Module: Arc::HTTP::Session
- Defined in:
- lib/architect/http.rb
Class Method Summary collapse
Class Method Details
.read(request) ⇒ Object
9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 |
# File 'lib/architect/http.rb', line 9 def self.read(request) # ruby is awesome; hash keys might be strings or symbols tmp = if request[:event].has_key? :headers then request[:event][:headers] else request[:event]['headers'] end # continue our cookie search raw = tmp['cookie'] || tmp[:cookie] || false return {} if raw == false # if we found the cookie parse it; bail if _idx is missing parsed = raw.split(/=|;/).collect(&:strip) return {} unless parsed.include? '_idx' # return the decrypted payload payload = parsed[parsed.index('_idx') + 1] key = ENV['ARC_APP_SECRET'] || 'MDAwMDAwMDAwMDAwMDAwMA=='[0..15] JSON.parse(JWE.decrypt(payload, key)) end |
.write(payload) ⇒ Object
32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
# File 'lib/architect/http.rb', line 32 def self.write(payload) key = ENV['ARC_APP_SECRET'] || 'MDAwMDAwMDAwMDAwMDAwMA=='[0..15] encrypted = JWE.encrypt(payload.to_json, key, alg: 'dir', enc: 'A128GCM') maxAge = Time.at 788400000 * 1000 CGI::Cookie.new( 'name'=> '_idx', 'value'=> encrypted, 'maxAge'=> maxAge, 'expires'=> maxAge, 'secure'=> true, 'httpOnly'=> true, 'path'=> '/', 'sameSite'=> 'lax' ).to_s end |