macaw_framework 1.2.5 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +13 -2
- data/lib/macaw_framework/core/common/server_base.rb +14 -9
- data/lib/macaw_framework/version.rb +1 -1
- data/lib/macaw_framework.rb +25 -18
- data/sig/macaw_framework/macaw.rbs +3 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2353cd5ffe4a264a2eacab71fc2de65c5c4a6b2cd925666529e36b8bdde0ada6
|
|
4
|
+
data.tar.gz: 4855cf3e106380f6c6718058001cd6cbd888a6c0f1927f833da3bc97cf648785
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 85f5262044b8b3029ad507d501655f72ccd022630b34fc72a5606fe993d223a7e83b245b2ee858adbedf1723717d2d050e1276badf2a353d89612d2c544253a4
|
|
7
|
+
data.tar.gz: 31b67715e3f2b2c792262d53f6488ae0b8df38c2c1f700fd5590b45927f49dc47fa8c84db884d2ec560b0e981582091b3f38a0f8af06bbddb26efd26f33e2e58
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -113,6 +113,15 @@ end
|
|
|
113
113
|
|
|
114
114
|
### Session management: Handle user sessions with server-side in-memory storage
|
|
115
115
|
|
|
116
|
+
Session will only be enabled if it's configurations exists in the `application.json` file.
|
|
117
|
+
The session mechanism works by recovering the Session ID from a client sent header. The default
|
|
118
|
+
header is `X-Session-ID`, but it can be changed in the `application.json` file.
|
|
119
|
+
|
|
120
|
+
This header will be sent back to the user on every response if Session is enabled. Also, the
|
|
121
|
+
session ID will be automatically generated and sent to a client if this client does not provide
|
|
122
|
+
a session id in the HTTP request. In the case of the client sending an ID of an expired session
|
|
123
|
+
the framework will return a new session with a new ID.
|
|
124
|
+
|
|
116
125
|
```ruby
|
|
117
126
|
m.get('/login') do |context|
|
|
118
127
|
# Authenticate user
|
|
@@ -129,8 +138,6 @@ m.get('/dashboard') do |context|
|
|
|
129
138
|
end
|
|
130
139
|
```
|
|
131
140
|
|
|
132
|
-
**Caution: This feature is vulnerable to IP spoofing and may disrupt sessions on devices sharing the same network (e.g., Wi-Fi).**
|
|
133
|
-
|
|
134
141
|
### Configuration: Customize various aspects of the framework through the application.json configuration file, such as rate limiting, SSL support, and Prometheus integration
|
|
135
142
|
|
|
136
143
|
```json
|
|
@@ -155,6 +162,10 @@ end
|
|
|
155
162
|
"key_type": "EC",
|
|
156
163
|
"cert_file_name": "path/to/cert/file/file.crt",
|
|
157
164
|
"key_file_name": "path/to/cert/key/file.key"
|
|
165
|
+
},
|
|
166
|
+
"session": {
|
|
167
|
+
"secure_header": "X-Session-ID",
|
|
168
|
+
"invalidation_time": 3600
|
|
158
169
|
}
|
|
159
170
|
}
|
|
160
171
|
}
|
|
@@ -8,6 +8,7 @@ require_relative "../../utils/supported_ssl_versions"
|
|
|
8
8
|
require_relative "../../aspects/prometheus_aspect"
|
|
9
9
|
require_relative "../../aspects/logging_aspect"
|
|
10
10
|
require_relative "../../aspects/cache_aspect"
|
|
11
|
+
require "securerandom"
|
|
11
12
|
|
|
12
13
|
##
|
|
13
14
|
# Base module for Server classes. It contains
|
|
@@ -21,14 +22,14 @@ module ServerBase
|
|
|
21
22
|
|
|
22
23
|
private
|
|
23
24
|
|
|
24
|
-
def call_endpoint(name, client_data,
|
|
25
|
+
def call_endpoint(name, client_data, session_id, _client_ip)
|
|
25
26
|
@macaw.send(
|
|
26
27
|
name.to_sym,
|
|
27
28
|
{
|
|
28
29
|
headers: client_data[:headers],
|
|
29
30
|
body: client_data[:body],
|
|
30
31
|
params: client_data[:params],
|
|
31
|
-
client: @session[
|
|
32
|
+
client: @session[session_id][0]
|
|
32
33
|
}
|
|
33
34
|
)
|
|
34
35
|
end
|
|
@@ -42,12 +43,14 @@ module ServerBase
|
|
|
42
43
|
raise EndpointNotMappedError unless @macaw.respond_to?(method_name)
|
|
43
44
|
raise TooManyRequestsError unless @rate_limit.nil? || @rate_limit.allow?(client.peeraddr[3])
|
|
44
45
|
|
|
45
|
-
declare_client_session(client)
|
|
46
46
|
client_data = get_client_data(body, headers, parameters)
|
|
47
|
+
session_id = declare_client_session(client_data[:headers], @macaw.secure_header) if @macaw.session
|
|
47
48
|
|
|
48
49
|
@macaw_log&.info("Running #{path.gsub("\n", "").gsub("\r", "")}")
|
|
49
50
|
message, status, response_headers = call_endpoint(@prometheus_middleware, @macaw_log, @cache,
|
|
50
|
-
method_name, client_data, client.peeraddr[3])
|
|
51
|
+
method_name, client_data, session_id, client.peeraddr[3])
|
|
52
|
+
response_headers ||= {}
|
|
53
|
+
response_headers[@macaw.secure_header] = session_id if @macaw.session
|
|
51
54
|
status ||= 200
|
|
52
55
|
message ||= nil
|
|
53
56
|
response_headers ||= nil
|
|
@@ -69,9 +72,11 @@ module ServerBase
|
|
|
69
72
|
end
|
|
70
73
|
end
|
|
71
74
|
|
|
72
|
-
def declare_client_session(
|
|
73
|
-
|
|
74
|
-
|
|
75
|
+
def declare_client_session(headers, secure_header_name)
|
|
76
|
+
session_id = headers[secure_header_name] || SecureRandom.uuid
|
|
77
|
+
session_id = SecureRandom.uuid if @session[session_id].nil?
|
|
78
|
+
@session[session_id] ||= [{}, Time.now]
|
|
79
|
+
session_id
|
|
75
80
|
end
|
|
76
81
|
|
|
77
82
|
def set_rate_limiting
|
|
@@ -110,7 +115,7 @@ module ServerBase
|
|
|
110
115
|
end
|
|
111
116
|
|
|
112
117
|
def set_session
|
|
113
|
-
@session
|
|
118
|
+
@session ||= {}
|
|
114
119
|
inv = if @macaw.config&.dig("macaw", "session", "invalidation_time")
|
|
115
120
|
MemoryInvalidationMiddleware.new(@macaw.config["macaw"]["session"]["invalidation_time"])
|
|
116
121
|
else
|
|
@@ -122,7 +127,7 @@ module ServerBase
|
|
|
122
127
|
def set_features
|
|
123
128
|
@is_shutting_down = false
|
|
124
129
|
set_rate_limiting
|
|
125
|
-
set_session
|
|
130
|
+
set_session if @macaw.session
|
|
126
131
|
set_ssl
|
|
127
132
|
end
|
|
128
133
|
end
|
data/lib/macaw_framework.rb
CHANGED
|
@@ -19,7 +19,7 @@ module MacawFramework
|
|
|
19
19
|
# Class responsible for creating endpoints and
|
|
20
20
|
# starting the web server.
|
|
21
21
|
class Macaw
|
|
22
|
-
attr_reader :routes, :macaw_log, :config, :jobs, :cached_methods
|
|
22
|
+
attr_reader :routes, :macaw_log, :config, :jobs, :cached_methods, :secure_header, :session
|
|
23
23
|
attr_accessor :port, :bind, :threads
|
|
24
24
|
|
|
25
25
|
##
|
|
@@ -28,23 +28,7 @@ module MacawFramework
|
|
|
28
28
|
# @param {ThreadServer} server
|
|
29
29
|
# @param {String?} dir
|
|
30
30
|
def initialize(custom_log: Logger.new($stdout), server: ThreadServer, dir: nil)
|
|
31
|
-
|
|
32
|
-
@routes = []
|
|
33
|
-
@cached_methods = {}
|
|
34
|
-
@macaw_log ||= custom_log
|
|
35
|
-
@config = JSON.parse(File.read("application.json"))
|
|
36
|
-
@port = @config["macaw"]["port"] || 8080
|
|
37
|
-
@bind = @config["macaw"]["bind"] || "localhost"
|
|
38
|
-
@threads = @config["macaw"]["threads"] || 200
|
|
39
|
-
unless @config["macaw"]["cache"].nil?
|
|
40
|
-
@cache = MemoryInvalidationMiddleware.new(@config["macaw"]["cache"]["cache_invalidation"].to_i || 3_600)
|
|
41
|
-
end
|
|
42
|
-
@prometheus = Prometheus::Client::Registry.new if @config["macaw"]["prometheus"]
|
|
43
|
-
@prometheus_middleware = PrometheusMiddleware.new if @config["macaw"]["prometheus"]
|
|
44
|
-
@prometheus_middleware.configure_prometheus(@prometheus, @config, self) if @config["macaw"]["prometheus"]
|
|
45
|
-
rescue StandardError => e
|
|
46
|
-
@macaw_log&.warn(e.message)
|
|
47
|
-
end
|
|
31
|
+
apply_options(custom_log)
|
|
48
32
|
create_endpoint_public_files(dir)
|
|
49
33
|
@port ||= 8080
|
|
50
34
|
@bind ||= "localhost"
|
|
@@ -193,6 +177,29 @@ module MacawFramework
|
|
|
193
177
|
|
|
194
178
|
private
|
|
195
179
|
|
|
180
|
+
def apply_options(custom_log)
|
|
181
|
+
@routes = []
|
|
182
|
+
@cached_methods = {}
|
|
183
|
+
@macaw_log ||= custom_log
|
|
184
|
+
@config = JSON.parse(File.read("application.json"))
|
|
185
|
+
@port = @config["macaw"]["port"] || 8080
|
|
186
|
+
@bind = @config["macaw"]["bind"] || "localhost"
|
|
187
|
+
@session = false
|
|
188
|
+
unless @config["macaw"]["session"].nil?
|
|
189
|
+
@session = true
|
|
190
|
+
@secure_header = @config["macaw"]["session"]["secure_header"] || "X-Session-ID"
|
|
191
|
+
end
|
|
192
|
+
@threads = @config["macaw"]["threads"] || 200
|
|
193
|
+
unless @config["macaw"]["cache"].nil?
|
|
194
|
+
@cache = MemoryInvalidationMiddleware.new(@config["macaw"]["cache"]["cache_invalidation"].to_i || 3_600)
|
|
195
|
+
end
|
|
196
|
+
@prometheus = Prometheus::Client::Registry.new if @config["macaw"]["prometheus"]
|
|
197
|
+
@prometheus_middleware = PrometheusMiddleware.new if @config["macaw"]["prometheus"]
|
|
198
|
+
@prometheus_middleware.configure_prometheus(@prometheus, @config, self) if @config["macaw"]["prometheus"]
|
|
199
|
+
rescue StandardError => e
|
|
200
|
+
@macaw_log&.warn(e.message)
|
|
201
|
+
end
|
|
202
|
+
|
|
196
203
|
def server_loop(server)
|
|
197
204
|
server.run
|
|
198
205
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: macaw_framework
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.2.
|
|
4
|
+
version: 1.2.6
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Aria Diniz
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2024-04-
|
|
11
|
+
date: 2024-04-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: prometheus-client
|