rack-session-xfile 0.10.1 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 64d96bd5bb35fd04da4c0c2b7cd7f697f367617f
-  data.tar.gz: 81f1f785803a8447c899da0441fff97dc4d81766
+  metadata.gz: 155a1b34b938b76714dc113c9563c6682c5aa6b1
+  data.tar.gz: 12fe040425c0b65a29159fb4ea810e95fc8123e7
 SHA512:
-  metadata.gz: 2ea0309035a48c736404d70b5669056b18735a8c578da6badb5296d058a53aa54279721ff74d485d492f9f0fd07481db6a2cb584bc159c78c53183f6c4fa76a6
-  data.tar.gz: ee252d4880ff8e137c9718395d391b1a639d89ba24c1c314c3cc8b3bb51f592bf64c76dd7239451f9c584b1fb138370a3ab9957e6325e46a5a18da661b4ffe0b
+  metadata.gz: '08a5a07e0fb3405ee3edaee1f12bf7a506fb341abea2f80db682f08104c452590701214d5a48847e6fbaa7952f5f8c7bd92825dd82b85ddb22e5c189c90947af'
+  data.tar.gz: 2a83b4923d9c3aaab1203870280ed08b10a24d5c2b95a4efcaa8bbcce69a06c30cec57c776bf6988cd16f965e19ab020af62bf8d519c83ac6aa56916cd196909

data/README.rdoc

@@ -128,28 +128,34 @@ or open an issue on the bug tracker.
 
 == Links
 
-Homepage      :: http://ecentryx.com/gems/rack-session-xfile
+Homepage      :: https://ecentryx.com/gems/rack-session-xfile
 Ruby Gem      :: https://rubygems.org/gems/rack-session-xfile
 Source Code   :: https://bitbucket.org/pachl/rack-session-xfile/src
 Bug Tracker   :: https://bitbucket.org/pachl/rack-session-xfile/issues
 
 == Compatibility
 
-Rack::Session::XFile was developed and tested on
-OpenBSD[http://www.openbsd.org] 5.6
+Rack::Session::XFile was originally developed and tested on
+OpenBSD[https://www.openbsd.org] 5.6
 using Ruby[https://www.ruby-lang.org] 2.1.2
 and Rack[https://github.com/rack/rack] 1.6.0.
 
+Currently, Rack::Session::XFile is compatible with Rack 2.0 and Ruby 2.2+ only.
+
 == History
 
 1. 2015-01-29, v0.10.0: First public release
    * XFile ran in production for more than a year before public release.
 
+2. 2017-06-07, v1.0.0
+   * Update for compatibility with Rack 2.0 and Ruby 2.2+
+     (breaks compatibility with Rack 1.x; use XFile 0.10.x)
+
 == License
 
-({ISC License}[http://opensource.org/licenses/ISC])
+({ISC License}[https://opensource.org/licenses/ISC])
 
-Copyright (c) 2015, Clint Pachl <pachl@ecentryx.com>
+Copyright (c) 2014-2017, Clint Pachl <pachl@ecentryx.com>
 
 Permission to use, copy, modify, and/or distribute this software for any purpose
 with or without fee is hereby granted, provided that the above copyright notice

data/lib/rack/session/xfile.rb

@@ -4,15 +4,15 @@ require 'tmpdir'
 module Rack
   module Session
 
-    class XFile < Abstract::ID
+    class XFile < Abstract::Persisted
 
-      VERSION = '0.10.1'
+      VERSION = '1.0.0'
 
       File = ::File # override Rack::File
 
       SIDCharacters = [*(0..9), *(:a..:z), *(:A..:Z)].map!(&:to_s)
 
-      Abstract::ID::DEFAULT_OPTIONS.merge! \
+      DEFAULT_OPTIONS = Abstract::Persisted::DEFAULT_OPTIONS.merge \
         session_dir: File.join(Dir.tmpdir, 'xfile-sessions'),
         user_agent_filter: nil,
         key: 'xid'
@@ -20,32 +20,32 @@ module Rack
       def initialize(app, options = {})
         super
         @mutex       = Mutex.new
-        @session_dir = @default_options[:session_dir]
-        @ua_filter   = @default_options[:user_agent_filter]
-        @sid_nbytes  = @default_options[:sidbits] / 8
+        @session_dir = default_options[:session_dir]
+        @ua_filter   = default_options[:user_agent_filter]
+        @sid_nbytes  = default_options[:sidbits] / 8
         setup_directories
         check_permissions
       end
 
-      def set_session(env, sid, session, options)
-        critical_section(env) do
-          write_session(sid, session)
+      def write_session(req, sid, session, options)
+        critical_section(req) do
+          write_session_file(sid, session)
         end
       end
 
-      def get_session(env, sid)
-        critical_section(env) do
-          return [nil, {}] if filter_request(env, sid)
+      def find_session(req, sid)
+        return [nil, {}] if filter_request(req, sid)
 
-          unless sid and session = read_session(sid)
+        critical_section(req) do
+          unless sid and session = read_session_file(sid)
             sid, session = generate_sid, {}
           end
           [sid, session]
         end
       end
-  
-      def destroy_session(env, sid, options)
-        critical_section(env) do
+
+      def delete_session(req, sid, options)
+        critical_section(req) do
           File.unlink(session_file(sid)) rescue nil
           generate_sid unless options[:drop]
         end
@@ -63,8 +63,8 @@ module Rack
       # Some systems do not implement, or implement correctly, advisory file
       # locking for threads; therefore a mutex lock must encompass file locks.
       #
-      def critical_section(env)
-        @mutex.lock if env['rack.multithread']
+      def critical_section(req)
+        @mutex.lock if req.multithread?
         yield
       ensure
         @mutex.unlock if @mutex.locked?
@@ -74,7 +74,6 @@ module Rack
       # Atomically generate a unique session ID and allocate the resource file.
       # Returns the session ID.
       # --
-      # NOTE
       # The sid is also a filename. Only SIDCharacters are allowed in the sid.
       # If +super+ is called it returns a HEX sid, which is a subset.
       #
@@ -90,7 +89,7 @@ module Rack
       #
       # Read session from file using a shared lock.
       #
-      def read_session(sid)
+      def read_session_file(sid)
         File.open(session_file(sid)) do |f|
           f.flock(File::LOCK_SH)
           begin
@@ -106,7 +105,7 @@ module Rack
       #
       # Write session to file using an exclusive lock.
       #
-      def write_session(sid, session)
+      def write_session_file(sid, session)
         File.open(session_file(sid), 'r+') do |f|
           f.flock(File::LOCK_EX)
           f.write(Marshal.dump(session))
@@ -115,7 +114,7 @@ module Rack
         end
         sid
       rescue => e
-        warn "#{self.class} cannot set session: #{e.message}"
+        warn "#{self.class} cannot write session: #{e.message}"
         false
       end
 
@@ -135,20 +134,14 @@ module Rack
       #
       # sid bit range: 62^10-62^50 (approx. 2^60-2^297)
       #
-      def filter_request(env, sid)
-        request = nil
-
-        if @ua_filter
-          request = Request.new(env)
-          if request.user_agent =~ @ua_filter
-            return request.session.options[:skip] = true
-          end
+      def filter_request(req, sid)
+        if @ua_filter and req.user_agent =~ @ua_filter
+          return req.session.options[:skip] = true
         end
 
         if sid and sid !~ /^[a-zA-Z0-9]{10,50}$/
           warn "#{self.class} SID=#{sid}: tampered sid detected."
-          request ||= Request.new(env)
-          request.session.options[:skip] = true
+          req.session.options[:skip] = true
         end
       end
 

data/spec/spec_xfile.rb

@@ -10,10 +10,6 @@ describe Rack::Session::XFile do
    %[{"counter"=>#{number}}]
   end
 
-  def empty_session
-    '{}'
-  end
-
   def set_sid id
     if id =~ TheSession
       {'HTTP_COOKIE' => id}
@@ -26,7 +22,7 @@ describe Rack::Session::XFile do
   def create_session data = nil
     app = Rack::Session::XFile.new(nil)
     sid = app.send(:generate_sid)
-    app.set_session({}, sid, (data || {sid: sid}), {})
+    app.write_session(EMPTY_REQUEST, sid, (data || {sid: sid}), {})
     sid
   end
 
@@ -37,13 +33,18 @@ describe Rack::Session::XFile do
   session_bits  = Rack::Session::XFile::DEFAULT_OPTIONS[:sidbits]
   session_chars = (session_bits / 8 / 3.0 * 4).ceil   # urlsafe_base64 length
   TheSession    = /^#{@session_key}=[0-9a-zA-Z]{#{session_chars}};/
+  SESSION       = 'rack.session'.freeze
+  SESSION_OPTS  = 'rack.session.options'.freeze
+  EMPTY_SESSION = '{}'.freeze
+  EMPTY_REQUEST = Rack::Request.new({}).freeze
+
 
   # Apps
 
   incrementor = lambda do |env|
-    env['rack.session']['counter'] ||= 0
-    env['rack.session']['counter'] += 1
-    Rack::Response.new(env['rack.session'].inspect).to_a
+    env[SESSION]['counter'] ||= 0
+    env[SESSION]['counter'] += 1
+    Rack::Response.new(env[SESSION].inspect).to_a
   end
 
   noop = lambda do |env|
@@ -51,26 +52,26 @@ describe Rack::Session::XFile do
   end
 
   read_session_id = lambda do |env|
-    Rack::Response.new(env['rack.session'].id).to_a
+    Rack::Response.new(env[SESSION].id).to_a
   end
 
   read_session = lambda do |env|
-    env['rack.session'].send(:load_for_read!)
-    Rack::Response.new(env['rack.session'].inspect).to_a
+    env[SESSION].send(:load_for_read!)
+    Rack::Response.new(env[SESSION].inspect).to_a
   end
 
   defer_session = lambda do |env|
-    env['rack.session.options'][:defer] = true
+    env[SESSION_OPTS][:defer] = true
     incrementor.call(env)
   end
 
   drop_session = lambda do |env|
-    env['rack.session.options'][:drop] = true
+    env[SESSION_OPTS][:drop] = true
     incrementor.call(env)
   end
 
   renew_session = lambda do |env|
-    env['rack.session.options'][:renew] = true
+    env[SESSION_OPTS][:renew] = true
     incrementor.call(env)
   end
 
@@ -149,24 +150,25 @@ describe Rack::Session::XFile do
     @warnings.first.should.include 'group owned/accessible'
   end
 
-  it 'returns false when setting session if cannot serialize data' do
+  it 'returns false when writing session if cannot serialize data' do
     obj = Object.new
     def obj.singleton() nil end
-    nonserializable_session = { data: obj }
+    nonserializable = { data: obj }
 
     sid = create_session
     app = Rack::Session::XFile.new(noop)
-    app.set_session({}, sid, nonserializable_session, {}).should.be.false
+    app.write_session(EMPTY_REQUEST, sid, nonserializable, {}).
+      should.be.false
     @warnings.count.should.equal 1
-    @warnings.first.should.match /cannot set session.*singleton can't be dumped/
+    @warnings.first.should.include 'cannot write session: singleton'
   end
 
-  it 'returns false when setting session if sid is nonexistent' do
+  it 'returns false when writing session if sid is nonexistent' do
     sid = 'nonexistent'
     app = Rack::Session::XFile.new(noop)
-    app.set_session({}, sid, {}, {}).should.be.false
+    app.write_session(EMPTY_REQUEST, sid, {}, {}).should.be.false
     @warnings.count.should.equal 1
-    @warnings.first.should.match /cannot set session.*No such file/
+    @warnings.first.should.include 'cannot write session: No such file'
   end
 
   it 'creates new xfile session' do
@@ -206,7 +208,7 @@ describe Rack::Session::XFile do
 
   it 'merges session data from middleware in front' do
     app = Rack::Session::XFile.new(incrementor)
-    res = Rack::MockRequest.new(app).get('/', 'rack.session' => {foo: 'bar'})
+    res = Rack::MockRequest.new(app).get('/', SESSION => {foo: 'bar'})
     res.body.should.match /counter/
     res.body.should.match /foo/
   end
@@ -214,8 +216,9 @@ describe Rack::Session::XFile do
   it 'creates new session when xfile is nonexistent' do
     app = Rack::Session::XFile.new(read_session)
     res = Rack::MockRequest.new(app).get('/', set_sid('nonexistent'))
-    res.body.should.equal empty_session
+    res.body.should.equal EMPTY_SESSION
     res['Set-Cookie'].should.match TheSession
+    app.session_count.should.equal 1
   end
 
   it 'creates new session when xfile is empty' do
@@ -226,7 +229,7 @@ describe Rack::Session::XFile do
     File.size(xfile).should.be.zero
 
     res = Rack::MockRequest.new(app).get('/', set_sid(sid))
-    res.body.should.equal empty_session
+    res.body.should.equal EMPTY_SESSION
     res['Set-Cookie'].should.be.nil # because sid already exists
     app.session_count.should.equal 1
     File.size(xfile).should.not.be.zero
@@ -244,7 +247,7 @@ describe Rack::Session::XFile do
       corrupt_data = Marshal.dump(session_data).insert(i, 'FUBAR')
       File.write(session_file, corrupt_data)
       res = Rack::MockRequest.new(app).get('/', set_sid(sid))
-      res.body.should.equal empty_session
+      res.body.should.equal EMPTY_SESSION
       res['Set-Cookie'].should.be.nil
     end
 
@@ -258,12 +261,12 @@ describe Rack::Session::XFile do
     app = Rack::Session::XFile.new(read_session)
 
     res1 = Rack::MockRequest.new(app).get('/', set_sid('%2e%2e%2f%2e%2e%2f%00'))
-    res1.body.should.equal empty_session
+    res1.body.should.equal EMPTY_SESSION
     res1['Set-Cookie'].should.be.nil
     app.session_count.should.be.zero
 
     res2 = Rack::MockRequest.new(app).get('/', set_sid('../../../../etc/passwd'))
-    res2.body.should.equal empty_session
+    res2.body.should.equal EMPTY_SESSION
     res2['Set-Cookie'].should.be.nil
     app.session_count.should.be.zero
 

data/xfile.gemspec

@@ -3,7 +3,7 @@ Gem::Specification.new do |s|
   s.version     = File.read('lib/rack/session/xfile.rb')[/VERSION = '(.*)'/, 1]
   s.author      = 'Clint Pachl'
   s.email       = 'pachl@ecentryx.com'
-  s.homepage    = 'http://ecentryx.com/gems/rack-session-xfile'
+  s.homepage    = 'https://ecentryx.com/gems/rack-session-xfile'
   s.license     = 'ISC'
   s.summary     = 'File-based session management with eXclusive R/W locking.'
   s.description = <<-EOS
@@ -13,7 +13,7 @@ suitable for multi-threaded and multi-process applications.
   EOS
   s.files = Dir['Rakefile', 'README*', '*.gemspec', 'lib/**/*.rb', 'spec/*']
   s.test_files = Dir['spec/spec_*.rb']
-  s.required_ruby_version = '>= 1.9.2'
-  s.add_runtime_dependency 'rack', '~> 1.5'
+  s.required_ruby_version = '>= 2.2'
+  s.add_runtime_dependency 'rack', '~> 2.0'
   s.add_development_dependency 'bacon', '~> 1.2'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rack-session-xfile
 version: !ruby/object:Gem::Version
-  version: 0.10.1
+  version: 1.0.0
 platform: ruby
 authors:
 - Clint Pachl
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-01-30 00:00:00.000000000 Z
+date: 2017-06-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.5'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bacon
   requirement: !ruby/object:Gem::Requirement
@@ -53,7 +53,7 @@ files:
 - lib/rack/session/xfile.rb
 - spec/spec_xfile.rb
 - xfile.gemspec
-homepage: http://ecentryx.com/gems/rack-session-xfile
+homepage: https://ecentryx.com/gems/rack-session-xfile
 licenses:
 - ISC
 metadata: {}
@@ -65,7 +65,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 1.9.2
+      version: '2.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -73,7 +73,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.2.2
+rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
 summary: File-based session management with eXclusive R/W locking.