rack-auth-cookie 0.5.0 → 0.5.1
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/rack/auth/cookie.rb +30 -7
- data/rack-auth-cookie.gemspec +1 -1
- metadata +1 -1
data/lib/rack/auth/cookie.rb
CHANGED
|
@@ -55,11 +55,14 @@ module Rack
|
|
|
55
55
|
return finish(@app, env, cookie_value)
|
|
56
56
|
end
|
|
57
57
|
|
|
58
|
-
|
|
58
|
+
auth_datetime = Time.at(hash_data['AUTH_DATETIME']).utc
|
|
59
|
+
auth_expire_datetime = Time.at(hash_data['AUTH_EXPIRE_DATETIME']).utc
|
|
60
|
+
|
|
61
|
+
if auth_expire_datetime < Time.now.utc
|
|
59
62
|
auth_fail = "Timed out due to inactivity"
|
|
60
63
|
end
|
|
61
64
|
|
|
62
|
-
if
|
|
65
|
+
if auth_datetime + @@max_lifetime < Time.now.utc
|
|
63
66
|
auth_fail = "Maximum session length exceeded"
|
|
64
67
|
end
|
|
65
68
|
|
|
@@ -74,8 +77,8 @@ module Rack
|
|
|
74
77
|
|
|
75
78
|
env['AUTH_TYPE_THIS_REQUEST'] = "Cookie"
|
|
76
79
|
|
|
77
|
-
env['AUTH_DATETIME'] =
|
|
78
|
-
env['AUTH_EXPIRE_DATETIME'] =
|
|
80
|
+
env['AUTH_DATETIME'] = auth_datetime
|
|
81
|
+
env['AUTH_EXPIRE_DATETIME'] = auth_expire_datetime
|
|
79
82
|
end
|
|
80
83
|
|
|
81
84
|
finish(@app, env, cookie_value)
|
|
@@ -99,11 +102,22 @@ module Rack
|
|
|
99
102
|
end
|
|
100
103
|
end
|
|
101
104
|
|
|
102
|
-
# If the application isn't making any changes to the cookie, we can
|
|
105
|
+
# If the application isn't making any changes to the cookie, we can modify it
|
|
103
106
|
if cookie_value_from_request && !response_cookie
|
|
104
|
-
cookie = self.class.create_auth_cookie(env)
|
|
105
107
|
|
|
106
|
-
|
|
108
|
+
# If authentication succeeded earlier, send back a new token
|
|
109
|
+
if env['AUTH_USER']
|
|
110
|
+
cookie = self.class.create_auth_cookie(env)
|
|
111
|
+
|
|
112
|
+
headers["Set-Cookie"] << cookie
|
|
113
|
+
end
|
|
114
|
+
|
|
115
|
+
# If authentication failed earlier, tell the client to clear the cookie
|
|
116
|
+
if env['AUTH_FAIL']
|
|
117
|
+
cookie = self.class.create_clear_cookie(env)
|
|
118
|
+
|
|
119
|
+
headers["Set-Cookie"] << cookie
|
|
120
|
+
end
|
|
107
121
|
end
|
|
108
122
|
|
|
109
123
|
[status, headers, body]
|
|
@@ -167,6 +181,15 @@ module Rack
|
|
|
167
181
|
cookie += "HttpOnly; "
|
|
168
182
|
end
|
|
169
183
|
|
|
184
|
+
def self.create_clear_cookie(env)
|
|
185
|
+
cookie_value = ""
|
|
186
|
+
cookie = "#{@@cookie_name}=; "
|
|
187
|
+
cookie += "domain=.#{top_level_domain(env)}; "
|
|
188
|
+
cookie += "path=/; "
|
|
189
|
+
cookie += "expires=Thu, 01-Jan-1970 00:00:00 GMT; "
|
|
190
|
+
cookie += "HttpOnly; "
|
|
191
|
+
end
|
|
192
|
+
|
|
170
193
|
def self.generate_hmac(data)
|
|
171
194
|
OpenSSL::HMAC.hexdigest(OpenSSL::Digest::SHA1.new, @@secret, data)
|
|
172
195
|
end
|
data/rack-auth-cookie.gemspec
CHANGED
|
@@ -2,7 +2,7 @@ require 'rubygems'
|
|
|
2
2
|
|
|
3
3
|
Gem::Specification.new do |gem|
|
|
4
4
|
gem.name = 'rack-auth-cookie'
|
|
5
|
-
gem.version = '0.5.
|
|
5
|
+
gem.version = '0.5.1'
|
|
6
6
|
gem.authors = ["Daniel Berger", "Charlie O'Keefe"]
|
|
7
7
|
gem.email = 'cokeefe@globe.gov'
|
|
8
8
|
gem.homepage = 'http://www.github.com/charlieok/rack-auth-cookie'
|