rage-rb 1.3.0 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cef03d55f96279c7e6d451dc7ce0abce04024a7ca30d07e9c48c0d054c530bb6
-  data.tar.gz: c399b5b3d060aee5367c2e3064435649bbb8eba7dcb2bf2bd215730a698f69d8
+  metadata.gz: 24a5bc4310d226a4072c06ac0a3cb015eb52163e7c37fc85aced61f5705b6ef5
+  data.tar.gz: 8bedd5b522c64c945a44fa4cb97e19f48d5b3a3aa46bb5687183c4cf3eac75f3
 SHA512:
-  metadata.gz: cc5578e1e51d557a8f30729b0eff9a41d4a651e62c837af53aff3b3f50caee2b827be47a239aeadd47f2e9ff15ff8263f35a032634c1fdb738cb2b2c71787780
-  data.tar.gz: 28a70f5c33752ea33dd1474bc4e481ba7b56fd76541544f838226c9b5ace3758b80d9a93b5947c1ea8cbf9374cbae204e9c0e6c5ff40f2adcbc40be3208f5597
+  metadata.gz: 10feb1fe42789d8470ecf9d7754be26b58db2f160f24c7e82aac8a831a5c4b828d297e01c2535b8e914d167de2bcf40a843b1964c5d1f3102ef4429016fefabd
+  data.tar.gz: 87c3ee06201e71f691b7158f911c0cfbf7763d2021801d298885c890772082a934d91fdb5df8c0f6bf65110acd480fd839ef19d6e9adc39d1c78d165a0e2701f

data/CHANGELOG.md

@@ -1,5 +1,31 @@
 ## [Unreleased]
 
+## [1.5.0] - 2024-05-08
+
+### Added
+
+- Allow to have both Rails and Rage controllers in one application (#83).
+- Add `authenticate_or_request_with_http_token` (#85).
+- Add the `member` and `controller` route helpers (#86).
+
+### Changed
+
+- Deprecate `Rage.load_middlewares` (#83).
+
+### Fixed
+
+- Correctly init console in Rails mode (credit to [efibootmgr](https://github.com/efibootmgr)) (#84).
+
+## [1.4.0] - 2024-05-01
+
+### Added
+
+- Support cookies and sessions (#69).
+
+### Fixed
+
+- Improve compatibility with ActiveRecord 7.1 (#80).
+
 ## [1.3.0] - 2024-04-17
 
 ### Added

data/Gemfile

@@ -14,3 +14,6 @@ gem "yard"
 gem "pg"
 gem "mysql2"
 gem "connection_pool", "~> 2.0"
+
+gem "rbnacl"
+gem "domain_name"

data/README.md

@@ -155,8 +155,8 @@ Status | Changes
 :white_check_mark:  | ~~Add request logging.~~
 :white_check_mark: | ~~Automatic code reloading in development with Zeitwerk.~~
 :white_check_mark: | ~~Support conditional get with `etag` and `last_modified`.~~
+:white_check_mark: | ~~Expose the `cookies` and `session` objects.~~
 ⏳ | Expose the `send_data` and `send_file` methods.
-⏳ | Expose the `cookies` and `session` objects.
 ⏳ | Implement Iodine-based equivalent of Action Cable.
 
 ## Development

data/lib/rage/cli.rb

@@ -116,10 +116,8 @@ module Rage
     def environment
       require File.expand_path("config/application.rb", Dir.pwd)
 
-      # in Rails mode we delegate code loading to Rails, and thus need
-      # to manually load application code for CLI utilities to work
       if Rage.config.internal.rails_mode
-        require "rage/setup"
+        require File.expand_path("config/environment.rb", Dir.pwd)
       end
     end
 

data/lib/rage/configuration.rb

@@ -15,6 +15,14 @@
 #
 # > Defines the verbosity of the Rage logger. This option defaults to `:debug` for all environments except production, where it defaults to `:info`. The available log levels are: `:debug`, `:info`, `:warn`, `:error`, `:fatal`, and `:unknown`.
 #
+# • _config.secret_key_base_
+#
+# > The `secret_key_base` is used as the input secret to the application's key generator, which is used to encrypt cookies. Rage will fall back to the `SECRET_KEY_BASE` environment variable if this is not set.
+#
+# • _config.fallback_secret_key_base_
+#
+# > Defines one or several old secrets that need to be rotated. Can accept a single key or an array of keys. Rage will fall back to the `FALLBACK_SECRET_KEY_BASE` environment variable if this is not set.
+#
 # # Middleware Configuration
 #
 # • _config.middleware.use_
@@ -100,6 +108,7 @@
 class Rage::Configuration
   attr_accessor :logger
   attr_reader :log_formatter, :log_level
+  attr_writer :secret_key_base, :fallback_secret_key_base
 
   # used in DSL
   def config = self
@@ -113,6 +122,14 @@ class Rage::Configuration
     @log_level = level.is_a?(Symbol) ? Logger.const_get(level.to_s.upcase) : level
   end
 
+  def secret_key_base
+    @secret_key_base || ENV["SECRET_KEY_BASE"]
+  end
+
+  def fallback_secret_key_base
+    Array(@fallback_secret_key_base || ENV["FALLBACK_SECRET_KEY_BASE"])
+  end
+
   def server
     @server ||= Server.new
   end

data/lib/rage/controller/api.rb

@@ -324,6 +324,18 @@ class RageController::API
     @response ||= Rage::Response.new(@__headers, @__body)
   end
 
+  # Get the cookie object. See {Rage::Cookies}.
+  # @return [Rage::Cookies]
+  def cookies
+    @cookies ||= Rage::Cookies.new(@__env, self)
+  end
+
+  # Get the session object. See {Rage::Session}.
+  # @return [Rage::Session]
+  def session
+    @session ||= Rage::Session.new(self)
+  end
+
   # Send a response to the client.
   #
   # @param json [String, Object] send a json response to the client; objects like arrays will be serialized automatically
@@ -416,6 +428,28 @@ class RageController::API
     yield token
   end
 
+  # Authenticate using an HTTP Bearer token, or otherwise render an HTTP header requesting the client to send a
+  # Bearer token. For the authentication to be considered successful, the block should return a non-nil value.
+  #
+  # @yield [token] token value extracted from the `Authorization` header
+  # @example
+  #   before_action :authenticate
+  #
+  #   def authenticate
+  #     authenticate_or_request_with_http_token do |token|
+  #       ApiToken.find_by(token: token)
+  #     end
+  #   end
+  def authenticate_or_request_with_http_token
+    authenticate_with_http_token { |token| yield(token) } || request_http_token_authentication
+  end
+
+  # Render an HTTP header requesting the client to send a Bearer token for authentication.
+  def request_http_token_authentication
+    headers["Www-Authenticate"] = "Token"
+    render plain: "HTTP Token: Access denied.", status: 401
+  end
+
   if !defined?(::ActionController::Parameters)
     # Get the request data. The keys inside the hash are symbols, so `params.keys` returns an array of `Symbol`.<br>
     # You can also load Strong Params to have Rage automatically wrap `params` in an instance of `ActionController::Parameters`.<br>
@@ -477,4 +511,9 @@ class RageController::API
   #     def append_info_to_payload(payload)
   #       payload[:response] = response.body
   #     end
+
+  # Reset the entire session. See {Rage::Session}.
+  def reset_session
+    session.clear
+  end
 end

data/lib/rage/cookies.rb

@@ -0,0 +1,241 @@
+# frozen_string_literal: true
+
+require "base64"
+require "time"
+
+if !defined?(DomainName)
+  fail <<~ERR
+
+    rage-rb depends on domain_name to specify the domain name for cookies. Add the following line to your Gemfile:
+    gem "domain_name"
+
+  ERR
+end
+
+class Rage::Cookies
+  # @private
+  def initialize(env, controller)
+    @env = env
+    @headers = controller.headers
+    @request_cookies = {}
+    @parsed = false
+
+    @jar = SimpleJar
+  end
+
+  # Read a cookie.
+  #
+  # @param key [Symbol]
+  # @return [String]
+  def [](key)
+    value = request_cookies[key]
+    @jar.load(value) if value
+  end
+
+  # Get the number of cookies.
+  #
+  # @return [Integer]
+  def size
+    request_cookies.count { |_, v| !v.nil? }
+  end
+
+  # Delete a cookie.
+  #
+  # @param key [Symbol]
+  # @param path [String]
+  # @param domain [String]
+  def delete(key, path: "/", domain: nil)
+    @headers.compare_by_identity
+
+    @request_cookies[key] = nil
+    @headers[set_cookie_key(key)] = Rack::Utils.add_cookie_to_header(nil, key, {
+      value: "", expires: Time.at(0), path: path, domain: domain
+    })
+  end
+
+  # Returns a jar that'll automatically encrypt cookie values before sending them to the client and will decrypt them
+  # for read. If the cookie was tampered with by the user (or a 3rd party), `nil` will be returned.
+  #
+  # This jar requires that you set a suitable secret for the verification on your app's `secret_key_base`.
+  #
+  # @example
+  #   cookies.encrypted[:user_id] = current_user.id
+  def encrypted
+    dup.tap { |c| c.jar = EncryptedJar }
+  end
+
+  # Returns a jar that'll automatically set the assigned cookies to have an expiration date 20 years from now.
+  #
+  # @example
+  #   cookies.permanent[:user_id] = current_user.id
+  def permanent
+    dup.tap { |c| c.expires = Time.now + 20 * 365 * 24 * 60 * 60 }
+  end
+
+  # Set a cookie.
+  #
+  # @param key [Symbol]
+  # @param value [String, Hash]
+  # @option value [String] :path
+  # @option value [Boolean] :secure
+  # @option value [Boolean] :httponly
+  # @option value [nil, :none, :lax, :strict] :same_site
+  # @option value [Time] :expires
+  # @option value [String, Array<String>, :all] :domain
+  # @option value [String] :value
+  # @example
+  #   cookie[:user_id] = current_user.id
+  # @example
+  #   cookie[:user_id] = { value: current_user.id, httponly: true, secure: true }
+  def []=(key, value)
+    @headers.compare_by_identity
+
+    unless value.is_a?(Hash)
+      serialized_value = @jar.dump(value)
+      @request_cookies[key] = serialized_value
+      @headers[set_cookie_key(key)] = Rack::Utils.add_cookie_to_header(nil, key, { value: serialized_value, expires: @expires })
+      return
+    end
+
+    if domain = value[:domain]
+      host = @env["HTTP_HOST"]
+
+      _domain = if domain.is_a?(String)
+        domain
+      elsif domain == :all
+        DomainName(host).domain
+      elsif domain.is_a?(Array)
+        host if domain.include?(host)
+      end
+    end
+
+    serialized_value = @jar.dump(value[:value])
+    cookie = Rack::Utils.add_cookie_to_header(nil, key, {
+      path: value[:path],
+      secure: value[:secure],
+      expires: value[:expires] || @expires,
+      httponly: value[:httponly],
+      same_site: value[:same_site],
+      value: serialized_value,
+      domain: _domain
+    })
+
+    @request_cookies[key] = serialized_value
+    @headers[set_cookie_key(key)] = cookie
+  end
+
+  def inspect
+    cookies = request_cookies.transform_values do |v|
+      decoded = Base64.urlsafe_decode64(v) rescue nil
+      is_encrypted = decoded&.start_with?(EncryptedJar::PADDING)
+
+      is_encrypted ? "<encrypted>" : v
+    end
+
+    "#<#{self.class.name} @request_cookies=#{cookies.inspect}"
+  end
+
+  private
+
+  def request_cookies
+    return @request_cookies if @parsed
+
+    @parsed = true
+    if cookie_header = @env["HTTP_COOKIE"]
+      cookie_header.split(/; */n).each do |cookie|
+        next if cookie.empty?
+        key, value = cookie.split("=", 2).yield_self { |k, _| [k.to_sym, _] }
+        unless @request_cookies.has_key?(key)
+          @request_cookies[key] = (Rack::Utils.unescape(value, Encoding::UTF_8) rescue value)
+        end
+      end
+    end
+
+    @request_cookies
+  end
+
+  def set_cookie_key(key)
+    @set_cookie_keys ||= Hash.new { |hash, key| hash[key] = "Set-Cookie".dup }
+    @set_cookie_keys[key]
+  end
+
+  protected
+
+  attr_writer :jar, :expires
+
+  ####################
+  #
+  # Cookie Jars
+  #
+  ####################
+
+  class SimpleJar
+    def self.load(_)
+      _
+    end
+
+    def self.dump(value)
+      value.to_s
+    end
+  end
+
+  class EncryptedJar
+    SALT = "encrypted cookie"
+    PADDING = "00"
+
+    class << self
+      def load(value)
+        box = primary_box
+
+        begin
+          box.decrypt(Base64.urlsafe_decode64(value).byteslice(2..))
+        rescue ArgumentError
+          nil
+        rescue RbNaCl::CryptoError
+          i ||= 0
+          if box = fallback_boxes[i]
+            i += 1
+            retry
+          end
+        end
+      end
+
+      def dump(value)
+        # add two bytes to hold meta information, e.g. in case we
+        # need to change the encryption algorithm in the future
+        Base64.urlsafe_encode64(PADDING + primary_box.encrypt(value.to_s))
+      end
+
+      private
+
+      def primary_box
+        @primary_box ||= begin
+          if !defined?(RbNaCl) || !(Gem::Version.create(RbNaCl::VERSION) >= Gem::Version.create("3.3.0") && Gem::Version.create(RbNaCl::VERSION) < Gem::Version.create("8.0.0"))
+            fail <<~ERR
+
+              rage-rb depends on rbnacl [>= 3.3, < 8.0] to encrypt cookies. Add the following line to your Gemfile:
+              gem "rbnacl"
+
+            ERR
+          end
+
+          unless Rage.config.secret_key_base
+            raise "Rage.config.secret_key_base should be set to use encrypted cookies"
+          end
+
+          RbNaCl::SimpleBox.from_secret_key(
+            RbNaCl::Hash.blake2b(Rage.config.secret_key_base, digest_size: 32, salt: SALT)
+          )
+        end
+      end
+
+      def fallback_boxes
+        @fallback_boxes ||= begin
+          Rage.config.fallback_secret_key_base.map do |key|
+            RbNaCl::SimpleBox.from_secret_key(RbNaCl::Hash.blake2b(key, digest_size: 32, salt: SALT))
+          end
+        end
+      end
+    end # class << self
+  end
+end

data/lib/rage/ext/setup.rb

@@ -4,7 +4,7 @@ if defined?(ActiveSupport::IsolatedExecutionState)
 end
 
 # release ActiveRecord connections on yield
-if defined?(ActiveRecord)
+if defined?(ActiveRecord) && ActiveRecord.version < Gem::Version.create("7.1.0")
   class Fiber
     def self.defer
       res = Fiber.yield

data/lib/rage/fiber.rb

@@ -91,7 +91,7 @@ class Fiber
 
   # @private
   # under normal circumstances, the method is a copy of `yield`, but it can be overriden to perform
-  # additional steps on yielding, e.g. releasing AR connections; see "lib/rage/rails.rb"
+  # additional steps on yielding, e.g. releasing AR connections; see "lib/rage/ext/setup.rb"
   class << self
     alias_method :defer, :yield
   end

data/lib/rage/router/backend.rb

@@ -68,12 +68,18 @@ class Rage::Router::Backend
       raise "Invalid route handler format, expected to match the 'controller#action' pattern" unless handler =~ STRING_HANDLER_REGEXP
 
       controller, action = Rage::Router::Util.path_to_class($1), $2
-      run_action_method_name = controller.__register_action(action.to_sym)
 
-      meta[:controller] = $1
-      meta[:action] = $2
+      if controller.ancestors.include?(RageController::API)
+        run_action_method_name = controller.__register_action(action.to_sym)
 
-      handler = eval("->(env, params) { #{controller}.new(env, params).#{run_action_method_name} }")
+        meta[:controller] = $1
+        meta[:action] = $2
+
+        handler = eval("->(env, params) { #{controller}.new(env, params).#{run_action_method_name} }")
+      else
+        # this is a Rails controller; notify `Rage::Router::Util::Cascade` to forward the request to Rails
+        handler = ->(_, _) { [404, { "X-Cascade" => "pass" }, []] }
+      end
     else
       raise "Non-string route handler should respond to `call`" unless handler.respond_to?(:call)
       # while regular handlers are expected to be called with the `env` and `params` objects,

data/lib/rage/router/dsl.rb

@@ -209,6 +209,7 @@ class Rage::Router::DSL
     # @param [Hash] opts scope options.
     # @option opts [String] :module module option
     # @option opts [String] :path path option
+    # @option opts [String] :controller controller option
     # @example Route `/photos` to `Api::PhotosController`
     #   scope module: "api" do
     #     get "photos", to: "photos#index"
@@ -217,6 +218,11 @@ class Rage::Router::DSL
     #   scope path: "admin" do
     #     get "photos", to: "photos#index"
     #   end
+    # @example Route `/like` to `photos#like` and `/dislike` to `photos#dislike`
+    #   scope controller: "photos" do
+    #     post "like"
+    #     post "dislike"
+    #   end
     # @example Nested calls
     #   scope module: "admin" do
     #     get "photos", to: "photos#index"
@@ -252,6 +258,19 @@ class Rage::Router::DSL
       @defaults.pop
     end
 
+    # Scopes routes to a specific controller.
+    #
+    # @example
+    #   controller "photos" do
+    #     post "like"
+    #     post "dislike"
+    #   end
+    def controller(controller, &block)
+      @controllers << controller
+      instance_eval &block
+      @controllers.pop
+    end
+
     # Add a route to the collection.
     #
     # @example Add a `photos/search` path instead of `photos/:photo_id/search`
@@ -267,6 +286,27 @@ class Rage::Router::DSL
       @path_prefixes = orig_path_prefixes
     end
 
+    # Add a member route.
+    #
+    # @example Add a `photos/:id/preview` path instead of `photos/:photo_id/preview`
+    #   resources :photos do
+    #     member do
+    #       get "preview"
+    #     end
+    #   end
+    def member(&block)
+      orig_path_prefixes = @path_prefixes
+
+      if (param_prefix = @path_prefixes.last)&.start_with?(":") && @controllers.any?
+        member_prefix = param_prefix.delete_prefix(":#{to_singular(@controllers.last)}_")
+        @path_prefixes = [*@path_prefixes[0...-1], ":#{member_prefix}"]
+      end
+
+      instance_eval &block
+
+      @path_prefixes = orig_path_prefixes
+    end
+
     # Automatically create REST routes for a resource.
     #
     # @example Create five REST routes, all mapping to the `Photos` controller:

data/lib/rage/router/util.rb

@@ -30,4 +30,19 @@ class Rage::Router::Util
       end
     end
   end
+
+  # @private
+  class Cascade
+    def initialize(rage_app, rails_app)
+      @rage_app = rage_app
+      @rails_app = rails_app
+    end
+
+    def call(env)
+      result = @rage_app.call(env)
+      return result if result[0] == :__http_defer__ || result[1]["X-Cascade".freeze] != "pass".freeze
+
+      @rails_app.call(env)
+    end
+  end
 end

data/lib/rage/session.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+require "json"
+
+class Rage::Session
+  # @private
+  KEY = Rack::RACK_SESSION.to_sym
+
+  # @private
+  def initialize(controller)
+    @cookies = controller.cookies.encrypted
+  end
+
+  # Writes the value to the session.
+  #
+  # @param key [Symbol]
+  # @param value [String]
+  def []=(key, value)
+    write_session(add: { key => value })
+  end
+
+  # Returns the value of the key stored in the session or `nil` if the given key is not found.
+  #
+  # @param key [Symbol]
+  def [](key)
+    read_session[key]
+  end
+
+  # Returns the value of the given key from the session, or raises `KeyError` if the given key is not found
+  # and no default value is set. Returns the default value if specified.
+  #
+  # @param key [Symbol]
+  def fetch(key, default = nil, &block)
+    if default.nil?
+      read_session.fetch(key, &block)
+    else
+      read_session.fetch(key, default, &block)
+    end
+  end
+
+  # Deletes the given key from the session.
+  #
+  # @param key [Symbol]
+  def delete(key)
+    write_session(remove: key)
+  end
+
+  # Clears the session.
+  def clear
+    write_session(clear: true)
+  end
+
+  # Returns the session as Hash.
+  def to_hash
+    read_session
+  end
+
+  alias_method :to_h, :to_hash
+
+  def empty?
+    read_session.empty?
+  end
+
+  # Returns `true` if the given key is present in the session.
+  def has_key?(key)
+    read_session.has_key?(key)
+  end
+
+  alias_method :key?, :has_key?
+  alias_method :include?, :has_key?
+
+  def each(&block)
+    read_session.each(&block)
+  end
+
+  def dig(*keys)
+    read_session.dig(*keys)
+  end
+
+  def inspect
+    "#<#{self.class.name} @session=#{to_h.inspect}"
+  end
+
+  private
+
+  def write_session(add: nil, remove: nil, clear: nil)
+    if add
+      read_session.merge!(add)
+    elsif remove && read_session.has_key?(remove)
+      read_session.reject! { |k, _| k == remove }
+    elsif clear
+      read_session.clear
+    end
+
+    @cookies[KEY] = { httponly: true, same_site: :lax, value: read_session.to_json }
+  end
+
+  def read_session
+    @session ||= begin
+      JSON.parse(@cookies[KEY] || "{}", symbolize_names: true)
+    rescue JSON::ParserError
+      {}
+    end
+  end
+end

data/lib/rage/templates/config.ru

@@ -1,4 +1,3 @@
 require_relative "config/application"
 
 run Rage.application
-Rage.load_middlewares(self)

data/lib/rage/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Rage
-  VERSION = "1.3.0"
+  VERSION = "1.5.0"
 end

data/lib/rage-rb.rb

@@ -7,7 +7,25 @@ require "pathname"
 
 module Rage
   def self.application
-    Application.new(__router)
+    app = Application.new(__router)
+
+    config.middleware.middlewares.reverse.inject(app) do |next_in_chain, (middleware, args, block)|
+      # in Rails compatibility mode we first check if the middleware is a part of the Rails middleware stack;
+      # if it is - it is expected to be built using `ActionDispatch::MiddlewareStack::Middleware#build`
+      if Rage.config.internal.rails_mode
+        rails_middleware = Rails.application.config.middleware.middlewares.find { |m| m.name == middleware.name }
+      end
+
+      if rails_middleware
+        rails_middleware.build(next_in_chain)
+      else
+        middleware.new(next_in_chain, *args, &block)
+      end
+    end
+  end
+
+  def self.multi_application
+    Rage::Router::Util::Cascade.new(application, Rails.application)
   end
 
   def self.routes
@@ -43,28 +61,8 @@ module Rage
     @logger ||= config.logger
   end
 
-  def self.load_middlewares(rack_builder)
-    config.middleware.middlewares.each do |middleware, args, block|
-      # in Rails compatibility mode we first check if the middleware is a part of the Rails middleware stack;
-      # if it is - it is expected to be built using `ActionDispatch::MiddlewareStack::Middleware#build`, but Rack
-      # expects the middleware to respond to `#new`, so we wrap the middleware into a helper module
-      if Rage.config.internal.rails_mode
-        rails_middleware = Rails.application.config.middleware.middlewares.find { |m| m.name == middleware.name }
-        if rails_middleware
-          wrapper = Module.new do
-            extend self
-            attr_accessor :middleware
-            def new(app, *, &)
-              middleware.build(app)
-            end
-          end
-          wrapper.middleware = rails_middleware
-          middleware = wrapper
-        end
-      end
-
-      rack_builder.use(middleware, *args, &block)
-    end
+  def self.load_middlewares(_)
+    puts "`Rage.load_middlewares` is deprecated and has been merged into `Rage.application`. Please remove this call."
   end
 
   def self.code_loader
@@ -102,6 +100,9 @@ module Rage
       autoload :ConnectionPool, "rage/ext/active_record/connection_pool"
     end
   end
+
+  autoload :Cookies, "rage/cookies"
+  autoload :Session, "rage/session"
 end
 
 module RageController

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: rage-rb
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.5.0
 platform: ruby
 authors:
 - Roman Samoilov
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2024-04-17 00:00:00.000000000 Z
+date: 2024-05-08 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -105,6 +105,7 @@ files:
 - lib/rage/code_loader.rb
 - lib/rage/configuration.rb
 - lib/rage/controller/api.rb
+- lib/rage/cookies.rb
 - lib/rage/env.rb
 - lib/rage/errors.rb
 - lib/rage/ext/active_record/connection_pool.rb
@@ -130,6 +131,7 @@ files:
 - lib/rage/router/strategies/host.rb
 - lib/rage/router/util.rb
 - lib/rage/rspec.rb
+- lib/rage/session.rb
 - lib/rage/setup.rb
 - lib/rage/sidekiq_session.rb
 - lib/rage/templates/Gemfile