rack-session 0.3.0 → 2.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/rack/session/abstract/id.rb +3 -2
- data/lib/rack/session/constants.rb +4 -0
- data/lib/rack/session/cookie.rb +6 -1
- data/lib/rack/session/encryptor.rb +4 -0
- data/lib/rack/session/pool.rb +2 -4
- data/lib/rack/session/version.rb +4 -1
- data/lib/rack/session.rb +4 -0
- data/license.md +72 -0
- data/readme.md +47 -0
- data/security.md +3 -0
- metadata +23 -18
- data/LICENSE.md +0 -23
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 80db83a32f94ca04708858cafb308daa26b94b9a4b95bdc74b92c288e56be8fd
|
4
|
+
data.tar.gz: 5502c441c1466396ce483c159fde5b909bc93aac9245b440368baad03f2246ff
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d7c2863fbe132f21f64fc6b03911e72af78a5d59557ad7ad1f370c6bd25411747e1b0f4f695bb87b52eb2ab1a1b80829f9757a1aec3f50d9ac1c99fe84d34481
|
7
|
+
data.tar.gz: 5678a825dd79056f106e4e942d3b930a737ce27baf4da886a555215a903307691e9edcd2afdd494f85a39f8f605244d3e697b52cc0fed7548e44ac59c648afac
|
@@ -1,7 +1,8 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
#
|
4
|
-
#
|
3
|
+
# Released under the MIT License.
|
4
|
+
# Copyright, 2022-2023, by Samuel Williams.
|
5
|
+
# Copyright, 2022, by Jeremy Evans.
|
5
6
|
|
6
7
|
require 'time'
|
7
8
|
require 'securerandom'
|
data/lib/rack/session/cookie.rb
CHANGED
@@ -1,5 +1,10 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
# Released under the MIT License.
|
4
|
+
# Copyright, 2022-2023, by Samuel Williams.
|
5
|
+
# Copyright, 2022, by Jeremy Evans.
|
6
|
+
# Copyright, 2022, by Jon Dufresne.
|
7
|
+
|
3
8
|
require 'openssl'
|
4
9
|
require 'zlib'
|
5
10
|
require 'json'
|
@@ -30,7 +35,7 @@ module Rack
|
|
30
35
|
# These options include:
|
31
36
|
# * :serialize_json
|
32
37
|
# Use JSON for message serialization instead of Marshal. This can be
|
33
|
-
# viewed as a security
|
38
|
+
# viewed as a security enhancement.
|
34
39
|
# * :gzip_over
|
35
40
|
# For message data over this many bytes, compress it with the deflate
|
36
41
|
# algorithm.
|
data/lib/rack/session/pool.rb
CHANGED
@@ -1,9 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
#
|
4
|
-
#
|
5
|
-
# apeiros, for session id generation, expiry setup, and threadiness
|
6
|
-
# sergio, threadiness and bugreps
|
3
|
+
# Released under the MIT License.
|
4
|
+
# Copyright, 2022-2023, by Samuel Williams.
|
7
5
|
|
8
6
|
require_relative 'abstract/id'
|
9
7
|
|
data/lib/rack/session/version.rb
CHANGED
data/lib/rack/session.rb
CHANGED
data/license.md
ADDED
@@ -0,0 +1,72 @@
|
|
1
|
+
# MIT License
|
2
|
+
|
3
|
+
Copyright, 2007-2008, by Leah Neukirchen.
|
4
|
+
Copyright, 2007-2009, by Scytrin dai Kinthra.
|
5
|
+
Copyright, 2008, by Daniel Roethlisberger.
|
6
|
+
Copyright, 2009, by Joshua Peek.
|
7
|
+
Copyright, 2009, by Mickaël Riga.
|
8
|
+
Copyright, 2010, by Simon Chiang.
|
9
|
+
Copyright, 2010-2011, by José Valim.
|
10
|
+
Copyright, 2010-2013, by James Tucker.
|
11
|
+
Copyright, 2010-2019, by Aaron Patterson.
|
12
|
+
Copyright, 2011, by Max Cantor.
|
13
|
+
Copyright, 2011-2012, by Konstantin Haase.
|
14
|
+
Copyright, 2011, by Will Leinweber.
|
15
|
+
Copyright, 2011, by John Manoogian III.
|
16
|
+
Copyright, 2012, by Yun Huang Yong.
|
17
|
+
Copyright, 2012, by Ravil Bayramgalin.
|
18
|
+
Copyright, 2012, by Timothy Elliott.
|
19
|
+
Copyright, 2012, by Jamie Macey.
|
20
|
+
Copyright, 2012-2015, by Santiago Pastorino.
|
21
|
+
Copyright, 2013, by Andrew Cole.
|
22
|
+
Copyright, 2013, by Postmodern.
|
23
|
+
Copyright, 2013, by Vipul A M.
|
24
|
+
Copyright, 2013, by Charles Hornberger.
|
25
|
+
Copyright, 2014, by Michal Bryxí.
|
26
|
+
Copyright, 2015, by deepj.
|
27
|
+
Copyright, 2015, by Doug McInnes.
|
28
|
+
Copyright, 2015, by David Runger.
|
29
|
+
Copyright, 2015, by Francesco Rodríguez.
|
30
|
+
Copyright, 2015, by Yuichiro Kaneko.
|
31
|
+
Copyright, 2015, by Michael Sauter.
|
32
|
+
Copyright, 2016, by Kir Shatrov.
|
33
|
+
Copyright, 2016, by Yann Vanhalewyn.
|
34
|
+
Copyright, 2016, by Jian Weihang.
|
35
|
+
Copyright, 2017, by Jordan Raine.
|
36
|
+
Copyright, 2018, by Dillon Welch.
|
37
|
+
Copyright, 2018, by Yoshiyuki Hirano.
|
38
|
+
Copyright, 2019, by Krzysztof Rybka.
|
39
|
+
Copyright, 2019, by Frederick Cheung.
|
40
|
+
Copyright, 2019, by Adrian Setyadi.
|
41
|
+
Copyright, 2019, by Rafael Mendonça França.
|
42
|
+
Copyright, 2019-2020, by Pavel Rosicky.
|
43
|
+
Copyright, 2019, by Dima Fatko.
|
44
|
+
Copyright, 2019, by Oleh Demianiuk.
|
45
|
+
Copyright, 2020-2023, by Samuel Williams.
|
46
|
+
Copyright, 2020-2022, by Jeremy Evans.
|
47
|
+
Copyright, 2020, by Alex Speller.
|
48
|
+
Copyright, 2020, by Ryuta Kamizono.
|
49
|
+
Copyright, 2020, by Yudai Suzuki.
|
50
|
+
Copyright, 2020, by Bart de Water.
|
51
|
+
Copyright, 2020, by Alec Clarke.
|
52
|
+
Copyright, 2021, by Michael Coyne.
|
53
|
+
Copyright, 2022, by Philip Arndt.
|
54
|
+
Copyright, 2022, by Jon Dufresne.
|
55
|
+
|
56
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
57
|
+
of this software and associated documentation files (the "Software"), to deal
|
58
|
+
in the Software without restriction, including without limitation the rights
|
59
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
60
|
+
copies of the Software, and to permit persons to whom the Software is
|
61
|
+
furnished to do so, subject to the following conditions:
|
62
|
+
|
63
|
+
The above copyright notice and this permission notice shall be included in all
|
64
|
+
copies or substantial portions of the Software.
|
65
|
+
|
66
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
67
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
68
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
69
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
70
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
71
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
72
|
+
SOFTWARE.
|
data/readme.md
ADDED
@@ -0,0 +1,47 @@
|
|
1
|
+
# Rack::Session
|
2
|
+
|
3
|
+
Session management implementation for Rack.
|
4
|
+
|
5
|
+
[![Development Status](https://github.com/rack/rack-session/workflows/Test/badge.svg)](https://github.com/rack/rack-session/actions?workflow=Test)
|
6
|
+
|
7
|
+
## Usage
|
8
|
+
|
9
|
+
In your `config.ru`:
|
10
|
+
|
11
|
+
``` ruby
|
12
|
+
# config.ru
|
13
|
+
|
14
|
+
require 'rack/session'
|
15
|
+
use Rack::Session::Cookie,
|
16
|
+
:domain => 'mywebsite.com',
|
17
|
+
:path => '/',
|
18
|
+
:expire_after => 3600*24,
|
19
|
+
:secret => '**unique secret key**'
|
20
|
+
```
|
21
|
+
|
22
|
+
Usage follows the standard outlined by `rack.session`, i.e.:
|
23
|
+
|
24
|
+
``` ruby
|
25
|
+
class MyApp
|
26
|
+
def call(env)
|
27
|
+
session = env['rack.session']
|
28
|
+
|
29
|
+
# Set some state:
|
30
|
+
session[:key] = "value"
|
31
|
+
end
|
32
|
+
end
|
33
|
+
```
|
34
|
+
|
35
|
+
### Compatibility
|
36
|
+
|
37
|
+
`rack-session` code used to be part of Rack, but it was extracted in Rack v3 to this gem. The v1 release of this gem is compatible with Rack v2, and the v2 release of this gem is compatible with Rack v3+. That means you can add `gem "rack-session"` to your application and it will be compatible with all versions of Rack.
|
38
|
+
|
39
|
+
## Contributing
|
40
|
+
|
41
|
+
We welcome contributions to this project.
|
42
|
+
|
43
|
+
1. Fork it.
|
44
|
+
2. Create your feature branch (`git checkout -b my-new-feature`).
|
45
|
+
3. Commit your changes (`git commit -am 'Add some feature'`).
|
46
|
+
4. Push to the branch (`git push origin my-new-feature`).
|
47
|
+
5. Create new Pull Request.
|
data/security.md
ADDED
metadata
CHANGED
@@ -1,14 +1,17 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-session
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 2.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
-
-
|
7
|
+
- Samuel Williams
|
8
|
+
- Jeremy Evans
|
9
|
+
- Jon Dufresne
|
10
|
+
- Philip Arndt
|
8
11
|
autorequire:
|
9
12
|
bindir: bin
|
10
13
|
cert_chain: []
|
11
|
-
date:
|
14
|
+
date: 2023-01-18 00:00:00.000000000 Z
|
12
15
|
dependencies:
|
13
16
|
- !ruby/object:Gem::Dependency
|
14
17
|
name: rack
|
@@ -16,42 +19,42 @@ dependencies:
|
|
16
19
|
requirements:
|
17
20
|
- - ">="
|
18
21
|
- !ruby/object:Gem::Version
|
19
|
-
version: 3.0.0
|
22
|
+
version: 3.0.0
|
20
23
|
type: :runtime
|
21
24
|
prerelease: false
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
24
27
|
- - ">="
|
25
28
|
- !ruby/object:Gem::Version
|
26
|
-
version: 3.0.0
|
29
|
+
version: 3.0.0
|
27
30
|
- !ruby/object:Gem::Dependency
|
28
|
-
name:
|
31
|
+
name: bundler
|
29
32
|
requirement: !ruby/object:Gem::Requirement
|
30
33
|
requirements:
|
31
|
-
- - "
|
34
|
+
- - ">="
|
32
35
|
- !ruby/object:Gem::Version
|
33
|
-
version: '
|
36
|
+
version: '0'
|
34
37
|
type: :development
|
35
38
|
prerelease: false
|
36
39
|
version_requirements: !ruby/object:Gem::Requirement
|
37
40
|
requirements:
|
38
|
-
- - "
|
41
|
+
- - ">="
|
39
42
|
- !ruby/object:Gem::Version
|
40
|
-
version: '
|
43
|
+
version: '0'
|
41
44
|
- !ruby/object:Gem::Dependency
|
42
|
-
name: minitest
|
45
|
+
name: minitest
|
43
46
|
requirement: !ruby/object:Gem::Requirement
|
44
47
|
requirements:
|
45
|
-
- - "
|
48
|
+
- - "~>"
|
46
49
|
- !ruby/object:Gem::Version
|
47
|
-
version: '0'
|
50
|
+
version: '5.0'
|
48
51
|
type: :development
|
49
52
|
prerelease: false
|
50
53
|
version_requirements: !ruby/object:Gem::Requirement
|
51
54
|
requirements:
|
52
|
-
- - "
|
55
|
+
- - "~>"
|
53
56
|
- !ruby/object:Gem::Version
|
54
|
-
version: '0'
|
57
|
+
version: '5.0'
|
55
58
|
- !ruby/object:Gem::Dependency
|
56
59
|
name: minitest-global_expectations
|
57
60
|
requirement: !ruby/object:Gem::Requirement
|
@@ -67,7 +70,7 @@ dependencies:
|
|
67
70
|
- !ruby/object:Gem::Version
|
68
71
|
version: '0'
|
69
72
|
- !ruby/object:Gem::Dependency
|
70
|
-
name:
|
73
|
+
name: minitest-sprint
|
71
74
|
requirement: !ruby/object:Gem::Requirement
|
72
75
|
requirements:
|
73
76
|
- - ">="
|
@@ -100,7 +103,6 @@ executables: []
|
|
100
103
|
extensions: []
|
101
104
|
extra_rdoc_files: []
|
102
105
|
files:
|
103
|
-
- LICENSE.md
|
104
106
|
- lib/rack/session.rb
|
105
107
|
- lib/rack/session/abstract/id.rb
|
106
108
|
- lib/rack/session/constants.rb
|
@@ -108,6 +110,9 @@ files:
|
|
108
110
|
- lib/rack/session/encryptor.rb
|
109
111
|
- lib/rack/session/pool.rb
|
110
112
|
- lib/rack/session/version.rb
|
113
|
+
- license.md
|
114
|
+
- readme.md
|
115
|
+
- security.md
|
111
116
|
homepage: https://github.com/rack/rack-session
|
112
117
|
licenses:
|
113
118
|
- MIT
|
@@ -127,7 +132,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
127
132
|
- !ruby/object:Gem::Version
|
128
133
|
version: '0'
|
129
134
|
requirements: []
|
130
|
-
rubygems_version: 3.4.
|
135
|
+
rubygems_version: 3.4.1
|
131
136
|
signing_key:
|
132
137
|
specification_version: 4
|
133
138
|
summary: A session implementation for Rack.
|
data/LICENSE.md
DELETED
@@ -1,23 +0,0 @@
|
|
1
|
-
The MIT License (MIT)
|
2
|
-
|
3
|
-
Copyright, 2007-2021, by [Leah Neukirchen](https://leahneukirchen.org).
|
4
|
-
Copyright, 2008, by Scytrin dai Kinthra.
|
5
|
-
Copyright, 2020, by [Michael Coyne](https://michaeljcoyne.me).
|
6
|
-
Copyright, 2021, by [Samuel G. D. Williams](https://www.codeotaku.com).
|
7
|
-
|
8
|
-
Permission is hereby granted, free of charge, to any person obtaining a copy
|
9
|
-
of this software and associated documentation files (the "Software"), to
|
10
|
-
deal in the Software without restriction, including without limitation the
|
11
|
-
rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
|
12
|
-
sell copies of the Software, and to permit persons to whom the Software is
|
13
|
-
furnished to do so, subject to the following conditions:
|
14
|
-
|
15
|
-
The above copyright notice and this permission notice shall be included in
|
16
|
-
all copies or substantial portions of the Software.
|
17
|
-
|
18
|
-
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
19
|
-
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
20
|
-
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
21
|
-
THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
|
22
|
-
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
23
|
-
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|