Module: Roda::RodaPlugins::Sessions::RequestMethods

Defined in:

lib/roda/plugins/sessions.rb

Instance Method Summary

• #persist_session(headers, session) ⇒ Object

  Persist the session data as a cookie.

• #session ⇒ Object

  Load the session information from the cookie.

• #session_created_at ⇒ Object

  The time the session was originally created.

• #session_updated_at ⇒ Object

  The time the session was last updated.

Instance Method Details

#persist_session(headers, session) ⇒ Object

Persist the session data as a cookie. If transparently upgrading from Rack::Session::Cookie, mark the related cookie for expiration so it isn’t sent in the future.

# File 'lib/roda/plugins/sessions.rb', line 263

def persist_session(headers, session)
  opts = roda_class.opts[:sessions]

  if session.empty?
    if env[SESSION_SERIALIZED]
      # If session was submitted and is now empty, remove the cookie
      Rack::Utils.delete_cookie_header!(headers, opts[:key], opts[:remove_cookie_options])
    # else
      # If no session was submitted, and the session is empty
      # then there is no need to do anything
    end
  elsif cookie_value = _serialize_session(session)
    cookie = Hash[opts[:cookie_options]]
    cookie[:value] = cookie_value
    cookie[:secure] = true if !cookie.has_key?(:secure) && ssl?

    before_size = if (set_cookie_before = headers[RodaResponseHeaders::SET_COOKIE]).is_a?(String)
      set_cookie_before.bytesize
    else
      0
    end

    Rack::Utils.set_cookie_header!(headers, opts[:key], cookie)

    cookie_size = case set_cookie_after = headers[RodaResponseHeaders::SET_COOKIE]
    when String
      # Rack < 3 always takes this branch, combines cookies into string, subtract previous size
      # Rack 3+ takes this branch if this is the first cookie set, in which case before size is 0
      set_cookie_after.bytesize - before_size
    else # when Array
      # Rack 3+ takes branch if this is not the first cookie set, and last element of the array
      # is most recently added cookie
      set_cookie_after.last.bytesize
    end

    if cookie_size >= 4096
      raise CookieTooLarge, "attempted to create cookie larger than 4096 bytes (bytes: #{cookie_size})"
    end
  end
  
  if env[SESSION_DELETE_RACK_COOKIE]
    Rack::Utils.delete_cookie_header!(headers, opts[:upgrade_from_rack_session_cookie_key], opts[:upgrade_from_rack_session_cookie_options])
  end

  nil
end

#session ⇒ Object

Load the session information from the cookie. With the sessions plugin, you must call this method to get the session, instead of trying to access the session directly through the request environment. For maximum compatibility with other software that uses rack sessions, this method stores the session in ‘rack.session’ in the request environment, but that does not happen until this method is called.

# File 'lib/roda/plugins/sessions.rb', line 244

def session
  @env[roda_class.opts[:sessions][:env_key]] ||= _load_session
end

#session_created_at ⇒ Object

The time the session was originally created. nil if there is no active session.

# File 'lib/roda/plugins/sessions.rb', line 249

def session_created_at
  session
  Time.at(@env[SESSION_CREATED_AT]) if @env[SESSION_SERIALIZED]
end

#session_updated_at ⇒ Object

The time the session was last updated. nil if there is no active session.

# File 'lib/roda/plugins/sessions.rb', line 255

def session_updated_at
  session
  Time.at(@env[SESSION_UPDATED_AT]) if @env[SESSION_SERIALIZED]
end