Class: Utopia::Session

Inherits:

Object

• Object
• Utopia::Session

Defined in:

lib/utopia/session.rb,
lib/utopia/session/lazy_hash.rb

Overview

Stores all session data client side using a private symmetric encrpytion key.

Defined Under Namespace

Classes: LazyHash

Constant Summary

RACK_SESSION =

"rack.session".freeze

CIPHER_ALGORITHM =

"aes-256-cbc"

KEY_LENGTH =

32

Instance Method Summary

• #call(env) ⇒ Object
• #initialize(app, secret:, **options) ⇒ Session constructor

  A new instance of Session.

Constructor Details

#initialize(app, secret:, **options) ⇒ Session

Returns a new instance of Session.

# File 'lib/utopia/session.rb', line 33

def initialize(app, secret:, **options)
	@app = app
	@cookie_name = options.delete(:cookie_name) || (RACK_SESSION + ".encrypted")
	
	salt = OpenSSL::Random.random_bytes(16)
	@key = OpenSSL::PKCS5.pbkdf2_hmac_sha1(secret, salt, 1, KEY_LENGTH)
	
	@options = {
		:domain => nil,
		:path => "/",
		:expires_after => nil
	}.merge(options)
end

Instance Method Details

#call(env) ⇒ Object

# File 'lib/utopia/session.rb', line 47

def call(env)
	session_hash = prepare_session(env)

	status, headers, body = @app.call(env)

	if session_hash.changed?
		commit(session_hash.values, headers)
	end

	return [status, headers, body]
end