Class: Gitlab::Sessions::StoreBuilder

Inherits:
Object
  • Object
show all
Defined in:
lib/gitlab/sessions/store_builder.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(cookie_key, session_cookie_token_prefix) ⇒ StoreBuilder

Returns a new instance of StoreBuilder.



8
9
10
11
 
# File 'lib/gitlab/sessions/store_builder.rb', line 8

def initialize(cookie_key, session_cookie_token_prefix)
  @cookie_key = cookie_key
  @session_cookie_token_prefix = session_cookie_token_prefix
end

Instance Attribute Details

Returns the value of attribute cookie_key.



6
7
8
 
# File 'lib/gitlab/sessions/store_builder.rb', line 6

def cookie_key
  @cookie_key
end

#session_cookie_token_prefixObject (readonly)

Returns the value of attribute session_cookie_token_prefix.



6
7
8
 
# File 'lib/gitlab/sessions/store_builder.rb', line 6

def session_cookie_token_prefix
  @session_cookie_token_prefix
end

Instance Method Details

#prepareObject 



13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/gitlab/sessions/store_builder.rb', line 13

def prepare
  # Set expiry to very large number (practically permanent) instead of the default 1 week
  # as some specs rely on time travel to a distant past or future.
  Settings.gitlab['session_expire_delay'] = ::Gitlab::Database::MAX_INT_VALUE if Rails.env.test?

  [
    ::Gitlab::Sessions::CacheStore, # Using the cookie_store would enable session replay attacks
    {
      cache: ActiveSupport::Cache::RedisCacheStore.new(
        namespace: Gitlab::Redis::Sessions::SESSION_NAMESPACE,
        redis: Gitlab::Redis::Sessions,
        expires_in: Settings.gitlab['session_expire_delay'] * 60,
        coder: Gitlab::Sessions::CacheStoreCoder
      ),
      key: cookie_key,
      secure: Gitlab.config.gitlab.https,
      httponly: true,
      path: Rails.application.config.relative_url_root.presence || '/',
      session_cookie_token_prefix: session_cookie_token_prefix
    }
  ]
end