Class: OMF::Web::Rack::SessionAuthenticator

Inherits:

Common::LObject

• Object
• Common::LObject
• OMF::Web::Rack::SessionAuthenticator

Defined in:

lib/omf-web/rack/session_authenticator.rb

Constant Summary

@@active =

false

@@expire_after =

Expire authenticated session after being idle for that many seconds

2592000

Class Method Summary

• .[](key) ⇒ Object
• .[]=(key, value) ⇒ Object
• .active? ⇒ Boolean
• .authenticate ⇒ Object
• .authenticated? ⇒ Boolean
• .logout ⇒ Object

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app, opts = {}) ⇒ SessionAuthenticator constructor

  opts - :no_session - Array of regexp to ignore.

Methods included from Common::Loggable

#_logger, #debug, #error, #fatal, #info, init_log, logger, set_environment, #warn

Constructor Details

#initialize(app, opts = {}) ⇒ SessionAuthenticator

opts -

:no_session - Array of regexp to ignore

# File 'lib/omf-web/rack/session_authenticator.rb', line 43

def initialize(app, opts = {})
  @app = app
  @opts = opts
  @opts[:no_session] = (@opts[:no_session] || []).map { |s| Regexp.new(s) }
  if @opts[:expire_after]
    @@expire_after = @opts[:expire_after]
  end
  @@active = true
end

Class Method Details

.[](key) ⇒ Object

# File 'lib/omf-web/rack/session_authenticator.rb', line 27

def self.[](key)
  OMF::Web::SessionStore[key, :authenticator]
end

.[]=(key, value) ⇒ Object

# File 'lib/omf-web/rack/session_authenticator.rb', line 31

def self.[]=(key, value)
  OMF::Web::SessionStore[key, :authenticator] = value
end

.active? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/omf-web/rack/session_authenticator.rb', line 10

def self.active?
  @@active
end

.authenticate ⇒ Object

# File 'lib/omf-web/rack/session_authenticator.rb', line 18

def self.authenticate
  self[:authenticated] = true
  self[:valid_until] = Time.now + @@expire_after
end

.authenticated? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/omf-web/rack/session_authenticator.rb', line 14

def self.authenticated?
  self[:authenticated]
end

.logout ⇒ Object

# File 'lib/omf-web/rack/session_authenticator.rb', line 23

def self.logout
  self[:authenticated] = false
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/omf-web/rack/session_authenticator.rb', line 54

def call(env)
  #puts env.keys.inspect
  req = ::Rack::Request.new(env)
  sid = nil
  path_info = req.path_info
  #puts "REQUEST: #{path_info}"
  unless @opts[:no_session].find {|rx| rx.match(path_info) }
    sid = req.cookies['sid'] || "s#{(rand * 10000000).to_i}_#{(rand * 10000000).to_i}"
    debug "Setting session for '#{req.path_info}' to '#{sid}'"
    Thread.current["sessionID"] = sid
    # If 'login_url' is defined, check if this session is authenticated
    login_url = @opts[:login_url] 
    if login_url && login_url != req.path_info
      if authenticated = self.class[:authenticated]
        # Check if it hasn't imed out
        if self.class[:valid_until] < Time.now
          debug "Session '#{sid}' expired"
          authenticated = false
        end    
      end
      unless authenticated
        return [301, {'Location' => login_url, "Content-Type" => ""}, ['Login first']]
      end
    end
    self.class[:valid_until] = Time.now + @@expire_after
  end
        
  status, headers, body = @app.call(env)
  if sid
    headers['Set-Cookie'] = "sid=#{sid}"  ##: name2=value2; Expires=Wed, 09-Jun-2021 ]
  end
  [status, headers, body]      
end