redis-actionpack 5.0.1 → 5.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f4372ed1017dfad6a583f6b759134e465612cac1
-  data.tar.gz: 2bdf95ee3cc854af1dc008ca0034d80b6462bedd
+  metadata.gz: 3c307087a763d1e0b3954ec756cd840ed1df3e8b
+  data.tar.gz: ee7c5f3361f0cf5c7e6009b033c6cb0524dbb0a2
 SHA512:
-  metadata.gz: 886c02951f763d866f9163727cf58608e44b47dc4d55f38b029cb8d9569c7d46223f2eb1ab02e8ced4b18d8be2b42d4064c31871152b7a20773ffaa68a20a173
-  data.tar.gz: 71400d65a5db56b45f8a8d6660e7791b84c11d544fb695173cf165eefeb61a22959ff430b6a0b3d2e247707d1997972d95d939f5f4346e4cb520569d0141de7c
+  metadata.gz: 144bec146061a9b5e90b56e3e2a9224bb293766e6393a1d2510e06ae22e1cfa90f45ee3bc2330375a8b6282b05a9bfb22be23bdba943aa12bb33ec59986835f0
+  data.tar.gz: 642076a0bd7256abea58eb90cdcf8e0aac49c746614745f449a97539876a2bc2eeea1ce25703aa1069ec7c326400ef016d268980ea664950457b4e4a018cb643

data/Gemfile

@@ -1,2 +1,3 @@
 source 'https://rubygems.org'
 gemspec
+gem 'redis-store-testing' #, path: '../testing'

data/README.md

@@ -14,7 +14,7 @@ gem 'redis-actionpack'
 If you are using redis-store with Rails, consider using the [redis-rails gem](https://github.com/redis-store/redis-rails) instead. For standalone usage:
 
 ```ruby
-ActionController::Base.cache_store = ActionDispatch::Session::RedisSessionStore.new
+ActionController::Base.cache_store = ActionDispatch::Session::RedisStore.new
 ```
 
 ## Running tests

data/lib/action_dispatch/middleware/session/redis_store.rb

@@ -18,13 +18,16 @@ module ActionDispatch
       private
 
       def set_cookie(env, session_id, cookie)
-
         if env.is_a? ActionDispatch::Request
           request = env
         else
           request = ActionDispatch::Request.new(env)
         end
-        request.cookie_jar[key] = cookie
+        request.cookie_jar[key] = cookie.merge(cookie_options)
+      end
+
+      def cookie_options
+        @default_options.slice(:httponly, :secure)
       end
     end
   end

data/lib/redis/actionpack/version.rb

@@ -1,5 +1,5 @@
 class Redis
   module ActionPack
-    VERSION = '5.0.1'
+    VERSION = '5.0.2'
   end
 end

data/redis-actionpack.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ['lib']
 
-  s.add_runtime_dependency 'redis-store', '>= 1.1.0', '< 1.4.0'
+  s.add_runtime_dependency 'redis-store', '>= 1.1.0', '< 2'
   s.add_runtime_dependency 'redis-rack',  '>= 1', '< 3'
   s.add_runtime_dependency 'actionpack',  '>= 4.0', '< 6'
 

data/test/dummy/app/controllers/test_controller.rb

@@ -19,12 +19,12 @@ class TestController < ActionController::Base
   end
 
   def get_session_value
-    render :text => "foo: #{session[:foo].inspect}"
+    render plain: "foo: #{session[:foo].inspect}"
   end
 
   def get_session_id
     session_id = request.session_options[:id] || cookies["_session_id"]
-    render :text => session_id
+    render plain: session_id
   end
 
   def call_reset_session

data/test/integration/redis_store_integration_test.rb

@@ -43,6 +43,56 @@ class RedisStoreIntegrationTest < ::ActionDispatch::IntegrationTest
     end
   end
 
+  test "should set a non-secure cookie by default" do
+    with_test_route_set do
+      https!
+
+      get '/set_session_value'
+      assert_response :success
+
+      cookie = cookies.instance_variable_get('@cookies').first
+
+      assert !cookie.secure?
+    end
+  end
+
+  test "should set a secure cookie when the 'secure' option is set" do
+    with_test_route_set(secure: true) do
+      https!
+
+      get '/set_session_value'
+      assert_response :success
+
+      cookie = cookies.instance_variable_get('@cookies').first
+
+      assert cookie.secure?
+    end
+  end
+
+  test "should set a http-only cookie by default" do
+    with_test_route_set do
+      get '/set_session_value'
+      assert_response :success
+
+      cookie = cookies.instance_variable_get('@cookies').first
+      options = cookie.instance_variable_get('@options')
+
+      assert options.key?('HttpOnly')
+    end
+  end
+
+  test "should set a non-http-only cookie when the 'httponlty' option is set to false" do
+    with_test_route_set(httponly: false) do
+      get '/set_session_value'
+      assert_response :success
+
+      cookie = cookies.instance_variable_get('@cookies').first
+      options = cookie.instance_variable_get('@options')
+
+      assert !options.key?('HttpOnly')
+    end
+  end
+
   test "should not send cookies on write, not read" do
     with_test_route_set do
       get '/get_session_value'
@@ -128,7 +178,7 @@ class RedisStoreIntegrationTest < ::ActionDispatch::IntegrationTest
 
       reset!
 
-      get '/set_session_value', :_session_id => session_id
+      get '/set_session_value', headers: { _session_id: session_id }
       assert_response :success
       assert(cookies['_session_id'] != session_id)
     end
@@ -199,7 +249,7 @@ class RedisStoreIntegrationTest < ::ActionDispatch::IntegrationTest
       RoutedRackApp.new(routes || ActionDispatch::Routing::RouteSet.new) do |middleware|
         middleware.use ActionDispatch::DebugExceptions
         middleware.use ActionDispatch::Callbacks
-        middleware.use ActionDispatch::ParamsParser
+        # middleware.use ActionDispatch::ParamsParser
         middleware.use ActionDispatch::Cookies
         middleware.use ActionDispatch::Flash
         middleware.use Rack::Head
@@ -211,7 +261,13 @@ class RedisStoreIntegrationTest < ::ActionDispatch::IntegrationTest
     def with_test_route_set(options = {})
       with_routing do |set|
         set.draw do
-          get ':action', :to => ::TestController
+          get :no_session_access,             to: 'test#no_session_access'
+          get :set_session_value,             to: 'test#set_session_value'
+          get :set_session_value_with_expiry, to: 'test#set_session_value_with_expiry'
+          get :set_serialized_session_value,  to: 'test#set_serialized_session_value'
+          get :get_session_value,             to: 'test#get_session_value'
+          get :get_session_id,                to: 'test#get_session_id'
+          get :call_reset_session,            to: 'test#call_reset_session'
         end
         options = { :key => SessionKey }.merge!(options)
         @app = self.class.build_app(set) do |middleware|

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: redis-actionpack
 version: !ruby/object:Gem::Version
-  version: 5.0.1
+  version: 5.0.2
 platform: ruby
 authors:
 - Luca Guidi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-11-04 00:00:00.000000000 Z
+date: 2017-10-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redis-store
@@ -19,7 +19,7 @@ dependencies:
         version: 1.1.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.4.0
+        version: '2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: 1.1.0
     - - "<"
       - !ruby/object:Gem::Version
-        version: 1.4.0
+        version: '2'
 - !ruby/object:Gem::Dependency
   name: redis-rack
   requirement: !ruby/object:Gem::Requirement
@@ -207,7 +207,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: redis-actionpack
-rubygems_version: 2.6.6
+rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
 summary: Redis session store for ActionPack