redis-actionpack 5.1.0 → 5.2.0.pre

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 50331ac51d096b49792a7490a0ac690f3ccd4477
-  data.tar.gz: 695156ecc06eb6baf1e041495d50fd39a551f24a
+  metadata.gz: 3e2b6211a9e93d7d4437bd0a16154812f0490980
+  data.tar.gz: d6393f01d6f54f7cec47f5aaf8b96b8024cd15d7
 SHA512:
-  metadata.gz: fbca26251d84472ca25c2dec76c78c9202e1d38b097418845524ddf90035533189ebba3f5efc00b5148c4b35da1c06f69fad6add4382770da0969086f90b2db1
-  data.tar.gz: c30bdf4ed278f3b953a5872cc9c58fbef181e4fefd69978f9e6347b86d7c9b11fd8df765c1eda40863b89952aa820e5597239ebd9f88d63bbb011c910a06019f
+  metadata.gz: 49599e9033bb2cec8f544ad965203ff74cf53110fc9977ed95ad1e4c8fe7fd4bc84bc86525e65bec6a867b3402570bf37d36f145abad2293d2da13581c24fd8b
+  data.tar.gz: 5a855c54e08114d9145f432991c4b642a429d9f3819904bb535c525d0adcc3280c425ec92d4d31bb43d5cb0efc2ef82ad215866b3e869b17d0354194178166fa

data/.github/auto-assign-issues.yml

@@ -0,0 +1,2 @@
+assignees:
+  - tubbo

data/.gitignore

@@ -1,5 +1,6 @@
 Gemfile.lock
-test/gemfiles/*.lock
+gemfiles/*.lock
 *.gem
 tmp/
 stdout
+gemfiles/vendor

data/.travis.yml

@@ -2,23 +2,26 @@ language: ruby
 before_install: gem install bundler
 script: bundle exec rake
 rvm:
-- 2.3
-- 2.4
-- 2.5
-- 2.6
-- ruby-head
+  - 2.3
+  - 2.4
+  - 2.5
+  - 2.6
+  - ruby-head
+  - jruby-head
 gemfile:
-- test/gemfiles/Gemfile.rails-4.0.x
-- test/gemfiles/Gemfile.rails-4.1.x
-- test/gemfiles/Gemfile.rails-4.2.x
-- test/gemfiles/Gemfile.rails-5.0.x
+  - gemfiles/rails_5.0.x.gemfile
+  - gemfiles/rails_5.1.x.gemfile
+  - gemfiles/rails_5.2.x.gemfile
+  - gemfiles/rails_6.0.x.gemfile
 matrix:
   exclude:
-  - rvm: 2.1
-    gemfile: test/gemfiles/Gemfile.rails-5.0.x
+    - rvm: 2.3
+      gemfile: gemfiles/rails_6.0.x.gemfile
+    - rvm: 2.4
+      gemfile: gemfiles/rails_6.0.x.gemfile
   allow_failures:
-  - rvm: ruby-head
-  - rvm: jruby-head
+    - rvm: ruby-head
+    - rvm: jruby-head
 deploy:
   provider: rubygems
   api_key:

data/Appraisals

@@ -0,0 +1,23 @@
+appraise 'rails-5.0.x' do
+  gem 'redis-store'
+  gem 'redis-rack'
+  gem 'actionpack', '~> 5.0.0'
+end
+
+appraise 'rails-5.1.x' do
+  gem 'redis-store'
+  gem 'redis-rack'
+  gem 'actionpack', '~> 5.1.0'
+end
+
+appraise 'rails-5.2.x' do
+  gem 'redis-store'
+  gem 'redis-rack'
+  gem 'actionpack', '~> 5.1.0'
+end
+
+appraise 'rails-6.0.x' do
+  gem 'redis-store'
+  gem 'redis-rack'
+  gem 'actionpack', '~> 6.0.0'
+end

data/README.md

@@ -17,12 +17,39 @@ gem 'redis-actionpack'
 
 ## Usage
 
-If you are using redis-store with Rails, consider using the [redis-rails gem](https://github.com/redis-store/redis-rails) instead. For standalone usage:
+If you are using redis-store with Rails, head on over to the
+[redis-rails README](https://github.com/redis-store/redis-rails#session-storage) to
+learn how to integrate this gem into your Rails application.
+
+For standalone usage:
 
 ```ruby
-ActionController::Base.cache_store = ActionDispatch::Session::RedisStore.new
+ActionController::Base.session_store = :redis_store,
+  servers: %w(redis://localhost:6379/0/session),
+  expire_after: 90.minutes,
+  key: '_my_application_session',
+  threadsafe: false,
+  signed: true,
+  secure: true
 ```
 
+A brief run-down of these options...
+
+- **servers** is an Array of Redis server URLs that we will attempt to find
+  data from.
+- **expire_after** is the default TTL of session keys. This is also set
+  as the expiry time of any cookies generated by the session store.
+- **key** is the name of the cookie on the client side
+- **threadsafe** is for applications that run on multiple instances. Set
+  this to `false` if you want to disable the global mutex lock on
+  session data. It's `true` by default, meaning the mutex will be
+  enabled.
+- **signed** uses signed/encrypted cookies to store the local session on
+  a client machine, preventing a malicious user from tampering with its
+  contents.
+- **secure** ensures HTTP cookies are transferred from server to client
+  on a secure (HTTPS) connection
+
 ## Running tests
 
 ```shell
@@ -37,8 +64,8 @@ If you are on **Snow Leopard** you have to run `env ARCHFLAGS="-arch x86_64" bun
 
 ## Status
 
-[![Gem Version](https://badge.fury.io/rb/redis-actionpack.svg)](http://badge.fury.io/rb/redis-actionpack) 
-[![Build Status](https://secure.travis-ci.org/redis-store/redis-actionpack.svg?branch=master)](http://travis-ci.org/redis-store/redis-actionpack?branch=master) 
+[![Gem Version](https://badge.fury.io/rb/redis-actionpack.svg)](http://badge.fury.io/rb/redis-actionpack)
+[![Build Status](https://secure.travis-ci.org/redis-store/redis-actionpack.svg?branch=master)](http://travis-ci.org/redis-store/redis-actionpack?branch=master)
 [![Code Climate](https://codeclimate.com/github/redis-store/redis-actionpack.svg)](https://codeclimate.com/github/redis-store/redis-actionpack)
 
 ## Copyright

data/bin/bundler-version-options.rb

@@ -0,0 +1 @@
+puts '-v 1.13.1' if Gem::Version.new(RUBY_VERSION) <= Gem::Version.new('2.3.0')

data/gemfiles/rails_5.0.x.gemfile

@@ -0,0 +1,9 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "redis-store"
+gem "redis-rack"
+gem "actionpack", "~> 5.0.0"
+
+gemspec path: "../"

data/gemfiles/rails_5.1.x.gemfile

@@ -0,0 +1,9 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "redis-store"
+gem "redis-rack"
+gem "actionpack", "~> 5.1.0"
+
+gemspec path: "../"

data/gemfiles/rails_5.2.x.gemfile

@@ -0,0 +1,9 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "redis-store"
+gem "redis-rack"
+gem "actionpack", "~> 5.1.0"
+
+gemspec path: "../"

data/gemfiles/rails_6.0.x.gemfile

@@ -0,0 +1,9 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "redis-store"
+gem "redis-rack"
+gem "actionpack", "~> 6.0.0"
+
+gemspec path: "../"

data/lib/action_dispatch/middleware/session/redis_store.rb

@@ -1,9 +1,12 @@
+# frozen_string_literal: true
+
 require 'redis-store'
 require 'redis-rack'
 require 'action_dispatch/middleware/session/abstract_store'
 
 module ActionDispatch
   module Session
+    # Session storage in Redis, using +Redis::Rack+ as a basis.
     class RedisStore < Rack::Session::Redis
       include Compatibility
       include StaleSessionCheck
@@ -17,18 +20,31 @@ module ActionDispatch
 
       private
 
-      def set_cookie(env, session_id, cookie)
-        if env.is_a? ActionDispatch::Request
-          request = env
-        else
-          request = ActionDispatch::Request.new(env)
-        end
-        request.cookie_jar[key] = cookie.merge(cookie_options)
+      def set_cookie(env, _session_id, cookie)
+        request = wrap_in_request(env)
+        cookie_jar(request)[key] = cookie.merge(cookie_options)
+      end
+
+      def get_cookie(request)
+        cookie_jar(request)[key]
+      end
+
+      def wrap_in_request(env)
+        return env if env.is_a?(ActionDispatch::Request)
+        ActionDispatch::Request.new(env)
       end
 
       def cookie_options
         @default_options.slice(:httponly, :secure)
       end
+
+      def cookie_jar(request)
+        if @default_options[:signed]
+          request.cookie_jar.signed_or_encrypted
+        else
+          request.cookie_jar
+        end
+      end
     end
   end
 end

data/lib/redis/actionpack/version.rb

@@ -1,5 +1,5 @@
 class Redis
   module ActionPack
-    VERSION = '5.1.0'
+    VERSION = '5.2.0.pre'
   end
 end

data/redis-actionpack.gemspec

@@ -14,18 +14,19 @@ Gem::Specification.new do |s|
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
-  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.executables   = []
   s.require_paths = ['lib']
+  s.required_ruby_version = '>= 2.3.0'
 
   s.add_runtime_dependency 'redis-store', '>= 1.1.0', '< 2'
   s.add_runtime_dependency 'redis-rack',  '>= 1', '< 3'
-  s.add_runtime_dependency 'actionpack',  '>= 4.0', '< 7'
+  s.add_runtime_dependency 'actionpack',  '>= 5', '< 7'
 
   s.add_development_dependency 'rake',     '~> 10'
-  s.add_development_dependency 'bundler'
+  s.add_development_dependency 'bundler',  '> 1', '< 3'
   s.add_development_dependency 'mocha',    '~> 0.14.0'
   s.add_development_dependency 'minitest-rails'
   s.add_development_dependency 'tzinfo'
-  # s.add_development_dependency 'mini_backtrace'
   s.add_development_dependency 'redis-store-testing'
+  s.add_development_dependency 'appraisal'
 end

data/test/gemfiles/{Gemfile.rails-5.0.x → Gemfile.rails-6.0.x}

@@ -5,7 +5,6 @@ gem 'redis-store'
 
 gem 'redis-rack', github: 'redis-store/redis-rack'
 
-gem 'actionpack', '~> 5.0.0'
+gem 'actionpack', '~> 6.0.0'
 
 gem 'minitest-rails'
-

data/test/integration/redis_store_integration_test.rb

@@ -69,6 +69,20 @@ class RedisStoreIntegrationTest < ::ActionDispatch::IntegrationTest
     end
   end
 
+  test "should set a signed cookie when the 'signed' option is set" do
+    with_test_route_set(signed: true) do
+      https!
+
+      get '/set_session_value'
+      assert_response :success
+
+      cookie = cookies.instance_variable_get('@cookies').first
+
+      assert_includes cookie.raw, '_session_id='
+    end
+  end
+
+
   test "should set a http-only cookie by default" do
     with_test_route_set do
       get '/set_session_value'
@@ -238,8 +252,17 @@ class RedisStoreIntegrationTest < ::ActionDispatch::IntegrationTest
       def initialize(routes, &blk)
         @routes = routes
         @stack = ActionDispatch::MiddlewareStack.new(&blk).build(@routes)
+        @secret = SecureRandom.hex
+        @key_generator = ActiveSupport::CachingKeyGenerator.new(
+          ActiveSupport::KeyGenerator.new(@secret, iterations: 2)
+        )
       end
       def call(env)
+        env[ActionDispatch::Cookies::GENERATOR_KEY] = @key_generator
+        env[ActionDispatch::Cookies::SIGNED_COOKIE_SALT] = SecureRandom.hex
+        if defined? ActionDispatch::Cookies::COOKIES_ROTATIONS
+          env[ActionDispatch::Cookies::COOKIES_ROTATIONS] = ActiveSupport::Messages::RotationConfiguration.new
+        end
         @stack.call(env)
       end
     end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: redis-actionpack
 version: !ruby/object:Gem::Version
-  version: 5.1.0
+  version: 5.2.0.pre
 platform: ruby
 authors:
 - Luca Guidi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-22 00:00:00.000000000 Z
+date: 2019-09-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redis-store
@@ -56,7 +56,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '5'
     - - "<"
       - !ruby/object:Gem::Version
         version: '7'
@@ -66,7 +66,7 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '5'
     - - "<"
       - !ruby/object:Gem::Version
         version: '7'
@@ -88,16 +88,22 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - ">"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - ">"
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '1'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: mocha
   requirement: !ruby/object:Gem::Requirement
@@ -154,6 +160,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: appraisal
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 description: Redis session store for ActionPack
 email:
 - me@lucaguidi.com
@@ -161,13 +181,20 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/auto-assign-issues.yml"
 - ".gitignore"
 - ".travis.yml"
+- Appraisals
 - CODEOWNERS
 - Gemfile
 - MIT-LICENSE
 - README.md
 - Rakefile
+- bin/bundler-version-options.rb
+- gemfiles/rails_5.0.x.gemfile
+- gemfiles/rails_5.1.x.gemfile
+- gemfiles/rails_5.2.x.gemfile
+- gemfiles/rails_6.0.x.gemfile
 - lib/action_dispatch/middleware/session/redis_store.rb
 - lib/redis-actionpack.rb
 - lib/redis/actionpack/version.rb
@@ -184,10 +211,7 @@ files:
 - test/dummy/config/routes.rb
 - test/dummy/script/rails
 - test/fixtures/session_autoload_test/session_autoload_test/foo.rb
-- test/gemfiles/Gemfile.rails-4.0.x
-- test/gemfiles/Gemfile.rails-4.1.x
-- test/gemfiles/Gemfile.rails-4.2.x
-- test/gemfiles/Gemfile.rails-5.0.x
+- test/gemfiles/Gemfile.rails-6.0.x
 - test/integration/redis_store_integration_test.rb
 - test/test_helper.rb
 homepage: http://redis-store.org/redis-actionpack
@@ -202,12 +226,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.3.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ">="
+  - - ">"
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: 
 rubygems_version: 2.6.14
@@ -227,9 +251,6 @@ test_files:
 - test/dummy/config/routes.rb
 - test/dummy/script/rails
 - test/fixtures/session_autoload_test/session_autoload_test/foo.rb
-- test/gemfiles/Gemfile.rails-4.0.x
-- test/gemfiles/Gemfile.rails-4.1.x
-- test/gemfiles/Gemfile.rails-4.2.x
-- test/gemfiles/Gemfile.rails-5.0.x
+- test/gemfiles/Gemfile.rails-6.0.x
 - test/integration/redis_store_integration_test.rb
 - test/test_helper.rb

data/test/gemfiles/Gemfile.rails-4.0.x

@@ -1,10 +0,0 @@
-source 'https://rubygems.org'
-gemspec :path => './../..'
-
-gem 'redis-store', '~> 1.1.0'
-
-gem 'redis-rack', '~> 1.5.0'
-
-gem 'actionpack', '~> 4.0.0'
-
-gem 'minitest-rails', '~> 1.0.0'

data/test/gemfiles/Gemfile.rails-4.1.x

@@ -1,10 +0,0 @@
-source 'https://rubygems.org'
-gemspec :path => './../..'
-
-gem 'redis-store', '~> 1.1.0'
-
-gem 'redis-rack', '~> 1.5.0'
-
-gem 'actionpack', '~> 4.1.0'
-
-gem 'minitest-rails', '~> 2.2.0'

data/test/gemfiles/Gemfile.rails-4.2.x

@@ -1,10 +0,0 @@
-source 'https://rubygems.org'
-gemspec :path => './../..'
-
-gem 'redis-store', '~> 1.1.0'
-
-gem 'redis-rack', '~> 1.5.0'
-
-gem 'actionpack', '~> 4.2.0'
-
-gem 'minitest-rails', '~> 2.2.0'