yiffspace-auth 0.0.2 → 0.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: d19d9d8174528781d36a8abe31c4ac5a1571bef1ef9405cb9ba6397924bb6acc
|
|
4
|
+
data.tar.gz: 17545c629a6b9e975716d6e9c4dee590655157f497018fd58adb7464e2038bd3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: db86285b83c9782a81dabe08dd176656f1d6bd6ad229934da632719dea0a435bf3d6b82d4989aba0690a140d992490d650b3cf429240367a500f65f8e8309e81
|
|
7
|
+
data.tar.gz: b1bff84f959da2b59b0ef5bf5f9fa593134b934f2ef895d7c6e2246c87c04910312f88d7ad1690d26804d5d0b8282769b87d2155a31f2a5a5d4a3861311bd568
|
|
@@ -1,16 +1,50 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
3
|
require("logto/client")
|
|
4
|
+
require("securerandom")
|
|
4
5
|
|
|
5
6
|
module YiffSpace
|
|
6
7
|
module Extensions
|
|
7
8
|
module Logto
|
|
9
|
+
# LogtoClient::SessionStorage (our superclass) stores its values - PKCE verifier, nonce,
|
|
10
|
+
# state, and eventually the access/ID/refresh tokens themselves - directly in the Rails
|
|
11
|
+
# session, which is more than enough on its own to blow the ~4KB cookie limit. The gem's
|
|
12
|
+
# LogtoClient::RailsCacheStorage avoids the cookie but keys purely off app_id, with no
|
|
13
|
+
# per-browser scoping, so concurrent sign-ins from different users would stomp on each
|
|
14
|
+
# other's in-flight OAuth state. This keeps the per-browser scoping (still keyed off the
|
|
15
|
+
# session) but only stores a small opaque token there, with the real value in Rails.cache.
|
|
8
16
|
class NamedSessionStorage < LogtoClient::SessionStorage
|
|
17
|
+
CACHE_KEY = "yiffspace:auth:logto_storage:%s"
|
|
18
|
+
CACHE_TTL = 30.days
|
|
19
|
+
|
|
9
20
|
def initialize(name, session, app_id: nil)
|
|
10
21
|
super(session, app_id: app_id)
|
|
11
22
|
@name = name
|
|
12
23
|
end
|
|
13
24
|
|
|
25
|
+
def get(key)
|
|
26
|
+
token = @session[get_session_key(key)]
|
|
27
|
+
return nil if token.blank?
|
|
28
|
+
|
|
29
|
+
Rails.cache.read(format(CACHE_KEY, token))
|
|
30
|
+
end
|
|
31
|
+
|
|
32
|
+
def set(key, value)
|
|
33
|
+
session_key = get_session_key(key)
|
|
34
|
+
old_token = @session[session_key]
|
|
35
|
+
Rails.cache.delete(format(CACHE_KEY, old_token)) if old_token.present?
|
|
36
|
+
|
|
37
|
+
token = SecureRandom.hex(32)
|
|
38
|
+
Rails.cache.write(format(CACHE_KEY, token), value, expires_in: CACHE_TTL)
|
|
39
|
+
@session[session_key] = token
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def remove(key)
|
|
43
|
+
session_key = get_session_key(key)
|
|
44
|
+
token = @session.delete(session_key)
|
|
45
|
+
Rails.cache.delete(format(CACHE_KEY, token)) if token.present?
|
|
46
|
+
end
|
|
47
|
+
|
|
14
48
|
protected
|
|
15
49
|
|
|
16
50
|
def get_session_key(key)
|