenStruct name="_data_1", value="eyJ0eXAiOiJKV1QiLCJhbGciOi..."
+      def encrypt name, value
+        base = name.include?('[') ? name.split(/[\[\]]/).first(2).join('::') : name
+        base += '#%s' % value
+
+        OpenStruct.new(name: "_data_#{Lux.current.uid}", value: Crypt.encrypt(base))
+      end
 
-  def hidden_input name, value
-    data = encrypt name, value
+      def hidden_input name, value
+        data = encrypt name, value
 
-    %[<input type="hidden" name="#{data.name}" value="#{data.value}" />]
-  end
+        %[<input type="hidden" name="#{data.name}" value="#{data.value}" />]
+      end
 
-  # decrypts params starting with _data_
-  def decrypt hash
-    for key in hash.keys
-      next unless key.starts_with?('_data_')
-      data = Crypt.decrypt(hash.delete(key))
-      data, value = data.split('#', 2)
-      data = data.split('::')
-
-      if data[1]
-        hash[data[0]] ||= {}
-        hash[data[0]][data[1]] = value
-      else
-        hash[data[0]] = value
+      # decrypts params starting with _data_
+      def decrypt hash
+        for key in hash.keys
+          next unless key.starts_with?('_data_')
+          data = Crypt.decrypt(hash.delete(key))
+          data, value = data.split('#', 2)
+          data = data.split('::')
+
+          if data[1]
+            hash[data[0]] ||= {}
+            hash[data[0]][data[1]] = value
+          else
+            hash[data[0]] = value
+          end
+        end
+
+        hash
+      rescue
+        Lux.log ' Lux::Current::EncryptParams decrypt error'.red
+        {}
       end
     end
-
-    hash
-  rescue
-    Lux.log ' Lux::Current::EncryptParams decrypt error'.red
-    {}
   end
-end
+end

data/lib/lux/current/lib/session.rb

@@ -1,72 +1,93 @@
 # vars
 # Lux.config.session_cookie_name
 # Lux.config.session_cookie_max_age
-# Lux.config.session_cookie_domain
 
-class Lux::Current::Session
-  def initialize request
-    # how long will session last if BROWSER or IP change
-    Lux.config.session_forced_validity ||= 10.minutes.to_i
-
-    # name of the session cookie
-    @cookie_name = Lux.config.session_cookie_name ||= 'lux_' + Crypt.sha1(Lux.config.secret)[0,4].downcase
-    @request     = request
-    @session     = JSON.parse(Crypt.decrypt(request.cookies[@cookie_name] || '{}')) rescue {}
-
-    security_check
-  end
-
-  def [] key
-    @session[key.to_s.downcase]
-  end
-
-  def []= key, value
-    @session[key.to_s.downcase] = value
-  end
-
-  def delete key
-    @session.delete key.to_s.downcase
-  end
-
-  def generate_cookie
-    encrypted = Crypt.encrypt(@session.to_json)
-
-    if @request.cookies[@cookie_name] != encrypted
-      cookie = []
-      cookie.push [@cookie_name, encrypted].join('=')
-      cookie.push 'Max-Age=%s' % (Lux.config.session_cookie_max_age || 1.week.to_i)
-      cookie.push "Path=/"
-      cookie.push "Domain=#{Lux.config.session_cookie_domain}" if Lux.config.session_cookie_domain
-      cookie.push "secure" if Lux.config.host.include?('https:')
-      cookie.push "HttpOnly"
-
-      cookie.join('; ')
-    else
-      nil
+# IMPORTANT - it is probably not a bug!
+# If you have issues with cookies and sessions, try annonymous window and check info on set headers
+# sometimes there is a bug there and cookie will not be set because of http https issues
+
+module Lux
+  class Current
+    class Session
+      attr_reader :hash, :cookie_name
+
+      def initialize request
+        # how long will session last if BROWSER or IP change
+        Lux.config[:session_forced_validity] ||= 10.minutes.to_i
+        Lux.config[:session_cookie_max_age]  ||= 1.week.to_i
+
+        # name of the session cookie
+        @cookie_name = Lux.config[:session_cookie_name] ||= 'lux_' + Crypt.sha1(Lux.config.secret)[0,4].downcase
+        @request     = request
+        @hash        = JSON.parse(Crypt.decrypt(request.cookies[@cookie_name] || '{}')) rescue {}
+
+        security_check
+      end
+
+      def [] key
+        @hash[key.to_s.downcase]
+      end
+
+      def []= key, value
+        @hash[key.to_s.downcase] = value
+      end
+
+      def delete key
+        @hash.delete key.to_s.downcase
+      end
+
+      def generate_cookie
+        encrypted = Crypt.encrypt(@hash.to_json)
+
+        if @request.cookies[@cookie_name] != encrypted
+          cookie_domain = Lux.current.var[:lux_cookie_domain] || Lux.current.nav.domain
+
+          cookie = []
+          cookie.push [@cookie_name, encrypted].join('=')
+          cookie.push 'Max-Age=%s' % (Lux.config.session_cookie_max_age)
+          cookie.push "Path=/"
+          cookie.push "Domain=#{cookie_domain}"
+          cookie.push "secure" if Lux.current.request.url.start_with?('https:')
+          cookie.push "HttpOnly"
+          cookie.push "SameSite=Lax"
+
+          cookie.join('; ')
+        else
+          nil
+        end
+      end
+
+      def merge! hash={}
+        @hash.keys.each { |k| self[k] = @hash[k] }
+      end
+
+      def keys
+        @hash.keys
+      end
+
+      def to_h
+        @hash
+      end
+
+      private
+
+      def security_check
+        key   = '_c'
+        ip    = Lux.current.ip.split('.').first(3).join('.') # only 3 first numbers of IP
+        check = Crypt.sha1(ip+@request.env['HTTP_USER_AGENT'].to_s)[0, 5]
+
+        # force type array
+        @hash.delete(key) unless @hash[key].class == Array
+
+        # allow 10 mins delay for IP change
+        if @hash[key] && (@hash[key][0] != check && @hash[key][1].to_i < Time.now.to_i - Lux.config.session_forced_validity)
+          @hash = {}
+        end
+
+        # add new time stamp to every request
+        @hash[key] = [check, Time.now.to_i]
+      end
     end
   end
+end
 
-  def merge! hash={}
-    hash.keys.each { |k| self[k] = hash[k] }
-  end
-
-  def hash
-    @session.dup
-  end
-
-  private
-
-  def security_check
-    key   = '_c'
-    check = Crypt.sha1(@request.ip.to_s+@request.env['HTTP_USER_AGENT'].to_s)[0, 5]
-
-    # force type array
-    @session.delete(key) unless @session[key].class == Array
-
-    # allow 10 mins delay for IP change
-    @session = {} if @session[key] && (@session[key][0] != check && @session[key][1].to_i < Time.now.to_i - Lux.config.session_forced_validity)
-
-    # add new time stamp to every request
-    @session[key] = [check, Time.now.to_i]
-  end
-end

data/lib/lux/current/lux_adapter.rb

@@ -0,0 +1,5 @@
+module Lux
+  def current
+    Thread.current[:lux] ||= Lux::Current.new('/mock')
+  end
+end

data/lib/lux/environment/README.md

@@ -0,0 +1,24 @@
+## Lux.env (Lux::Environment)
+
+Module provides access to environment settings.
+
+```ruby
+Lux.env.development? # true in development and test
+Lux.env.production?  # true in production and log
+Lux.env.test?        # true for test
+Lux.env.log?         # true for log
+Lux.env.rake?        # true if run in rake
+Lux.env.cli?         # true if not run under web server
+
+# aliases
+Lux.env.dev?  # Lux.env.development?
+Lux.env.prod? # Lux.env.production?
+```
+
+Lux provides only 4 environent modes that are set via `ENV['RACK_ENV']` settings -
+  `development`, `production`, `test` and `log`.
+  * `test` and `log` are special modes
+    * `test`: will retun true to `Lux.env.test?` and `Lux.env.develoment?`
+    * `log`: Production mode with output logging. It will retun true for
+      `Lux.env.log?` and `Lux.env.production?` or `Lux.env.prod?`.
+      This mode is activated if you run server with `bundle exec lux ss`

data/lib/lux/environment/environment.rb

@@ -0,0 +1,91 @@
+module Lux
+  class Environment
+    ENVS ||= %w(development production test)
+
+    def initialize env_name
+      if env_name.empty?
+        raise ArgumentError.new('RACK_ENV is not defined') # never default to "development", because it could be loaded as default in production
+      elsif !ENVS.include?(env_name)
+        raise ArgumentError.new('Unsupported environemt: %s (supported are %s)' % [env_name, ENVS])
+      end
+
+      @env_name = env_name
+    end
+
+    def development?
+      @env_name != 'production'
+    end
+    alias :dev? development?
+
+    def production?
+      @env_name == 'production'
+    end
+    alias :prod? :production?
+
+    def test?
+      $0.end_with?('/rspec') || @env_name == 'test'
+    end
+
+    def rake?
+      $0.end_with?('/rake')
+    end
+
+    def live?
+      value = ENV['LUX_LIVE'] || Lux.die('ENV LUX_LIVE not defined')
+      value == 'true'
+    end
+
+    def local?
+      !live?
+    end
+
+    def web?
+      if @env_web.nil?
+        list = ObjectSpace.each_object(Class).map(&:to_s)
+        @env_web = list.include?('#<Class:Rack::Server>') || list.include?('Puma::Launcher')
+      end
+
+      @env_web
+    end
+
+    def cli?
+      !web?
+    end
+
+    def cache?
+      !no_cache?
+    end
+
+    def no_cache?
+      @no_cache = ENV['LUX_ENV'].include?('c') if @no_cache.nil?
+      @no_cache
+    end
+
+    def show_errors?
+      @show_errors = ENV['LUX_ENV'].include?('e') if @show_errors.nil?
+      @show_errors
+    end
+
+    def reload_code?
+      @reload_code = ENV['LUX_ENV'].include?('r') if @reload_code.nil?
+      @reload_code
+    end
+
+    def screen_log?
+      @screen_log = ENV['LUX_ENV'].include?('l') if @screen_log.nil?
+      @screen_log
+    end
+
+    ###
+
+    # Lux.env == :dev
+    def == what
+      return true if what.to_s == @env_name
+      send '%s?' % what
+    end
+
+    def to_s
+      production? ? 'production' : 'development'
+    end
+  end
+end

data/lib/lux/environment/lux_adapter.rb

@@ -0,0 +1,13 @@
+# Lux.env.to_s            # 'development'
+# Lux.env == :dev         # true
+# Lux.env == :development # true
+# Lux.env.development?    # true
+# Lux.env.dev?            # true
+
+module Lux
+  def env test=nil
+    @env_base ||= Lux::Environment.new ENV.fetch('RACK_ENV')
+
+    test ? @env_base == test : @env_base
+  end
+end