redis-session-store 0.11.3 → 0.11.4

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: fd8a09794dffb0a086336ee4214bcb138ac5586c47f42c05f3fc58ff6674ea11
4
- data.tar.gz: 104c8fc66496c25cc5722898666dbf18313325167b15d86f6c0ecfbed0d22503
3
+ metadata.gz: d849f844f92e7e968078cf93d5802c868613bad0bfcefce1b72dd89724f76e3c
4
+ data.tar.gz: 6c022fcdc3cdf7254ef738e7450530238fb813eed58b73055f7e851c8335fca4
5
5
  SHA512:
6
- metadata.gz: a1a88cfba00ea9c689284797c3abdc818410b349ffeb682b55c71f6cea56963a657c69cff0e026690737369297481f19c214a5685b24ce280172257b0e2c9813
7
- data.tar.gz: 864472f94a488f8e803874bec5daf987cc8c3235d486408bfb3f1261069afc41d91a004f398af218eafb5238ca9bc25697956af9290077c0f5b806212e0070ca
6
+ metadata.gz: b6c00740b8272f8626e3e4f902b927cefb50901e9fa7981d4a4b4e291d2c2bbbe9ab5d60c0b44453a38d08777aee818f4ae7218a7bc7e221996e54f659add5e4
7
+ data.tar.gz: 6d39606e90215ecda6a7575231082da256381f765c457fc220a339a287618f820f8af44e3d2efb32fa160dc7351a51c92b4326afae5c670acd1b1292384aa5ec
@@ -0,0 +1,34 @@
1
+ # This workflow uses actions that are not certified by GitHub.
2
+ # They are provided by a third-party and are governed by
3
+ # separate terms of service, privacy policy, and support
4
+ # documentation.
5
+ # This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
6
+ # For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
7
+
8
+ name: Ruby
9
+
10
+ on:
11
+ push:
12
+ branches: [ master ]
13
+ pull_request:
14
+ branches: [ master ]
15
+
16
+ jobs:
17
+ test:
18
+
19
+ runs-on: ubuntu-latest
20
+ strategy:
21
+ matrix:
22
+ ruby: [2.5, 2.6, 2.7, head, jruby-9.2.20.1, jruby-head]
23
+
24
+ steps:
25
+ - uses: actions/checkout@v2
26
+ - name: Set up Ruby
27
+ uses: ruby/setup-ruby@v1
28
+ with:
29
+ ruby-version: ${{ matrix.ruby }}
30
+ bundler-cache: true # runs 'bundle install' and caches installed gems automatically
31
+ continue-on-error: true
32
+ - name: Run tests
33
+ run: bundle exec rake
34
+ continue-on-error: true
data/.rubocop.yml CHANGED
@@ -1,3 +1,9 @@
1
+ inherit_from: .rubocop_todo.yml
2
+
3
+ require:
4
+ - rubocop-rake
5
+ - rubocop-rspec
6
+
1
7
  AllCops:
2
8
  DisplayCopNames: true
3
9
  Exclude:
data/.rubocop_todo.yml ADDED
@@ -0,0 +1,67 @@
1
+ # This configuration was generated by
2
+ # `rubocop --auto-gen-config`
3
+ # on 2022-01-29 11:55:33 UTC using RuboCop version 1.25.0.
4
+ # The point is for the user to remove these configuration records
5
+ # one by one as the offenses are removed from the code base.
6
+ # Note that changes in the inspected code, or installation of new
7
+ # versions of RuboCop, may require this file to be generated again.
8
+
9
+ # Offense count: 1
10
+ # Configuration parameters: Include.
11
+ # Include: **/*.gemspec
12
+ Gemspec/RequiredRubyVersion:
13
+ Exclude:
14
+ - 'redis-session-store.gemspec'
15
+
16
+ # Offense count: 6
17
+ # Configuration parameters: Prefixes.
18
+ # Prefixes: when, with, without
19
+ RSpec/ContextWording:
20
+ Exclude:
21
+ - 'spec/redis_session_store_spec.rb'
22
+
23
+ # Offense count: 2
24
+ # Configuration parameters: CountAsOne.
25
+ RSpec/ExampleLength:
26
+ Max: 9
27
+
28
+ # Offense count: 5
29
+ # Configuration parameters: AssignmentOnly.
30
+ RSpec/InstanceVariable:
31
+ Exclude:
32
+ - 'spec/redis_session_store_spec.rb'
33
+
34
+ # Offense count: 8
35
+ # Configuration parameters: .
36
+ # SupportedStyles: have_received, receive
37
+ RSpec/MessageSpies:
38
+ EnforcedStyle: receive
39
+
40
+ # Offense count: 5
41
+ RSpec/MultipleExpectations:
42
+ Max: 2
43
+
44
+ # Offense count: 17
45
+ # Configuration parameters: AllowSubject.
46
+ RSpec/MultipleMemoizedHelpers:
47
+ Max: 10
48
+
49
+ # Offense count: 13
50
+ RSpec/NestedGroups:
51
+ Max: 5
52
+
53
+ # Offense count: 2
54
+ RSpec/StubbedMock:
55
+ Exclude:
56
+ - 'spec/redis_session_store_spec.rb'
57
+
58
+ # Offense count: 20
59
+ RSpec/SubjectStub:
60
+ Exclude:
61
+ - 'spec/redis_session_store_spec.rb'
62
+
63
+ # Offense count: 16
64
+ # Configuration parameters: IgnoreNameless, IgnoreSymbolicNames.
65
+ RSpec/VerifiedDoubles:
66
+ Exclude:
67
+ - 'spec/redis_session_store_spec.rb'
data/AUTHORS.md CHANGED
@@ -23,3 +23,4 @@ Redis Session Store authors
23
23
  - Anton Kolodii
24
24
  - Peter Karman
25
25
  - Zach Margolis
26
+ - Zachary Belzer
data/CHANGELOG.md CHANGED
@@ -4,6 +4,15 @@
4
4
 
5
5
  ## [Unreleased]
6
6
 
7
+ ## [0.11.4] - 2022-01-29
8
+ ### Fixed
9
+ - Use AbstractSecureStore for security fix
10
+
11
+ ### Changed
12
+ - Support actionpack 7.x
13
+ - Move from TravisCI to Github Actions
14
+ - Drop support for ruby 2.3, 2.4
15
+
7
16
  ## [0.11.3] - 2020-07-23
8
17
  ### Fixed
9
18
  - https://github.com/roidrage/redis-session-store/issues/121
data/README.md CHANGED
@@ -1,6 +1,5 @@
1
1
  # Redis Session Store
2
2
 
3
- [![Build Status](https://travis-ci.org/roidrage/redis-session-store.svg?branch=master)](https://travis-ci.org/roidrage/redis-session-store)
4
3
  [![Code Climate](https://codeclimate.com/github/roidrage/redis-session-store.svg)](https://codeclimate.com/github/roidrage/redis-session-store)
5
4
  [![Gem Version](https://badge.fury.io/rb/redis-session-store.svg)](http://badge.fury.io/rb/redis-session-store)
6
5
 
@@ -2,8 +2,8 @@ require 'redis'
2
2
 
3
3
  # Redis session storage for Rails, and for Rails only. Derived from
4
4
  # the MemCacheStore code, simply dropping in Redis instead.
5
- class RedisSessionStore < ActionDispatch::Session::AbstractStore
6
- VERSION = '0.11.3'.freeze
5
+ class RedisSessionStore < ActionDispatch::Session::AbstractSecureStore
6
+ VERSION = '0.11.4'.freeze
7
7
  # Rails 3.1 and beyond defines the constant elsewhere
8
8
  unless defined?(ENV_SESSION_OPTIONS_KEY)
9
9
  ENV_SESSION_OPTIONS_KEY = if Rack.release.split('.').first.to_i > 1
@@ -4,7 +4,7 @@ Gem::Specification.new do |gem|
4
4
  gem.email = ['meyer@paperplanes.de']
5
5
  gem.summary = 'A drop-in replacement for e.g. MemCacheStore to ' \
6
6
  'store Rails sessions (and Rails sessions only) in Redis.'
7
- gem.description = gem.summary + ' For great glory!'
7
+ gem.description = "#{gem.summary} For great glory!"
8
8
  gem.homepage = 'https://github.com/roidrage/redis-session-store'
9
9
  gem.license = 'MIT'
10
10
 
@@ -15,12 +15,14 @@ Gem::Specification.new do |gem|
15
15
  gem.version = File.read('lib/redis-session-store.rb')
16
16
  .match(/^ VERSION = '(.*)'/)[1]
17
17
 
18
- gem.add_runtime_dependency 'actionpack', '>= 3', '< 7'
18
+ gem.add_runtime_dependency 'actionpack', '>= 3', '< 8'
19
19
  gem.add_runtime_dependency 'redis', '>= 3', '< 5'
20
20
 
21
21
  gem.add_development_dependency 'fakeredis', '~> 0.8'
22
22
  gem.add_development_dependency 'rake', '~> 13'
23
23
  gem.add_development_dependency 'rspec', '~> 3'
24
- gem.add_development_dependency 'rubocop', '~> 0.81'
25
- gem.add_development_dependency 'simplecov', '~> 0.17'
24
+ gem.add_development_dependency 'rubocop', '~> 1.25'
25
+ gem.add_development_dependency 'rubocop-rake', '~> 0.6'
26
+ gem.add_development_dependency 'rubocop-rspec', '~> 2.8'
27
+ gem.add_development_dependency 'simplecov', '~> 0.21'
26
28
  end
@@ -1,20 +1,19 @@
1
1
  require 'json'
2
2
 
3
3
  describe RedisSessionStore do
4
+ subject(:store) { described_class.new(nil, options) }
5
+
4
6
  let :random_string do
5
7
  "#{rand}#{rand}#{rand}"
6
8
  end
9
+ let :default_options do
10
+ store.instance_variable_get(:@default_options)
11
+ end
7
12
 
8
13
  let :options do
9
14
  {}
10
15
  end
11
16
 
12
- subject(:store) { RedisSessionStore.new(nil, options) }
13
-
14
- let :default_options do
15
- store.instance_variable_get(:@default_options)
16
- end
17
-
18
17
  it 'assigns a :namespace to @default_options' do
19
18
  expect(default_options[:namespace]).to eq('rack:session')
20
19
  end
@@ -35,7 +34,7 @@ describe RedisSessionStore do
35
34
  end
36
35
 
37
36
  it 'creates a redis instance' do
38
- expect(store.instance_variable_get(:@redis)).to_not be_nil
37
+ expect(store.instance_variable_get(:@redis)).not_to be_nil
39
38
  end
40
39
 
41
40
  it 'assigns the :host option to @default_options' do
@@ -96,7 +95,7 @@ describe RedisSessionStore do
96
95
  end
97
96
 
98
97
  it 'creates a redis instance' do
99
- expect(store.instance_variable_get(:@redis)).to_not be_nil
98
+ expect(store.instance_variable_get(:@redis)).not_to be_nil
100
99
  end
101
100
 
102
101
  it 'assigns the :host option to @default_options' do
@@ -228,6 +227,7 @@ describe RedisSessionStore do
228
227
  context 'when session id is not provided' do
229
228
  context 'when session id is nil' do
230
229
  let(:session_id) { nil }
230
+
231
231
  it 'returns false' do
232
232
  expect(store.send(:session_exists?, :env)).to eq(false)
233
233
  end
@@ -235,6 +235,7 @@ describe RedisSessionStore do
235
235
 
236
236
  context 'when session id is empty string' do
237
237
  let(:session_id) { '' }
238
+
238
239
  it 'returns false' do
239
240
  allow(store).to receive(:current_session_id).with(:env).and_return('')
240
241
  expect(store.send(:session_exists?, :env)).to eq(false)
@@ -281,6 +282,13 @@ describe RedisSessionStore do
281
282
 
282
283
  let(:fake_key) { 'thisisarediskey' }
283
284
 
285
+ describe 'generate_sid' do
286
+ it 'generates a secure ID' do
287
+ sid = store.send(:generate_sid)
288
+ expect(sid).to be_a(Rack::Session::SessionId)
289
+ end
290
+ end
291
+
284
292
  it 'retrieves the prefixed key from redis' do
285
293
  redis = double('redis')
286
294
  allow(store).to receive(:redis).and_return(redis)
@@ -397,14 +405,15 @@ describe RedisSessionStore do
397
405
 
398
406
  context 'marshal' do
399
407
  let(:options) { { serializer: :marshal } }
400
- it_should_behave_like 'serializer'
408
+
409
+ it_behaves_like 'serializer'
401
410
  end
402
411
 
403
412
  context 'json' do
404
413
  let(:options) { { serializer: :json } }
405
414
  let(:encoded_data) { '{"some":"data"}' }
406
415
 
407
- it_should_behave_like 'serializer'
416
+ it_behaves_like 'serializer'
408
417
  end
409
418
 
410
419
  context 'hybrid' do
@@ -412,13 +421,13 @@ describe RedisSessionStore do
412
421
  let(:expected_encoding) { '{"some":"data"}' }
413
422
 
414
423
  context 'marshal encoded data' do
415
- it_should_behave_like 'serializer'
424
+ it_behaves_like 'serializer'
416
425
  end
417
426
 
418
427
  context 'json encoded data' do
419
428
  let(:encoded_data) { '{"some":"data"}' }
420
429
 
421
- it_should_behave_like 'serializer'
430
+ it_behaves_like 'serializer'
422
431
  end
423
432
  end
424
433
 
@@ -438,7 +447,7 @@ describe RedisSessionStore do
438
447
  let(:options) { { serializer: custom_serializer } }
439
448
  let(:expected_encoding) { 'somedata' }
440
449
 
441
- it_should_behave_like 'serializer'
450
+ it_behaves_like 'serializer'
442
451
  end
443
452
  end
444
453
 
@@ -514,7 +523,7 @@ describe RedisSessionStore do
514
523
  %w(on_redis_down on_session_load_error).each do |h|
515
524
  context 'when nil' do
516
525
  it 'does not explode at init' do
517
- expect { store }.to_not raise_error
526
+ expect { store }.not_to raise_error
518
527
  end
519
528
  end
520
529
 
@@ -522,7 +531,7 @@ describe RedisSessionStore do
522
531
  let(:options) { { "#{h}": ->(*) { true } } }
523
532
 
524
533
  it 'does not explode at init' do
525
- expect { store }.to_not raise_error
534
+ expect { store }.not_to raise_error
526
535
  end
527
536
  end
528
537
 
data/spec/support.rb CHANGED
@@ -7,11 +7,24 @@ unless defined?(Rack::Session::Abstract::ENV_SESSION_OPTIONS_KEY)
7
7
  end
8
8
  end
9
9
  end
10
+ unless defined?(Rack::Session::SessionId)
11
+ module Rack
12
+ module Session
13
+ class SessionId
14
+ attr_reader :public_id
15
+
16
+ def initialize(_public_id)
17
+ @public_id
18
+ end
19
+ end
20
+ end
21
+ end
22
+ end
10
23
 
11
- unless defined?(ActionDispatch::Session::AbstractStore)
24
+ unless defined?(ActionDispatch::Session::AbstractSecureStore)
12
25
  module ActionDispatch
13
26
  module Session
14
- class AbstractStore
27
+ class AbstractSecureStore
15
28
  ENV_SESSION_OPTIONS_KEY = 'rack.session.options'.freeze
16
29
  DEFAULT_OPTIONS = {
17
30
  key: '_session_id',
@@ -33,7 +46,7 @@ unless defined?(ActionDispatch::Session::AbstractStore)
33
46
  private
34
47
 
35
48
  def generate_sid
36
- rand(999..9999).to_s(16)
49
+ Rack::Session::SessionId.new(rand(999..9999).to_s(16))
37
50
  end
38
51
  end
39
52
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: redis-session-store
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.11.3
4
+ version: 0.11.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mathias Meyer
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-07-23 00:00:00.000000000 Z
11
+ date: 2022-01-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: actionpack
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: '3'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '7'
22
+ version: '8'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: '3'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '7'
32
+ version: '8'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: redis
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -98,28 +98,56 @@ dependencies:
98
98
  requirements:
99
99
  - - "~>"
100
100
  - !ruby/object:Gem::Version
101
- version: '0.81'
101
+ version: '1.25'
102
102
  type: :development
103
103
  prerelease: false
104
104
  version_requirements: !ruby/object:Gem::Requirement
105
105
  requirements:
106
106
  - - "~>"
107
107
  - !ruby/object:Gem::Version
108
- version: '0.81'
108
+ version: '1.25'
109
+ - !ruby/object:Gem::Dependency
110
+ name: rubocop-rake
111
+ requirement: !ruby/object:Gem::Requirement
112
+ requirements:
113
+ - - "~>"
114
+ - !ruby/object:Gem::Version
115
+ version: '0.6'
116
+ type: :development
117
+ prerelease: false
118
+ version_requirements: !ruby/object:Gem::Requirement
119
+ requirements:
120
+ - - "~>"
121
+ - !ruby/object:Gem::Version
122
+ version: '0.6'
123
+ - !ruby/object:Gem::Dependency
124
+ name: rubocop-rspec
125
+ requirement: !ruby/object:Gem::Requirement
126
+ requirements:
127
+ - - "~>"
128
+ - !ruby/object:Gem::Version
129
+ version: '2.8'
130
+ type: :development
131
+ prerelease: false
132
+ version_requirements: !ruby/object:Gem::Requirement
133
+ requirements:
134
+ - - "~>"
135
+ - !ruby/object:Gem::Version
136
+ version: '2.8'
109
137
  - !ruby/object:Gem::Dependency
110
138
  name: simplecov
111
139
  requirement: !ruby/object:Gem::Requirement
112
140
  requirements:
113
141
  - - "~>"
114
142
  - !ruby/object:Gem::Version
115
- version: '0.17'
143
+ version: '0.21'
116
144
  type: :development
117
145
  prerelease: false
118
146
  version_requirements: !ruby/object:Gem::Requirement
119
147
  requirements:
120
148
  - - "~>"
121
149
  - !ruby/object:Gem::Version
122
- version: '0.17'
150
+ version: '0.21'
123
151
  description: A drop-in replacement for e.g. MemCacheStore to store Rails sessions
124
152
  (and Rails sessions only) in Redis. For great glory!
125
153
  email:
@@ -131,11 +159,12 @@ extra_rdoc_files:
131
159
  - AUTHORS.md
132
160
  - CONTRIBUTING.md
133
161
  files:
162
+ - ".github/workflows/ruby.yml"
134
163
  - ".gitignore"
135
164
  - ".rspec"
136
165
  - ".rubocop.yml"
166
+ - ".rubocop_todo.yml"
137
167
  - ".simplecov"
138
- - ".travis.yml"
139
168
  - AUTHORS.md
140
169
  - CHANGELOG.md
141
170
  - CODE_OF_CONDUCT.md
@@ -168,7 +197,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
168
197
  - !ruby/object:Gem::Version
169
198
  version: '0'
170
199
  requirements: []
171
- rubygems_version: 3.1.2
200
+ rubygems_version: 3.1.6
172
201
  signing_key:
173
202
  specification_version: 4
174
203
  summary: A drop-in replacement for e.g. MemCacheStore to store Rails sessions (and
data/.travis.yml DELETED
@@ -1,24 +0,0 @@
1
- language: ruby
2
- cache: bundler
3
- rvm:
4
- - 2.3
5
- - 2.4
6
- - 2.5
7
- - 2.6
8
- - ruby-head
9
- - jruby-9.2.12.0
10
- matrix:
11
- allow_failures:
12
- - rvm: ruby-head
13
- - rvm: jruby-9.2.12.0
14
- notifications:
15
- email: false
16
- deploy:
17
- provider: rubygems
18
- api_key:
19
- secure: jL1lH/wfeRa5MoZRHvkXcZP/Ch7huFxqzbvhEV7UZhiDUBnApcJWkb346jeLEDYnFObUhqhaCZ1/l4fDeSFg2GgatSfEnoWATFVkIf1e4TTGAePlS+4qqsGOcr+XrjP6CEf4o4JACdLuSoT9dtUFj0xkFLnDWILxneXIrqDE9VU=
20
- gem: redis-session-store
21
- on:
22
- tags: true
23
- repo: roidrage/redis-session-store
24
- rvm: 2.6.6