rsence-pre 2.3.0.12 → 2.3.0.13
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/conf/default_conf.yaml +15 -0
- data/js/comm/session/session.js +2 -2
- data/lib/rsence/daemon.rb +18 -0
- data/lib/rsence/session/mongo_sessionstorage.rb +6 -5
- data/lib/rsence/sessionmanager.rb +18 -10
- data/lib/rsence/sessionstorage.rb +7 -5
- data/lib/rsence/transporter.rb +1 -1
- data/plugins/main/main.rb +1 -1
- metadata +2 -2
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
2.3.0.
|
1
|
+
2.3.0.13.pre
|
data/conf/default_conf.yaml
CHANGED
@@ -139,6 +139,9 @@
|
|
139
139
|
# Timeout controls how long a session is valid
|
140
140
|
:timeout_secs: 900 # 15 minutes
|
141
141
|
#
|
142
|
+
# Separate timeout for the first request to prevent session flooding
|
143
|
+
:timeout_first: 15 # 15 seconds
|
144
|
+
#
|
142
145
|
# Key length controls the length of the random-part of the key.
|
143
146
|
:key_length: 12
|
144
147
|
#
|
@@ -166,6 +169,9 @@
|
|
166
169
|
# A safe value for a 60 second poll interval is 120 (default).
|
167
170
|
:cloned_session_expires_in: 120
|
168
171
|
#
|
172
|
+
# Session store/expiry sleep (in seconds) between sessions (to prevent too high loads on cleanup tasks)
|
173
|
+
:db_sleep: 0.001
|
174
|
+
#
|
169
175
|
# Message strings
|
170
176
|
:messages:
|
171
177
|
#
|
@@ -174,6 +180,15 @@
|
|
174
180
|
:title: 'Invalid Session'
|
175
181
|
:descr: 'Your session is invalid. Please reload the page to continue.'
|
176
182
|
:uri: '/'
|
183
|
+
#
|
184
|
+
# MongoDB-specific settings
|
185
|
+
:mongo:
|
186
|
+
#
|
187
|
+
# MongoDB Connection Pool Timeout:
|
188
|
+
:pool_timeout: 10 # seconds
|
189
|
+
#
|
190
|
+
# MongoDB Connection Pool Size:
|
191
|
+
:pool_size: 500 # amount of connections
|
177
192
|
#
|
178
193
|
# Database configuration
|
179
194
|
:database:
|
data/js/comm/session/session.js
CHANGED
@@ -28,7 +28,7 @@ COMM.Session = HClass.extend({
|
|
28
28
|
var _this = this;
|
29
29
|
_this.sha = SHA.nu(8);
|
30
30
|
_this.sha_key = _this.sha.hexSHA1(((new Date().getTime())*Math.random()*1000).toString());
|
31
|
-
_this.ses_key = '0
|
31
|
+
_this.ses_key = '0:1:'+_this.sha_key;
|
32
32
|
_this.req_num = 0;
|
33
33
|
},
|
34
34
|
|
@@ -46,7 +46,7 @@ COMM.Session = HClass.extend({
|
|
46
46
|
var _this = this,
|
47
47
|
_shaKey = _this.sha.hexSHA1(_sesKey+_this.sha_key);
|
48
48
|
_this.req_num++;
|
49
|
-
_this.ses_key = _this.req_num+'
|
49
|
+
_this.ses_key = _this.req_num+':1:'+_shaKey;
|
50
50
|
_this.sha_key = _shaKey;
|
51
51
|
}
|
52
52
|
}).nu();
|
data/lib/rsence/daemon.rb
CHANGED
@@ -327,6 +327,7 @@ module RSence
|
|
327
327
|
Daemon.start_logging( self )
|
328
328
|
end
|
329
329
|
|
330
|
+
ses_expire_loop
|
330
331
|
autosave_loop if RSence.config[:daemon][:autosave_interval] > 0
|
331
332
|
start_broker( conf )
|
332
333
|
|
@@ -352,6 +353,21 @@ module RSence
|
|
352
353
|
RSence.config[:http_server][:port]
|
353
354
|
end
|
354
355
|
|
356
|
+
# Expires old sessions once a second
|
357
|
+
def ses_expire_loop
|
358
|
+
Thread.new do
|
359
|
+
Thread.pass
|
360
|
+
while true
|
361
|
+
sleep 1
|
362
|
+
begin
|
363
|
+
@transporter.sessions.expire_sessions if @transporter.online?
|
364
|
+
rescue => e
|
365
|
+
warn "Session expiration error: #{e.inspect}"
|
366
|
+
end
|
367
|
+
end
|
368
|
+
end
|
369
|
+
end
|
370
|
+
|
355
371
|
# Saves plugin and session state periodically
|
356
372
|
def autosave_loop
|
357
373
|
Thread.new do
|
@@ -383,6 +399,7 @@ module RSence
|
|
383
399
|
|
384
400
|
Process.setsid
|
385
401
|
|
402
|
+
ses_expire_loop
|
386
403
|
autosave_loop if RSence.config[:daemon][:autosave_interval] > 0
|
387
404
|
start_broker( conf )
|
388
405
|
yield @broker
|
@@ -428,6 +445,7 @@ module RSence
|
|
428
445
|
# transporter_state = @transporter.online?
|
429
446
|
# @transporter.online = false
|
430
447
|
begin
|
448
|
+
# Store remaining active sessions
|
431
449
|
@transporter.sessions.store_sessions
|
432
450
|
rescue => e
|
433
451
|
puts "Exception #{e.inspect} occurred while storing sessions"
|
@@ -7,15 +7,13 @@ require 'mongo'
|
|
7
7
|
class MongoSessionStorage
|
8
8
|
|
9
9
|
# Poor-man's connection string parser:
|
10
|
-
def parse_db_uri
|
10
|
+
def parse_db_uri
|
11
11
|
db_str = @db_uri.split('mongodb://')[1]
|
12
12
|
( db_auth_str, db_conn_str ) = db_str.split('@')
|
13
13
|
( db_username, db_password ) = db_auth_str.split(':')
|
14
14
|
( db_host, db_port_name_str ) = db_conn_str.split(':')
|
15
15
|
( db_port, db_name ) = db_port_name_str.split('/')
|
16
16
|
return {
|
17
|
-
:pool_size => db_pool_size,
|
18
|
-
:pool_timeout => db_pool_timeout,
|
19
17
|
:host => db_host,
|
20
18
|
:port => db_port,
|
21
19
|
:username => db_username,
|
@@ -29,8 +27,8 @@ class MongoSessionStorage
|
|
29
27
|
# mongodb://rsence:2N74krTMURIpSr6Y91Hy@localhost:37035/rsence_sessions
|
30
28
|
conn = parse_db_uri
|
31
29
|
@conn = Mongo::Connection.new( conn[:host], conn[:port], {
|
32
|
-
:pool_size =>
|
33
|
-
:pool_timeout =>
|
30
|
+
:pool_size => @config[:mongo][:pool_size],
|
31
|
+
:pool_timeout => @config[:mongo][:pool_timeout],
|
34
32
|
:auths => [{
|
35
33
|
'username' => conn[:username],
|
36
34
|
'password' => conn[:password],
|
@@ -91,11 +89,14 @@ class MongoSessionStorage
|
|
91
89
|
@ses_coll.find.each do |ses_row|
|
92
90
|
ses_id = ses_row['_id'].to_s
|
93
91
|
ses_data_bin = ses_row['ses_data']
|
92
|
+
puts "ses_data_bin: #{ses_data_bin.inspect}"
|
94
93
|
if ses_data_bin.nil?
|
94
|
+
puts "removing #{ses_id}"
|
95
95
|
remove_session_data( ses_id )
|
96
96
|
else
|
97
97
|
begin
|
98
98
|
ses_data = Marshal.load( ses_data_bin.to_s )
|
99
|
+
puts "ses_data: #{ses_data.inspect}"
|
99
100
|
rescue => e
|
100
101
|
warn "Unable to restore session #{ses_id}"
|
101
102
|
remove_session_data( ses_id )
|
@@ -53,13 +53,15 @@ module RSence
|
|
53
53
|
### Creates a new session
|
54
54
|
def init_ses( msg=nil, ses_seed=false )
|
55
55
|
|
56
|
+
## Perform old-session cleanup before creating another
|
57
|
+
# expire_sessions
|
58
|
+
|
56
59
|
if ses_seed == false
|
57
60
|
ses_seed = @randgen.gen
|
58
61
|
end
|
59
62
|
|
60
63
|
## Assigns new timeout for the session
|
61
|
-
|
62
|
-
timeout = time_now + @config[:timeout_secs]
|
64
|
+
timeout = Time.now.to_i + @config[:timeout_first] #@config[:timeout_secs]
|
63
65
|
|
64
66
|
## Creates a new session key
|
65
67
|
ses_key = @randgen.gen
|
@@ -69,7 +71,7 @@ module RSence
|
|
69
71
|
|
70
72
|
## Makes a new database row for the session, returns its id
|
71
73
|
ses_id = new_ses_id( cookie_key, ses_key, timeout )
|
72
|
-
|
74
|
+
|
73
75
|
ses_sha = SHA1.hexdigest(ses_key+ses_seed)
|
74
76
|
|
75
77
|
### Default session data structure,
|
@@ -134,6 +136,9 @@ module RSence
|
|
134
136
|
end
|
135
137
|
|
136
138
|
def refresh_ses( msg, ses_data, ses_id, ses_key, ses_seed )
|
139
|
+
## Perform old-session cleanup before extending another
|
140
|
+
# expire_sessions
|
141
|
+
|
137
142
|
# new time-out
|
138
143
|
ses_data[:timeout] = Time.now.to_i + @config[:timeout_secs]
|
139
144
|
|
@@ -233,6 +238,9 @@ module RSence
|
|
233
238
|
### Otherwise stops the client and returns false.
|
234
239
|
def check_ses( msg, ses_key, ses_seed=false )
|
235
240
|
|
241
|
+
## Perform old-session cleanup while checking for another
|
242
|
+
# expire_sessions
|
243
|
+
|
236
244
|
# first, check if the session key exists (sync)
|
237
245
|
if @session_keys.has_key?( ses_key )
|
238
246
|
|
@@ -302,12 +310,15 @@ module RSence
|
|
302
310
|
else
|
303
311
|
cookie_key = nil
|
304
312
|
end
|
305
|
-
|
313
|
+
if @session_cookie_keys.has_key?( cookie_key )
|
314
|
+
timeout = Time.now.to_i + @config[:timeout_secs]
|
315
|
+
else
|
306
316
|
cookie_key = init_ses
|
317
|
+
timeout = Time.now.to_i + @config[:timeout_first]
|
307
318
|
end
|
308
319
|
ses_id = @session_cookie_keys[ cookie_key ]
|
309
320
|
ses_data = @sessions[ ses_id ]
|
310
|
-
ses_data[:timeout] =
|
321
|
+
ses_data[:timeout] = timeout
|
311
322
|
renew_cookie_req_res( request, response, cookie_key, request.fullpath )
|
312
323
|
return ses_data
|
313
324
|
end
|
@@ -507,7 +518,7 @@ module RSence
|
|
507
518
|
ses_id = @session_cookie_keys[ cookie_key ]
|
508
519
|
|
509
520
|
# Expire the session
|
510
|
-
expire_session( ses_id )
|
521
|
+
# expire_session( ses_id )
|
511
522
|
|
512
523
|
return true
|
513
524
|
|
@@ -527,9 +538,6 @@ module RSence
|
|
527
538
|
query = request.query
|
528
539
|
end
|
529
540
|
|
530
|
-
## Perform old-session cleanup on all sync:s
|
531
|
-
expire_sessions
|
532
|
-
|
533
541
|
## The 'ses_id' request query key is required.
|
534
542
|
## The client defaults to '0', which means the
|
535
543
|
## client needs to be initialized.
|
@@ -550,7 +558,7 @@ module RSence
|
|
550
558
|
|
551
559
|
## The client tells that its ses_key is '0',
|
552
560
|
## until the server tells it otherwise.
|
553
|
-
(req_num, ses_seed) = ses_key.split('
|
561
|
+
(req_num, ses_seed) = ses_key.split(':1:')
|
554
562
|
|
555
563
|
if req_num == '0'
|
556
564
|
|
@@ -97,6 +97,7 @@ module RSence
|
|
97
97
|
end
|
98
98
|
begin
|
99
99
|
store_session_data( ses_data )
|
100
|
+
sleep @config[:db_sleep]
|
100
101
|
rescue => e
|
101
102
|
warn "Unable to dump session: #{ses_id}, because: #{e.message}"
|
102
103
|
end
|
@@ -173,8 +174,8 @@ module RSence
|
|
173
174
|
|
174
175
|
if @db_avail
|
175
176
|
remove_session_data( ses_id )
|
177
|
+
sleep @config[:db_sleep]
|
176
178
|
end
|
177
|
-
|
178
179
|
end
|
179
180
|
|
180
181
|
## Expires all sessions that meet the timeout criteria
|
@@ -183,12 +184,13 @@ module RSence
|
|
183
184
|
# Loop through all sessions in memory:
|
184
185
|
ses_ids = @sessions.keys.clone
|
185
186
|
ses_ids.each do |ses_id|
|
186
|
-
|
187
|
-
|
188
|
-
|
187
|
+
if @sessions[ses_id] and @sessions[ses_id].has_key?(:timeout)
|
188
|
+
timed_out = @sessions[ ses_id ][:timeout] < Time.now.to_i
|
189
|
+
else
|
190
|
+
timed_out = true
|
191
|
+
end
|
189
192
|
## Deletes the session, if the session is too old
|
190
193
|
expire_session( ses_id ) if timed_out
|
191
|
-
|
192
194
|
end
|
193
195
|
end
|
194
196
|
|
data/lib/rsence/transporter.rb
CHANGED
@@ -148,7 +148,7 @@ module RSence
|
|
148
148
|
request_content = JSON.parse( request_body )
|
149
149
|
rescue JSON::ParseError
|
150
150
|
warn "Request body isn't valid JSON: #{request_body}"
|
151
|
-
request_content = ['-1
|
151
|
+
request_content = ['-1:1:INVALID',{},[]]
|
152
152
|
end
|
153
153
|
options[:ses_key] = request_content[0]
|
154
154
|
options[:values] = request_content[1]
|
data/plugins/main/main.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rsence-pre
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.3.0.
|
4
|
+
version: 2.3.0.13
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -10,7 +10,7 @@ authors:
|
|
10
10
|
autorequire:
|
11
11
|
bindir: bin
|
12
12
|
cert_chain: []
|
13
|
-
date: 2012-11-
|
13
|
+
date: 2012-11-28 00:00:00.000000000 Z
|
14
14
|
dependencies:
|
15
15
|
- !ruby/object:Gem::Dependency
|
16
16
|
name: rsence-deps
|